{"report_id":"8dc0215a-d2e1-4edf-bb09-44a94750aac3","version":6,"status":"done","tags":[],"date":"2025-06-23T01:08:33Z","url":{"schema":"http","addr":"vexa-tro.com/","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"45.9.149.36","port":0,"asn":49447,"as":"Nice IT Services Group Inc.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"vexa-tro.com/","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"title":"Vexa Tro | Official website Philippines 2025"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-01T01:08:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"vexa-tro.com","ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":60,"request_count":60,"received_data":2168087,"sent_data":29457,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":8136,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2025-06-20T12:54:35.368227Z","alert_count":0,"request_count":3,"received_data":1950,"sent_data":1275,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-06-23T01:08:12Z","timestamp":1750640892,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.19","port":56074,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-06-23T01:08:12.306668+0000\",\"flow_id\":1040454367616727,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":56074,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3602,\"start\":\"2025-06-23T01:08:12.237271+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-06-23T01:08:12Z","timestamp":1750640892,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.19","port":56082,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-06-23T01:08:12.316569+0000\",\"flow_id\":807632780445921,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":56082,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":911,\"bytes_toclient\":3602,\"start\":\"2025-06-23T01:08:12.248033+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-06-23T01:08:12Z","timestamp":1750640892,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.19","port":56096,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-06-23T01:08:12.325905+0000\",\"flow_id\":1425098753732711,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":56096,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":911,\"bytes_toclient\":3602,\"start\":\"2025-06-23T01:08:12.290919+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vexa-tro.com/js/spoiler.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f68bab6de0adedcc40e1a55460abeca","sha1":"f903e75d59de14759ff231395fee9447b15f3b0b","sha256":"ba40957e0be0a2cf4aeb47388f7827eae554c1cc4e158af21629c0e722c77553","sha512":"8de304d8a53f23b463b93480a37105c41a30e37899a7b67f71934240e026f4c5c9e2de4d7de0383ccfe53333343555605219646ed0b2429a6e74a8d7aead745d","ssdeep":"192:w6t39aKgJmZmlN3ijS714hUuAcBNgGYAcfAcUAcnAcow/PvPdOfrodBC/uzVDdzS:wE9aKgJmZmfSjS714hUuAcBNgTAcfAcf","tlshash":"9dd15090711f233623e6336e5434ee566858c6fbf5420faf78a49a9da0e28405273e7c","size":6440,"data":"","first_seen":"2024-12-28T11:23:31.669519Z","last_seen":"2026-04-04T01:39:01.070628Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5991df1c1ba4eaf8a7f2b03a4a7ff3db","sha1":"b3edb46c211b169cd51837293b36eff295547c2f","sha256":"1dcd49decec5db2793425fb415d051e825c6e0b9768cb396ce3e1d4e5249d84c","sha512":"d580be7677bc70bb4cbc9c0062262d03fd32ccb7a8cbef901fca6cb72a14f6187c53a4453ab4877277d7faa94c844fb131d44456a38219a95e088ba56b67a7a4","ssdeep":"","tlshash":"809002824d3d250143dca4d7743172028082142a7e2a8c814428091404f31a55561585","size":51,"data":"","first_seen":"2025-06-23T01:08:37.571099Z","last_seen":"2025-06-23T01:08:37.571099Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/sliders.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"844586cf8533319dfa0786605b66a7b7","sha1":"86dd4d03cdbfe6af44068b20926b88dd83dc30a9","sha256":"0a6d76becdf93c26f3a900ea04e9205fdd3f27048abec7e77cfc416fa73f0f5b","sha512":"c81ba670d003b0fb198bc6252b47aca21c11f66bdce112d77e4880308412167ef9750b0525f4733af32d41433e9d54c7ee6f54b83419f09dc21b33d205a58d28","ssdeep":"","tlshash":"a551ef807297b0be06b157073979cf50e4978668c0cf817bf4ea8a4dc5063bb0d949ec","size":2720,"data":"","first_seen":"2025-05-12T01:13:36.966734Z","last_seen":"2026-03-19T10:21:44.218672Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/inputmask.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f869249af176bf7f8f843b134cf34b98","sha1":"5133b8dcd2286552f2e6f422261e8f74741f8f02","sha256":"5b8e6af2eac6dc224477bcc4aab896c15eb8ade3d4f3117190a2d61ef4d006d5","sha512":"69ce9c2514b7ed063a36fef0f153d81fa9b0453968fc4158f83693c81a8d810d4ad5c3defde3acd0475ba4f8c2f74b285749e4b88fd21c7ac881de4913fdcbff","ssdeep":"768:+da8SCVCBLTRtVSCDEVHnbbfeKy3ps4iwrIMKvnCFDVYbEc92eCcQUqSCAnUdVuF:+gRptulbbfhMInCF5YbEeFU6bS0JAe","tlshash":"4ba319d43552b16287e371f440bf840aa23beb29a4999040b25af4d0797decb07b7f75","size":107018,"data":"","first_seen":"2024-12-28T11:23:31.683914Z","last_seen":"2026-04-04T04:03:43.875359Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/localization.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a46b97962c5aa9aa5929ced368cb3ce7","sha1":"a7d157e0f3bb4fc650a009460bb69e4e780a5b58","sha256":"d61622b433bec7b7b5548e24f4cd0f8828917beb007210dc1dc7d48eb128bf3a","sha512":"9b619fef2c8dcb1a5d5fe0b1ce148456f85abad0e4ed36075fb68a2e4bf9e64f5090c1a9e09d81ac1c1a087554e249691b7a8de080c7bf5224a5e49995cc944f","ssdeep":"768:VZWSnv3Lq5fvd57+AoLFHuc0mE4g4udnB4LN/5Y9bXL94Mwm:VsELq5f8Oc0H4inB4LNkbbKtm","tlshash":"4523091de2cc24d80740e2e7d92d34c567ed9caebffa95dad099c07121ee16f8418a87","size":46742,"data":"","first_seen":"2025-05-29T18:08:06.773584Z","last_seen":"2026-03-06T18:08:22.354217Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/adapt.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5099679a2ba7396b7a3e56e85b487bb0","sha1":"154e3dd443f80d5e594b51e0f5b624fd8d36ed8d","sha256":"19da36faf51b3d8ff867c3b0dfad881d3bb89a5c7fee2b8728bf6d62eb858c26","sha512":"7073bfd421c49f632e3f709a51aad248ff6407ba38d50d47a67ec2114449b70667296139d92848aa91d90d3ccbf377d4f130f0938ccdff29fb11d1b4fa7461f5","ssdeep":"","tlshash":"915104e1b50f6d9b56db13bf7037150afabed81190007aeaf8e4c5c861529410bf55f4","size":2999,"data":"","first_seen":"2024-12-28T11:23:31.667362Z","last_seen":"2026-04-04T01:39:01.049845Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/functions.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6abf7365821683c0c1981bd99ae9685b","sha1":"2cf8423432918648835bea93501317fb39690737","sha256":"f64e469125b3baa723c1670bdf8eedc8ad6a7c52439e86f3053dec1754948152","sha512":"33b9d06f4717f5e625e33dbc0d0847a9e85ae8010f2f3f285c0f61113bca126feda92c6100fdc05f68b32f26567b78e9947afeb8b1d99e4c95e9dc54cb63c7cf","ssdeep":"96:5daAQkSmLA9vYal206WwPSpdPeBfVL4WC557zwKHBoa:5HQ9mA1dv2w+zK1","tlshash":"929132b5702bd07606fa138fb1b6878cf87cb4e728435059a88c45883860f9566a15df","size":4274,"data":"","first_seen":"2024-12-28T11:23:31.670829Z","last_seen":"2026-04-04T01:39:01.060178Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/scroll.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"34db16e6fec27a1266d7975128810589","sha1":"fce555b5bd705212018eee4a1684cd76f68034cd","sha256":"c97c62cc2975c2dddd7f8aa63cf6081b99070674fdcef1f73aa2bd32c280923d","sha512":"b3f03231149737aea438502d679d62475c36f08047d274a369a912cbb13b9cf64bd6b320b5813654a9e1d58b89799cb192e8582a89370018a17dfe189f579799","ssdeep":"","tlshash":"67310268318b293983d5874dd13f2f847db94073b581a12da05d6c2f3f50bb9877608e","size":1553,"data":"","first_seen":"2024-12-28T11:23:31.672837Z","last_seen":"2026-04-04T01:39:01.038043Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/justvalidate.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5999ea06cbb02d9f509d7127f581ca57","sha1":"353b584854cfb425f4da8446734b1f5557d32eb2","sha256":"29d1548e149452387bacf862a93dc3049a1f63b90cb972d6091641d477734592","sha512":"9320ce7503b230e62b4dc62a4078e802091a4a8e5fe28f7495ffec44f1bcbe6aa56e4b1ded1824e5854992e11d52319596b70a866486a74b24eb33d5a5107090","ssdeep":"768:VkW++JZ/wbtODUsl8dJorXESRAwgJMgp81UuVvwnCByfDwty0HD/h7PCByCrCagl:mCCDSXrRAwgJMg5s5Y3gk56D","tlshash":"41d2d706267149234dd94aeae08b9543b3d0375da914a4ccf73decfb8a8dec630536b6","size":29666,"data":"","first_seen":"2024-10-04T14:22:46Z","last_seen":"2026-04-04T04:03:43.86933Z","times_seen":1109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/swiper.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"94b914340a274dd89291378be8c4aed3","sha1":"ebbf8701e803339f36f1057452c3cba9208d18f4","sha256":"37b1087a7fab429e8729b8552bdf931dd7667d81ee097acad724670f526e516d","sha512":"78a92be481df633ecb0961b613c5abe5f807b42055060322e447ba1a74ab81c6c67b17639b7f703b024a63166cd266e92bec350930417b36b203786b85ed870a","ssdeep":"1536:DIJIfGCcF8NkhbGd9+OzColxU8KBkiArqCvievtnS4U9ampFvfha7W5J7ifuANE3:EJgNE8VKBk91U9FpFvfsi5JeWAXe","tlshash":"c7d308896220b57646e356db93e4c261a3b50540b80ac8f470bd4c9f597ec9813feffa","size":136933,"data":"","first_seen":"2024-08-19T16:16:35.40255Z","last_seen":"2026-04-04T01:39:01.048422Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/intlTelInput-utils.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","size":259721,"data":"","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T04:03:43.891699Z","times_seen":995,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/menu.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d6eb1e39fa7735889cf0f8b75acb3f2","sha1":"b08044b873f5f67bab1e213acd05a1f7972c63b2","sha256":"8db61b38db945eb47dc8eb4d6dd9be37793b7531937e874e2457e3ac788982a1","sha512":"a102845cd14b780d5b1196e90204eda56cb5ee6eb063eb6d7a62f550033ad6c2e3e79642f64fd3a9124ed2b7957df017bff735c29bf0e20b869204f10446ecee","ssdeep":"192:Uj5IhkTXWRrnJSZK1O9F/28oDCrASi/BvvIGvML0srG2pD1l5RWPVz+2sEmE9guC:jkTXWRrnJSZK1GF/28o+MzJvAGvMIqGK","tlshash":"a4024484727f133986ef339a517c869af62c8892e443889fb87c5acc18b155153f1abd","size":8945,"data":"","first_seen":"2024-12-28T11:23:31.668216Z","last_seen":"2026-04-04T01:39:01.034591Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/formsHandlers.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a3b569ff7900d7067fd3dca741c2ef1","sha1":"219a823d5991d601838a30597cd991428e07fe89","sha256":"1f63c3eed801f24cbc83236e1e1456ffedfec06a92a44ef2a5b2024b974559ef","sha512":"476f35d13a2f811d957d4f5e818ad9c55302aaad4a4a08e4711ddc5ad7d351fced58bb020de016b390a0d6a01db180247bae9a8f8532bd71569c65c5f7c3239a","ssdeep":"96:SVRP4ZvN4f1wvNTpw7Hdw7HdzvNv6hw7HMNmMHMf1hFEURFuVIkcuWdl9Mn:IJqvef6vseVv1vQGftEURFumkcuWdl9o","tlshash":"9ab11249d7bd1e1905eb205ebc8d3e8d343510367818b02fb19c46fd27acba996d6bb0","size":5373,"data":"","first_seen":"2025-04-17T18:26:42.807912Z","last_seen":"2026-04-04T01:39:01.065254Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/cookies.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc418bb6dcb10c9c6fa2ec3f504c56ba","sha1":"9cd9e6f4f8b57e0047a88457546c5480574761f4","sha256":"5684597477e4a4dd05ac5e983cf6726fda4704896b1d642878cf5913fcde8d19","sha512":"9b0a78d7bb255afeee28b6d3baee485c3fd584fd6362a31809ea0d905b3a999b8e849fa6c50527f4bcbecd8bf22a88bd708409bc404328d13f34e9c4cd9c237b","ssdeep":"","tlshash":"c741456a3844242a05f327e5a59a625dff30a32272ab5406f0dda1f05f11d13cd9bcfe","size":2068,"data":"","first_seen":"2024-12-28T11:23:31.680731Z","last_seen":"2026-04-04T01:39:01.035622Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/forms.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ded136e24ee75ba7dc3a5db9a417c303","sha1":"7d75f32ddc89e13e85ea517d932d1eaf95906d5e","sha256":"8651df8821bd9405e71bf5f6a7a1b24d086ff15cd32ce550ba3073eb22d7165b","sha512":"2d53c2fadd2c86129f2db512aab47795269af5498cf32750912b947a3f9590152b488f36548c0b5584f81d1bfec1bd81912d7efa15a63a57e2fa514e1fa6cdc6","ssdeep":"384:fM/XK+gzbIVJiNq7BwqNUn6qsv5wHzO6k9bKSk109bK0eM1d5xoulfYJJbub/TyI:b3IVAN+BLIlG5wTEbKSTbK0eM1dfjlfj","tlshash":"e39252d8761f043bdae913ed70fe4441bdace66149409468b0fce40d36e6f984ab2bd9","size":20129,"data":"","first_seen":"2025-04-17T18:26:42.756382Z","last_seen":"2026-04-04T01:39:01.042887Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/scripts.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4b784c87e5bc6d6144218f8677c379a","sha1":"8e7c58a43f2cdd809c3017166fb20a332fde014a","sha256":"821a3a9b3b1665803d69fe10739e36e6a00a71e16e37470f9b548b9d6e7a038f","sha512":"3f6b147da0785f6a28807d24db00c69c8185429ba7bf1bc4de4a195b163ec89c7f0a9bd6f09eedab62192f9c74ada18676ec46144e8c5948c9afa83004c3cb8b","ssdeep":"","tlshash":"7ab0129160c2e3704fb3031c20e8500f8909125873015238944800c0b45a67275e100d","size":91,"data":"","first_seen":"2024-12-28T11:23:31.673933Z","last_seen":"2026-04-04T01:39:01.074063Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/intlTelInput.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c9bacd626f8da329cfd17986468b921","sha1":"b8ef112f4c44f07c914363756792e9baff14be34","sha256":"a5bd18c50d0bedc08c05eec31019f087887e4454a02b2f8959dbdfbebba8ffb9","sha512":"09e7d0ad1436136919ddd67933ebb806ec1dff914f3139af7b11f513064f54e02d82a8c7d35b511b0cd9ab18bb570dcd18d50f1722ea0a2ab64e2510536e78cd","ssdeep":"768:IY03Xlqn/kiIzOT9FSRo/6mCIQkjMdt24vD8B:ItiIzU/6YjMdo","tlshash":"55d2e7ae63655b37a6fcc2a270e54503ae6f79444a44083d7cacdece0288ed271f5b34","size":29519,"data":"","first_seen":"2024-12-28T11:23:31.679776Z","last_seen":"2026-04-04T04:03:43.86103Z","times_seen":996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"vexa-tro.com/img/slides/6.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/slides/6.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-1532\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 5426\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5426,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"722707c37b3bd5f3bb5ccd3a5b198abc","sha1":"68d297a0926671625b6dee1c01b58f3446b092e0","sha256":"f0c8bcd7d7746bb6937f7aeea7068a775eb2bb606964274ba77cfe65d9aeb181","sha512":"929df751af51ad7ab6fedc53f83b0a0f302f421701fe90a7c6459af36c0c2267b238fc9c00924c3b785118da5faec6aa4bd266a6701df6ea5d66c62e84fc1d41","ssdeep":"96:7Fxh+t6demA2Gzde40gsbwZyc1mJEuhxOUL7V9rHvlJQ1yJahQqm50NBkBTJDOJX:7js7m5GzkfbwdmdxrL7TDd28Y40bMTJe","tlshash":"58b18ed57baaad75bc265c9baaf7111a60d6734804f01fbc218f3d35309169fac0ad38","first_seen":"2025-05-29T18:08:06.870303Z","last_seen":"2025-12-31T09:31:56.115985Z","times_seen":5,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/quotes/2.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/quotes/2.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-10550\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 66896\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66896,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 972x943, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f35cf9fd068b54ab1880848690deff55","sha1":"0f38dd6f6a564460582408b74bda316d7e507320","sha256":"a25d6af2dbceab2c5a8b4d62ee9fe1de4dbccbd1665ec3915e7b9dc2089c84fa","sha512":"c7169329677d4f42bc04ad96867234276b0acd36a93f33794fe941f642c44e9c38bd96d193bc4acf8847570c570791a9558e34c816204a0fa9727f124a6270cf","ssdeep":"1536:jEswc4AzQEI5iw3zYSy5+v8d3+pFvXUNdWisAaq56mX2b1A3zGY:Yswc4dmwZy5+Y3GvkNbUq4ma1OGY","tlshash":"3e6302b0cd056ab931c4fb15f5a7e28230fd92b1aa94c98c8884d90f1553d379eaceb1","first_seen":"2024-12-28T11:23:31.688915Z","last_seen":"2026-04-04T01:39:01.04932Z","times_seen":66,"resource_available":false,"data":null}},"time_used":886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/quotes/5.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/quotes/5.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-de82\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 56962\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56962,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x962, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"05f21881518e9038ead58681f96a6945","sha1":"ccafe0cb2a504d3550c0ec869797163526e71c9f","sha256":"e46552163f5b69d3e06ec4d106aacaed4f97bac46129edc9bf0723193f17ce69","sha512":"f3fd23c4949538128e6d99bb73650ea1cb154f695ca2fc060e6ead92e461f02596dfb8148964e9f4d643df87b2ebb7d457d9a38fb4eb34b1823c039fdaae2987","ssdeep":"1536:9Qxa7Dqj1RdD9H89QfHW8nR9E79Ml31ZMYjihG:VDqj3RyKHW8R9yc317wG","tlshash":"2343023686ef468a8391e09df74bfcaa681d68bcd902ce64b166405df1c791c3077e1e","first_seen":"2024-12-28T11:23:31.688013Z","last_seen":"2026-04-04T01:39:01.064635Z","times_seen":67,"resource_available":false,"data":null}},"time_used":862,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":737,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/localization.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/localization.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-b711\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 46865\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46865,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"a46b97962c5aa9aa5929ced368cb3ce7","sha1":"a7d157e0f3bb4fc650a009460bb69e4e780a5b58","sha256":"d61622b433bec7b7b5548e24f4cd0f8828917beb007210dc1dc7d48eb128bf3a","sha512":"9b619fef2c8dcb1a5d5fe0b1ce148456f85abad0e4ed36075fb68a2e4bf9e64f5090c1a9e09d81ac1c1a087554e249691b7a8de080c7bf5224a5e49995cc944f","ssdeep":"768:VZWSnv3Lq5fvd57+AoLFHuc0mE4g4udnB4LN/5Y9bXL94Mwm:VsELq5f8Oc0H4inB4LNkbbKtm","tlshash":"4523091de2cc24d80740e2e7d92d34c567ed9caebffa95dad099c07121ee16f8418a87","first_seen":"2025-05-29T18:08:06.773584Z","last_seen":"2026-03-06T18:08:22.354217Z","times_seen":11,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":601,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/fonts/PlusJakartaSans-Bold.woff","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /fonts/PlusJakartaSans-Bold.woff HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: font/woff\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2293-c4a4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:55 GMT\r\nserver: \r\ncontent-length: 50340\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50340,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 50340, version 0.0","md5":"e1ec8afa61433725d4ae0849885bd085","sha1":"26c666fb3fab7365489bc2f73b1849f0ca856525","sha256":"29a25631383af69bc0dfb935acad827097e863102994f4dab3b12d5779f6a838","sha512":"36875d1cea698077d399e1a28365918142d49632151dd1bb0e22b8866d383bc0fb299c8d1ee828c711ebdd4281b9545f21f84147ed660d27a91841db00ad6d74","ssdeep":"1536:C4Z5BS/+IxLAtM8me86sobv3EIWZZznqRvUmMRf:zX0+IxcMVhYv3tWZZORv/g","tlshash":"bb33f17a6eafe78dc56a0b29cb1aa7f35f187bbad02e40340025134f35dd506c49a987","first_seen":"2024-09-28T07:08:10.117038Z","last_seen":"2026-03-19T10:21:44.193794Z","times_seen":33,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":411,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/6.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/6.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-e10\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3600,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"572030612ac6d0e67a763159c6736834","sha1":"379bb38795dd888d85bf70b3c61598c3ef8a660d","sha256":"6aa47eb18a4f9428b377ff71a1dae8cc79e9d4e827997ee939ec8e958c6f4fd0","sha512":"d3a55895a71d5e65f198687f9bce8dbb632b9472aa8556cd5f900529f54ce8daec07ffc3775621dae551169aa907a45ee9e14f08a9169dbc18c1966e99d1c320","ssdeep":"","tlshash":"f971a6fc3b3147f89a5570fb776115a4381761f57b8da228e3184f88348e8512963edb","first_seen":"2025-05-12T01:13:36.9413Z","last_seen":"2026-04-04T04:03:43.869853Z","times_seen":208,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/cards/3.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/cards/3.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-1b5c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 7004\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7004,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8afbcb71ce13655ea4bf6eb3f085935b","sha1":"bb99a7e5065ed25660678acc6307c1b6f01a709d","sha256":"72d9fbdba5ff424121b5cf64622cf3b8cc9a5f3d8323c6b0790aa922db181f10","sha512":"f4cb9f0f971d06679c3f3abbdea2ed28ef6477ed35e4c20b590c24c8a2f2ce728a8bfff80482f87467a734554ec05758e19215786763b7420e10a0c7d2bd2105","ssdeep":"192:eIjHrAqe/9JgzSsP529LsOCclMhtXF15Fg95bCVW:eXESovh1F15ypCVW","tlshash":"4ce195c43376e7f4e489f2fdca3975e6392e24ec7a4068a9c3911c04b91617d9d8c4e6","first_seen":"2024-12-28T11:23:31.665003Z","last_seen":"2026-04-04T01:39:01.058145Z","times_seen":61,"resource_available":false,"data":null}},"time_used":737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/swiper.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/swiper.min.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-216e5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 136933\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":136933,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65267), with CRLF line terminators","md5":"94b914340a274dd89291378be8c4aed3","sha1":"ebbf8701e803339f36f1057452c3cba9208d18f4","sha256":"37b1087a7fab429e8729b8552bdf931dd7667d81ee097acad724670f526e516d","sha512":"78a92be481df633ecb0961b613c5abe5f807b42055060322e447ba1a74ab81c6c67b17639b7f703b024a63166cd266e92bec350930417b36b203786b85ed870a","ssdeep":"1536:DIJIfGCcF8NkhbGd9+OzColxU8KBkiArqCvievtnS4U9ampFvfha7W5J7ifuANE3:EJgNE8VKBk91U9FpFvfsi5JeWAXe","tlshash":"c7d308896220b57646e356db93e4c261a3b50540b80ac8f470bd4c9f597ec9813feffa","first_seen":"2024-08-19T16:16:35.40255Z","last_seen":"2026-04-04T01:39:01.048422Z","times_seen":80,"resource_available":true,"data":null}},"time_used":881,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":265,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/scroll.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/scroll.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-611\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 1553\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1553,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"34db16e6fec27a1266d7975128810589","sha1":"fce555b5bd705212018eee4a1684cd76f68034cd","sha256":"c97c62cc2975c2dddd7f8aa63cf6081b99070674fdcef1f73aa2bd32c280923d","sha512":"b3f03231149737aea438502d679d62475c36f08047d274a369a912cbb13b9cf64bd6b320b5813654a9e1d58b89799cb192e8582a89370018a17dfe189f579799","ssdeep":"","tlshash":"67310268318b293983d5874dd13f2f847db94073b581a12da05d6c2f3f50bb9877608e","first_seen":"2024-12-28T11:23:31.672837Z","last_seen":"2026-04-04T01:39:01.038043Z","times_seen":59,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/slides/1.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/slides/1.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-7e8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 2024\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2024,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a68c0da94e276ec62263df77d97364ab","sha1":"70888da63a15a05bd3987aa2b39b9e2e452e2a8a","sha256":"9ae079430fa2724e464f7bf0e6f5efce96753dd867426594005764520df844c1","sha512":"f75284a420befafb011c72e147a799b39f2d68264fc727df3edd5d3aaf85c10e0b5a3ce8b9a25ff12137012be8a58b70859f8413fd3349137459779d57af9b24","ssdeep":"","tlshash":"46410a5b5d64b326d83548abee10a4496fd31c59c71296cf8f8e1067929bb134241e94","first_seen":"2025-05-29T18:08:06.852604Z","last_seen":"2025-12-31T09:31:56.104565Z","times_seen":5,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/slides/5.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/slides/5.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-776\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 1910\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1910,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f395d760c86bf095ed03658b598d4da0","sha1":"a4f615e390e469cb7ee02b1ec6c3a8586c98c92b","sha256":"e0d5b2bdea3a0a3e39cd05db767cd915cab0a8d446d931c42b67421630c432a2","sha512":"ac7df0e6c8137e1c2861d38356d2fd78c868a987c10336271e8c114d43be3bea51bbe04893c58897e78a2dafb405292f194b0a1d1eb9b5b63923dd4e6e98259b","ssdeep":"","tlshash":"ab413b10eacf14bec8a88e04eed7522d2940300978d9df211c6e04289078e8213876d3","first_seen":"2025-06-21T01:57:32.830161Z","last_seen":"2025-12-31T09:31:56.103684Z","times_seen":4,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/sliders.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/sliders.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-aa0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 2720\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2720,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"844586cf8533319dfa0786605b66a7b7","sha1":"86dd4d03cdbfe6af44068b20926b88dd83dc30a9","sha256":"0a6d76becdf93c26f3a900ea04e9205fdd3f27048abec7e77cfc416fa73f0f5b","sha512":"c81ba670d003b0fb198bc6252b47aca21c11f66bdce112d77e4880308412167ef9750b0525f4733af32d41433e9d54c7ee6f54b83419f09dc21b33d205a58d28","ssdeep":"","tlshash":"a551ef807297b0be06b157073979cf50e4978668c0cf817bf4ea8a4dc5063bb0d949ec","first_seen":"2025-05-12T01:13:36.966734Z","last_seen":"2026-03-19T10:21:44.218672Z","times_seen":21,"resource_available":true,"data":null}},"time_used":684,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Jun 2025 04:48:58 GMT","end":"Wed, 17 Sep 2025 04:48:57 GMT"},"fingerprint":{"sha1":"88:A4:4C:CB:13:BE:CA:B3:D3:96:C9:57:6A:11:AC:45:CA:0A:83:02","sha256":"EF:82:82:40:9D:7E:6E:0E:29:F7:26:8C:BE:6F:45:5A:78:DB:02:37:8A:E8:EA:95:39:17:EF:02:A4:05:30:B2"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vexa-tro.com/\r\nOrigin: https://vexa-tro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T04:48:00.941658Z","times_seen":46539,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":56,"dns":4,"connect":12,"send":0,"wait":156,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/slides/2.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/slides/2.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-92c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 2348\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2348,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"76d9f219f313da2c10e991a478b980ad","sha1":"10cd216cdc6bbbafb50b94212a85e6f622d2c73b","sha256":"2414edfa278f8a7a5d39ad73007790e23dd56a6bb74da596096e59199ba65e1b","sha512":"75bdc4fb62871e041bb629138a7fb8a11ee1138945fe789efde68061c7570f738d50fe8384bfbf5b1eba14df95b02a4e9619ba52728e17d4c863d697e8bdd801","ssdeep":"","tlshash":"38410b267ffc5117ed044e7f291717ea7111848851fec19e6702b0925ab341c5d9edc5","first_seen":"2025-05-29T18:08:06.75455Z","last_seen":"2025-12-31T09:31:56.10269Z","times_seen":5,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":649,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/grid/2.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/grid/2.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-268c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 9868\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9868,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32f3ff1b812cbc6a4a56d6f4436f4146","sha1":"13d73794c9ba2f077b41ce29fbc8170306794359","sha256":"86da7f1877dee0f837f02bcad1c847abc2f0803f3b8e8f2d69be934c4cc37e86","sha512":"33d2dfb47c992ee9d1bfceabf6a7aa5c5a42f38ef6696abfaf2b891fb9ddcde15e2313eee711b2c403f75257aa547a83c9a03f1d096e95843611a74f73fd96e6","ssdeep":"192:4coL3elQaV9HS6r+X/1xmG0mWbPbyaEHPRb8Y59iU2GCCsA6JvAiNwv2:4cyOqwn+P1MHbP7EHPRbPH2GClRI3v2","tlshash":"9012c0f34633cab9a4382251953993daa900a6c1839fd67e76cac74a23f02f353d5914","first_seen":"2025-05-29T18:08:06.893928Z","last_seen":"2025-12-31T09:31:56.107587Z","times_seen":5,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/slides/4.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/slides/4.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-8fc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 2300\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2300,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c86a265a57e60b5e1057beca7831708b","sha1":"dd4bc5f6968ae005947edff5283744fd8696791d","sha256":"7f7268c70718c1c6f017dbc30ffa00addd08ae925d5af9ec68914eadb5702e1a","sha512":"de8b280d064a6009aeef8c2492874ebd5c1bf8b3bc0bbbc4192f5748056f72f2a83369ecef973ee9397d54fc8af1ea671e67ba0273980f53bdef0ec9ef0dccb9","ssdeep":"","tlshash":"3e412be15702b350dc19ad7f3352bf8935144838f1aed8e24b1b1150d856d97093ddea","first_seen":"2025-05-29T18:08:06.768639Z","last_seen":"2025-12-31T09:31:56.081598Z","times_seen":5,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":529,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/loading.gif","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/loading.gif HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2292-1025\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 4133\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4133,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 32 x 32","md5":"87776ebd3eb7c2685c351a391de60b7b","sha1":"e8c6ea89a991b64f31ba3df3926552bd91e1be32","sha256":"82fcc4feff16864505ac2f138d9e22bfd673d81f20c57480af7c84cb56660a5f","sha512":"ea0fcb320d4493bc25244a10526e418fa9eca0a7ad5ff7aab234d13c25db14ee9f531f8074ec2fcbd0a5745033d13456918a583194029d4a1709d8439e08446a","ssdeep":"96:3HW7PK0nO0EIPozO7TuTbwkwRSZ6Ts7pZbSblUPZkbXrjfl0un:aK0nODi7qT0cZ6Tsz++ZkvTHn","tlshash":"d4813b1814c08d29e9e96a7bddf8101d0db15b8d6d799bab14a33616dc332f2091dbbc","first_seen":"2024-12-28T11:23:31.691696Z","last_seen":"2026-04-04T01:39:01.054437Z","times_seen":817,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/main-slide.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/main-slide.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-9842\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 38978\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38978,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8e077f7c937dd0fa8bf52b6e0f724732","sha1":"5365283f3d60b6bdd237ee8c3e7441e63a86ce94","sha256":"f4474e9bb20b941ea96455696c4abc22c023a61bd22c0d3fe8bff803c9683ed7","sha512":"b1777cb042805a0239fe5752b8c06dd011d935df0ae8e41e649b8eeac65a97743d6a15a524e52618870f4acfb3a239bb9d310a1436a3ddfd8676e24172dc8292","ssdeep":"768:05ekFmmnS821Z3Xde+C0fDl/HdirTG2NCTN8SvzisDFyVVVnypnZv9PL:meammPuZ3N7l/Hdi/G777FyjVn0n19","tlshash":"b603f137be9b70218862b8d32e2155c1d0373590dc97885fc499e9e0de1324f6ee99af","first_seen":"2025-05-29T18:08:06.856994Z","last_seen":"2025-12-31T09:31:56.088168Z","times_seen":5,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":121,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/formsHandlers.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/formsHandlers.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-14fd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 5373\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5373,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"C++ source, ASCII text","md5":"2a3b569ff7900d7067fd3dca741c2ef1","sha1":"219a823d5991d601838a30597cd991428e07fe89","sha256":"1f63c3eed801f24cbc83236e1e1456ffedfec06a92a44ef2a5b2024b974559ef","sha512":"476f35d13a2f811d957d4f5e818ad9c55302aaad4a4a08e4711ddc5ad7d351fced58bb020de016b390a0d6a01db180247bae9a8f8532bd71569c65c5f7c3239a","ssdeep":"96:SVRP4ZvN4f1wvNTpw7Hdw7HdzvNv6hw7HMNmMHMf1hFEURFuVIkcuWdl9Mn:IJqvef6vseVv1vQGftEURFumkcuWdl9o","tlshash":"9ab11249d7bd1e1905eb205ebc8d3e8d343510367818b02fb19c46fd27acba996d6bb0","first_seen":"2025-04-17T18:26:42.807912Z","last_seen":"2026-04-04T01:39:01.065254Z","times_seen":57,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/3.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/3.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-1a1c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 6684\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6684,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"79d2cc00fd6b6a83ab6d23f59e32c2d8","sha1":"a71dc52ded53af8984cf0c792e2a3588edfdae44","sha256":"354810d0931ca7dd5b645c4993e5813d47343fca780ab8904f7942ac42b6db2d","sha512":"aba2ab6abc2f9cc20ef639f003bdc0c3e7d256c8b3a77e7e5fc76e78d75f858139463b5889e169089d3ac341220a8d59087dd67b2d6433878233f6b5070d81ec","ssdeep":"192:ro3oZoI5MvItL+vtBB+WmaBW9p4q7zsRjIh39DjMY:M3oZoIevIt6lOwQpSY39DjMY","tlshash":"3bd1c7c423b545f8f408e4fb973a607a780361ee3a054858d7395f4c708a5ae6d5bacb","first_seen":"2025-05-12T01:13:36.980812Z","last_seen":"2026-04-04T04:03:43.893509Z","times_seen":209,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/7.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/7.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-2c2a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 11306\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11306,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7e472ad387b40cde9b874a9006741b03","sha1":"10107615957cf6e758852c7d04bc7ad7ef14c3ec","sha256":"aaf11f8e528d3a2813f33f83427a9007ad4ba74ce340886505dedeb1113f52a9","sha512":"ce4ace02239ea3bbb275add3741660a7b50508bc69437938bc9eda11b61d03c5d02df28ff77c880063fa1998891a92671f5d1d8d76a439db523d1079436e64fc","ssdeep":"192:HmCFvbY/oLhTK5DU8XWx+0Dsa+1TzRd2BqwNlWPli2YN7lXgU2JUtnBP6LFCFMsp:GovApZ9WxNIAqRLYrgz3OMiNdn","tlshash":"c432c6fc1fb183e9f911f2fabe3244d97c4621faba8c8935c3795d0871825645e069e1","first_seen":"2025-05-12T01:13:36.970821Z","last_seen":"2026-04-04T04:03:43.882364Z","times_seen":208,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/deco-3.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/deco-3.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-555a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 21850\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21850,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0e50327f3a62932cddd332b5a29104a1","sha1":"bf146519dbfcbe4ad27246cb445b56aef93320fe","sha256":"c0467d2c984cb8052113932e2dba210f287efc8bea6ab8aab843750741d568d5","sha512":"c351c42516999ce5657b767446d916d801664ec156c0febd2a45a42b91143fb2a7b25737e6d2c2a27528959b7470834b849c0c23ef9a65ef79908b0b3715a1e5","ssdeep":"384:dugcSNwMgw4Znm+kxkLlcRpG8YNP1hdfU/3aXKs3F7qRljKsHVo6:vv0w4Jm7bSPNP3FCqXKs3FGRAsHV/","tlshash":"a6a2e129dc91b5a0fae83326850e951603a0f150c88ecbe25186cfdc7bd2bc32edd507","first_seen":"2025-05-29T18:08:06.811839Z","last_seen":"2025-12-31T09:31:56.056417Z","times_seen":5,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/fonts/icons.ttf","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /fonts/icons.ttf HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: application/octet-stream\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2293-7d4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:55 GMT\r\nserver: \r\ncontent-length: 2004\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2004,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icons      ","md5":"bf5ce7392c40d352166c2d5201022cae","sha1":"bbe09f5fa91dd5df463e8fbaecceb7ef35477dd9","sha256":"69e0579c296b1c156822d90ef908542c650f9cdf33763d224065d044f991a0d2","sha512":"e5f4884aec502b7bf5b3e7a499011c3311090f493b6385f404428eede376f94037e422f73bc9560818ccf938867fb4aace63081b923466f89b5402d81c79a858","ssdeep":"","tlshash":"9b4163519b74decbd82203344898d7256bf1ed21ea97d34b80d96e825c665ec0c387ba","first_seen":"2025-05-12T01:13:36.968802Z","last_seen":"2026-04-04T04:03:43.878422Z","times_seen":861,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-23T01:08:09.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 23 Jun 2025 01:08:10 GMT\r\nserver: \r\nset-cookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f; Path=/; Max-Age=86400; SameSite=Lax\r\ncontent-length: 39160\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39160,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (427)","md5":"f05cd6eafe83d7621cbe3ef6202c8b77","sha1":"801a972deba44bc6341dd428d910110c81dadb09","sha256":"75c625a4966b9b7550f1c3fc7918dc9bee7c0c1825d6f4bdd8be2ccfae791520","sha512":"6af80e444b1628de5807a91cf690223a1c032bfbbf17044320edddfd42e63b96d17acae5b6e1e51d0dd448e28abd1c11693bbf886ae3e4183424916bc753b3a4","ssdeep":"768:J1b/JGqYunu39rwBGqYhlIcekEL9VnNghQBnAGJpGqYR1Vuca428d6ff:Z6Jyr9VnNxBnBJS1Vuca428d6ff","tlshash":"42036222a0593873575703e97b769709b2daca21d51244e4e2fad28e83d1dcb9f332c7","first_seen":"2025-06-23T01:08:37.536532Z","last_seen":"2025-06-23T01:08:37.536532Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":487,"dns":1,"connect":115,"send":0,"wait":306,"receive":163,"ssl":367},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/deco-6.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/deco-6.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-e2c4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 58052\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58052,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"01f1ff8bd9a628c343b777b715eb5570","sha1":"bd2b83f056f70eaa91c9e544009f6d77e6499c7c","sha256":"f414adfbbdbecd96013069e9469f195118fb99fbfb10d1f09701eab605dd55f2","sha512":"05ab53dc5492653f8db50c79b6fb915e36e59401103345618b101de2975eb0a786d6faeabb7ca0f9a6920a10adf1a1b243feb5a1b7f8c63bc862d1f56dc7dff1","ssdeep":"1536:hOQasU5s8Le6QtmF4RlbEqgUrEEI18wE0C9U9cv6afWO+06:hzaF5s8LtwSIZHtAE+8gUU6v6wWOM","tlshash":"68430276664f754fbb4a71751193b4b9b3084c978a458d01398f784cea802f382f973c","first_seen":"2025-05-29T18:08:06.803251Z","last_seen":"2025-12-31T09:31:56.067916Z","times_seen":5,"resource_available":false,"data":null}},"time_used":873,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":750,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/justvalidate.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/justvalidate.min.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-73e2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 29666\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29666,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29666), with no line terminators","md5":"5999ea06cbb02d9f509d7127f581ca57","sha1":"353b584854cfb425f4da8446734b1f5557d32eb2","sha256":"29d1548e149452387bacf862a93dc3049a1f63b90cb972d6091641d477734592","sha512":"9320ce7503b230e62b4dc62a4078e802091a4a8e5fe28f7495ffec44f1bcbe6aa56e4b1ded1824e5854992e11d52319596b70a866486a74b24eb33d5a5107090","ssdeep":"768:VkW++JZ/wbtODUsl8dJorXESRAwgJMgp81UuVvwnCByfDwty0HD/h7PCByCrCagl:mCCDSXrRAwgJMg5s5Y3gk56D","tlshash":"41d2d706267149234dd94aeae08b9543b3d0375da914a4ccf73decfb8a8dec630536b6","first_seen":"2024-10-04T14:22:46Z","last_seen":"2026-04-04T04:03:43.86933Z","times_seen":1109,"resource_available":true,"data":null}},"time_used":611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/fonts/Montserrat-Medium.woff","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /fonts/Montserrat-Medium.woff HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: font/woff\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2293-173ec\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:55 GMT\r\nserver: \r\ncontent-length: 95212\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95212,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 95212, version 0.0","md5":"9caca854597c1d6846e82387305aaf7b","sha1":"b30d3740da2145f0f9242540dbf5c73d96bfa9fc","sha256":"e61d0ad9b20e57c1ebe4557d12799b11ecd07a1955a769a54e4fe3b73982f006","sha512":"24233db7d9175afec3a4f42244e8d7483b450f22076d567a75db15577ce1deab66192e5c69fcbc68605bd7e49cb757b735f8a2877815ca9817683f5aa97ce9d0","ssdeep":"1536:CueUazXxBjhtAxG3H2xtvNZe8O9OyD8SO/EaxWG0J7yBPd+DBOp/IvSlxueieJ3l:CuEzXxlhtAxG3H2xrZ8OjvEedBPdi0th","tlshash":"189312ebefbcb20dfd9c83b346656f25222a801ba14316bd75ef003da51f511a029e57","first_seen":"2025-05-12T01:13:36.984569Z","last_seen":"2026-03-30T00:20:02.535206Z","times_seen":51,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/fonts/Montserrat-Regular.woff","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /fonts/Montserrat-Regular.woff HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: font/woff\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2293-17350\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:55 GMT\r\nserver: \r\ncontent-length: 95056\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95056,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 95056, version 0.0","md5":"4f412e70a5339443b9238c14152d17d2","sha1":"f6d39b8a482a26300a098cfdcc846aeb8b351394","sha256":"c97ac39e9f4b285870e0c90f5877cdbf6f545de2685ec000a4dea3b31691ba07","sha512":"be3b18f2a83aa7317380d3724f062cf67551b97adfcce0536ccb96ef5b99708695a270193fbfaed7a68d52fc2aeea31c054724225db04c5f123ec45407a5ae91","ssdeep":"1536:f5ihn1wN6xY4gWFHAtxiqi6oux7tm4yD8SO/EaxWG0J7yUmsxyyH02G2/KSISQco:f5iD7Ve/iqG81jvEedUm1Y06KStQ1","tlshash":"bb930213a6fe3b4ef6a427b82721af5b079638de15c65bcc80d4266c440ea305fdac0d","first_seen":"2025-04-16T02:18:32.186015Z","last_seen":"2026-03-30T00:20:02.517012Z","times_seen":48,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/deco-2.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/deco-2.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-82d0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 33488\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33488,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2bda3bdfd337669ab4e18e7cc8fe5959","sha1":"e8586953ecf72552995ef77c62b4779b3cd1fce6","sha256":"770374e415322e82d0692e9554e9579f97aee2ddd91a16b311be992a53c4ee05","sha512":"63c6656cba3937b97775c6b352020dfb519632c5e7ffa5660281c90348a9916503bfe57b63102ee934b4658e53fc9e96dad06dbc943a31a0101d8aeb551f8cab","ssdeep":"768:e7hcwGMic+2qB3vFmz8aEG/oxWN1NgLVK7woc:ATix26FmAHYos1NwK7w9","tlshash":"4be2f1c3f8aabeebe9a451ee0e4d950cc439292c770d12cb1fda551152087dc693a0e9","first_seen":"2025-05-29T18:08:06.775379Z","last_seen":"2025-12-31T09:31:56.121602Z","times_seen":5,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":121,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/5.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/5.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-11b2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 4530\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4530,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"abedbdb69413293eb5405bc1764b2291","sha1":"d5f699be91f1e73dd9430c0de8750018f21b353b","sha256":"90f911755d37cab3d81ea3ef9803f51ce66e12e63ed5d9559e8f36f41dcec65c","sha512":"8e86456629677c9a690985c7da2afc06d10b18957e907d111031d2e35bf1c5bfa7f9c2f80196f41e719ece575f99c8b1da8b95b1f00004ce55aef7f4bec989a8","ssdeep":"96:2uyIy3j35MjWNYOXtY5zrctQcH5jZ+Ca6qRnsFe6yoPHIo4GY:213kWtSz2H566qu3yPEY","tlshash":"f39194e92ff646fea540bfef9b215158ee9610f1b7480518d3389f2829574b0bd128c9","first_seen":"2025-05-12T01:13:36.954372Z","last_seen":"2026-04-04T04:03:43.871327Z","times_seen":208,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/8.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/8.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-76aa\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 30378\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30378,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7bd0b6cbde80d56d2fa127ec594bef9e","sha1":"826fd52c586ef16f229048a77a1fc7ee19b95ccf","sha256":"8a4bc00ce38b651df38d93d917977cf9176db723292e3cdb4d626ba4b9beafc1","sha512":"da1c6e48159a929ffb4d5432e157726abb54dcade3e79e19192d11e222856f85abcbd828f438d9039789365260ce97a3015359d84fafccbd739a0c7338bfab11","ssdeep":"768:BXhUJYmWWUkWhMnEED38PJtr0YeZEAFCNFbx:BXhUJT4M5D30JHemAFsFbx","tlshash":"24d248622883cfbeefe50c24f656edf6ed6628ddc09b9148db1515614ba6240d6c0ff0","first_seen":"2025-04-17T18:26:42.776775Z","last_seen":"2026-04-04T04:03:43.879842Z","times_seen":226,"resource_available":false,"data":null}},"time_used":777,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":663,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/deco-1.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/deco-1.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-5942\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 22850\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22850,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ff2dbdc5ba987414384a49217086337b","sha1":"a6e4e1595a839e775662f5e394bf905134b70086","sha256":"c38ddd4ada7c95566f41f9013dce5c7f3703958282de4f0320244cac10b93e61","sha512":"1e4da34ee9738de4d6c35cfc024c1fd4e5b668dffbdcff73bc79be8c4c24a3b5323e588b2f5eb5b731bc7291c939a0de4a951c36178546d0522681549030c326","ssdeep":"384:QtSep9ju6Blw5uG0juNdZGOQkx/as6feUFEj599OGsaAWDaslDHN2UdLZ2jNbov/:Qx966v69L7Fx/abnFm9OnaAQPBH8V36p","tlshash":"1ca2d0f9719cfc2a948ac40f3a5348545889dc26780fbe174e5bc90d8eba7ca0819ddb","first_seen":"2025-05-29T18:08:06.820712Z","last_seen":"2025-12-31T09:31:56.06633Z","times_seen":5,"resource_available":false,"data":null}},"time_used":772,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":657,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/deco-4.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/deco-4.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-2ccb8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 183480\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":183480,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d074524a6d1ada169ba6608549a159af","sha1":"bc894bdce0c82058f63e07bd42c1fbe4be970467","sha256":"303bd00349dc9bda392f29a503e11709c24278f52b032a23e89023a69ca97ae7","sha512":"6c8056d726bbf704ed96a6ee54e33dfb67d3f1b58f3ed96fc085bc0e8182f43c42005e64a726b16dd339a029c876a897d6aa70e658469adbfdc20e49d6d1acfc","ssdeep":"3072:0uNkCEz8VZXzVdaKM9u31+NbG3N8jcSuJQi1Dwtmi9EX51gXNHJs6:FyCDdM8+4d8jcSuJ7qmi9EX51Wp","tlshash":"610423682e48cee2d76cd4b8fb5fe45d0fe89a06a7021598dc5e725477d0b9f8d022c2","first_seen":"2025-05-29T18:08:06.795238Z","last_seen":"2025-12-31T09:31:56.118746Z","times_seen":5,"resource_available":false,"data":null}},"time_used":912,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":905,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/adapt.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/adapt.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-bb7\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 2999\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2999,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"5099679a2ba7396b7a3e56e85b487bb0","sha1":"154e3dd443f80d5e594b51e0f5b624fd8d36ed8d","sha256":"19da36faf51b3d8ff867c3b0dfad881d3bb89a5c7fee2b8728bf6d62eb858c26","sha512":"7073bfd421c49f632e3f709a51aad248ff6407ba38d50d47a67ec2114449b70667296139d92848aa91d90d3ccbf377d4f130f0938ccdff29fb11d1b4fa7461f5","ssdeep":"","tlshash":"915104e1b50f6d9b56db13bf7037150afabed81190007aeaf8e4c5c861529410bf55f4","first_seen":"2024-12-28T11:23:31.667362Z","last_seen":"2026-04-04T01:39:01.049845Z","times_seen":59,"resource_available":true,"data":null}},"time_used":720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":614,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/menu.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/menu.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-22f1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 8945\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8945,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"0d6eb1e39fa7735889cf0f8b75acb3f2","sha1":"b08044b873f5f67bab1e213acd05a1f7972c63b2","sha256":"8db61b38db945eb47dc8eb4d6dd9be37793b7531937e874e2457e3ac788982a1","sha512":"a102845cd14b780d5b1196e90204eda56cb5ee6eb063eb6d7a62f550033ad6c2e3e79642f64fd3a9124ed2b7957df017bff735c29bf0e20b869204f10446ecee","ssdeep":"192:Uj5IhkTXWRrnJSZK1O9F/28oDCrASi/BvvIGvML0srG2pD1l5RWPVz+2sEmE9guC:jkTXWRrnJSZK1GF/28o+MzJvAGvMIqGK","tlshash":"a4024484727f133986ef339a517c869af62c8892e443889fb87c5acc18b155153f1abd","first_seen":"2024-12-28T11:23:31.668216Z","last_seen":"2026-04-04T01:39:01.034591Z","times_seen":59,"resource_available":true,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/scope.png","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/scope.png HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2292-10b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 267\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":267,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 29 x 23, 8-bit colormap, non-interlaced","md5":"297d8409bac90f9a6c41f8d8f65efc93","sha1":"c4e925dbc2e74b21328233e2a81f22f5fc5f08c4","sha256":"96cd825941d2e26928dd10fd48781e48aae5085bb7d0908c3f7b6d5dd1774cdd","sha512":"621fcc0108acd538343b4d90f0a8666631b06066c240436d77c563a2b22376108357ec4cac75ea4729cecd1a403d5feb7fbeadc4f30b9582fab59cb49d3d2c8a","ssdeep":"","tlshash":"c5d02ebbab41b8eaec6c0272832005b68ea6c6e88600010e222ac0f1ad3c30f01e0781","first_seen":"2025-05-29T18:08:06.793379Z","last_seen":"2025-12-31T09:31:56.071585Z","times_seen":5,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Jun 2025 04:48:58 GMT","end":"Wed, 17 Sep 2025 04:48:57 GMT"},"fingerprint":{"sha1":"88:A4:4C:CB:13:BE:CA:B3:D3:96:C9:57:6A:11:AC:45:CA:0A:83:02","sha256":"EF:82:82:40:9D:7E:6E:0E:29:F7:26:8C:BE:6F:45:5A:78:DB:02:37:8A:E8:EA:95:39:17:EF:02:A4:05:30:B2"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vexa-tro.com/\r\nOrigin: https://vexa-tro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T04:48:00.941658Z","times_seen":46539,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":93,"dns":4,"connect":26,"send":0,"wait":155,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/1.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/1.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-f8a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 3978\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3978,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ed8c0d61dd92ad206d395939a2274d2f","sha1":"84a14ed6c32abd4a7640e9e4c2e3e2694e4cda3e","sha256":"ef502ac7f7f34d826c5c63f8896345e86e5b7994619936c462dcbadc676aba78","sha512":"44ed1d9ec65230272a48ede80db2e877770bbb609c18751c724fa35e229ad21fb024cc41769be8a08dc2853436a82abb70758625675c3f397bfab27507438828","ssdeep":"","tlshash":"3281c7de37f893e8f541f5efbb238424b85a40dab1484740d7b72e546a0a429d9e0cc7","first_seen":"2025-05-12T01:13:36.959068Z","last_seen":"2026-04-04T04:03:43.86155Z","times_seen":216,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/inputmask.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/inputmask.min.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-1a20a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 107018\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":107018,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65358)","md5":"f869249af176bf7f8f843b134cf34b98","sha1":"5133b8dcd2286552f2e6f422261e8f74741f8f02","sha256":"5b8e6af2eac6dc224477bcc4aab896c15eb8ade3d4f3117190a2d61ef4d006d5","sha512":"69ce9c2514b7ed063a36fef0f153d81fa9b0453968fc4158f83693c81a8d810d4ad5c3defde3acd0475ba4f8c2f74b285749e4b88fd21c7ac881de4913fdcbff","ssdeep":"768:+da8SCVCBLTRtVSCDEVHnbbfeKy3ps4iwrIMKvnCFDVYbEc92eCcQUqSCAnUdVuF:+gRptulbbfhMInCF5YbEeFU6bS0JAe","tlshash":"4ba319d43552b16287e371f440bf840aa23beb29a4999040b25af4d0797decb07b7f75","first_seen":"2024-12-28T11:23:31.683914Z","last_seen":"2026-04-04T04:03:43.875359Z","times_seen":150,"resource_available":true,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/cookies.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/cookies.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-814\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 2068\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2068,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"bc418bb6dcb10c9c6fa2ec3f504c56ba","sha1":"9cd9e6f4f8b57e0047a88457546c5480574761f4","sha256":"5684597477e4a4dd05ac5e983cf6726fda4704896b1d642878cf5913fcde8d19","sha512":"9b0a78d7bb255afeee28b6d3baee485c3fd584fd6362a31809ea0d905b3a999b8e849fa6c50527f4bcbecd8bf22a88bd708409bc404328d13f34e9c4cd9c237b","ssdeep":"","tlshash":"c741456a3844242a05f327e5a59a625dff30a32272ab5406f0dda1f05f11d13cd9bcfe","first_seen":"2024-12-28T11:23:31.680731Z","last_seen":"2026-04-04T01:39:01.035622Z","times_seen":59,"resource_available":true,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":471,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/intlTelInput-utils.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/intlTelInput-utils.min.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: W/\"680a2291-3f689\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 259721\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":259721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T04:03:43.891699Z","times_seen":995,"resource_available":true,"data":null}},"time_used":454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":441,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/slides/3.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/slides/3.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-c6a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 3178\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3178,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"37ad977f735b5843dabfaa919fef0526","sha1":"7847a77dd9e2da6c0ee4f88e13f4d6aef6dbe038","sha256":"50715bbe20c5e6e55c5f85eb9b00817368e953bdd523dd1d84626f000478d3db","sha512":"e33a25ab7b3b7cd281407950ecc6d3023287045e61ce8c726491918e1ee83e9139e25a3807be2163d77cd1e5be074ad88d490f3b0e3917fb7910d97c3ca158c5","ssdeep":"","tlshash":"d2615ca1e33a98d2df77417a5106db53aab99682ba271264d2f302429cc1c3f58111bc","first_seen":"2025-05-29T18:08:06.845156Z","last_seen":"2025-12-31T09:31:56.085471Z","times_seen":5,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/4.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/4.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-f44\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 3908\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3908,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f8f096360e5c3640ff6bae89ef544c0e","sha1":"3f745629c9d987f880c5aef653b49833907762c4","sha256":"a800ee814ff2df9fbcd65c29f7df3ef4192d0f385b86d5028818a44e6f6d1c4b","sha512":"4052abe9c55260293e2fa00fa776e22374938a29a53706f094d5d3ebce2fdd48d6681861e5a3be5d09f440a5975fcb8d0d00fd7ffed3f8137f2b6b3fabc2648d","ssdeep":"","tlshash":"66814fd97bf89bedb40ac6f662011e0e740751e7b9cac94ac31f9e09b9828005d0bcdd","first_seen":"2025-05-12T01:13:36.969778Z","last_seen":"2026-04-04T04:03:43.897175Z","times_seen":208,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":548,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/bg-1.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/bg-1.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-b478\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 46200\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46200,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1d4ac5a9cef7913f987c4a1caf0a6549","sha1":"61af46bb94c21229c839ca58ba2ad80877cc8bbf","sha256":"44d872518530bcc1d44b3f7d65bab6a50480e0623b4a561b2325d6bcc29e1eb4","sha512":"95136b00de2884e54e6733396b68a3cc68dc543a0cebb3f37014e4a02744dd51b703b5ddf7d4224bfb40ee0ab99230585ea8066c44f76fb63821e550477ecda7","ssdeep":"768:oqWbfjspc5+quI4wSwxWbIh75Ovyn6wlYNQhvkzLcgLyM10zE9KA/918XJTxefkd:4eU+ExcbILUitP1kzAxFs9YJTCQGBq1L","tlshash":"1323011ab2a64c31d1d2a845473c2ae13900937eb6085cf8b1be6c51ed5767cddcdcae","first_seen":"2025-05-29T18:08:06.771143Z","last_seen":"2025-12-31T09:31:56.120687Z","times_seen":5,"resource_available":false,"data":null}},"time_used":887,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":774,"receive":113,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/grid/3.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/grid/3.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-21e0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 8672\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8672,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a2e372c0cff3ae2d364ca15bb2d6bdb2","sha1":"e40fb3d013c769b40de4997aa921dcc004e0fd71","sha256":"d6232940fcb0ab45023db860d29ac92f70532e1eea595dfc56c0aa10b8a430de","sha512":"a2902d06f554ec85270fffaa062856c9a046b85cd1880fa54964e2022d7b4ef192eed77be7ed93b7ccd1ca51cbdb33e5f72869b5a5d763f38edba32ca05653b0","ssdeep":"192:FW1fLxP1t23tmZ5VPC2efVZN9DgccATUveHpI:Fa9P10AnVPC2efVX9DgrAT7H+","tlshash":"f602af781114d2b9bf1be0a29cd8cb94d381e4e7541da8b16e22d7017bce8fccc54b15","first_seen":"2025-05-29T18:08:06.799675Z","last_seen":"2025-12-31T09:31:56.113271Z","times_seen":5,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/deco/deco-5.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/deco/deco-5.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-b6d8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 46808\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"53de3e9ca6cee6b7289e43e88fab2375","sha1":"cb1af2a3571a3883d766838580911003a7aaf7bc","sha256":"8131896d01782fc4976023b5eb3b6201ffe8740a6ea211ecf826ea928dc8d963","sha512":"b243b42d6d8bbb884f57991d8ccbbca6d86d965fbe2a345cbb72f255513e6e93609f9e22e15f5a0f91507b3dd5f2381e0f3b1c6f64b93b3de6b956d6308ea42f","ssdeep":"768:B1kfJQB8w5bCB+JJKq4wbbccl6tLsxJ/JTqXGxFVIPiKtmnD+oxNlmmmYMfhPA:Dkxnw5bC64wbbcclhBTxFOiUoD9lPmbG","tlshash":"fb23f1a01efd3314f264b5f76bf830490da9e146347aef90461e83641e0afb1ce66525","first_seen":"2025-05-29T18:08:06.787706Z","last_seen":"2025-12-31T09:31:56.1104Z","times_seen":5,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":752,"receive":113,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/functions.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/functions.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-10b2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 4274\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4274,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"6abf7365821683c0c1981bd99ae9685b","sha1":"2cf8423432918648835bea93501317fb39690737","sha256":"f64e469125b3baa723c1670bdf8eedc8ad6a7c52439e86f3053dec1754948152","sha512":"33b9d06f4717f5e625e33dbc0d0847a9e85ae8010f2f3f285c0f61113bca126feda92c6100fdc05f68b32f26567b78e9947afeb8b1d99e4c95e9dc54cb63c7cf","ssdeep":"96:5daAQkSmLA9vYal206WwPSpdPeBfVL4WC557zwKHBoa:5HQ9mA1dv2w+zK1","tlshash":"929132b5702bd07606fa138fb1b6878cf87cb4e728435059a88c45883860f9566a15df","first_seen":"2024-12-28T11:23:31.670829Z","last_seen":"2026-04-04T01:39:01.060178Z","times_seen":59,"resource_available":true,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/fonts/PlusJakartaSans-ExtraBold.woff","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /fonts/PlusJakartaSans-ExtraBold.woff HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: font/woff\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2293-c178\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:55 GMT\r\nserver: \r\ncontent-length: 49528\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49528,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 49528, version 0.0","md5":"4b44ec109e9e0fd495d62a105a66756f","sha1":"a460bec0ab6f4ad9c8ff38ce5a22911f29420fd0","sha256":"89ae2a229fd6ef3b7f9008fd92051360d809dce25a3be19c58430819525af1bd","sha512":"791115d01512ac7b79180690645431a4ff0cb36ba6734845bcd2fd2ed87440521e0b96dbc99fa47ee2ac5259618529fb5d920b59523c7a53ef0028ee5212be19","ssdeep":"768:7GyvxcmrYImu4/hKuvbbl7yQk2B2G7psMOy816VKxfO0GcQHTyy6VEUzSCsTfE:7ZRYwkDDblW4Ympb0+IOZZzytyuuM","tlshash":"ab23f10d7134ae1ce3bd5636cdb052760abc6fbe188f4d8a5cba631f95e30c16167889","first_seen":"2025-05-12T01:13:36.983537Z","last_seen":"2026-03-19T10:21:44.220109Z","times_seen":22,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/css/style.css","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: text/css\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-3c4fc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 247036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":247036,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (328)","md5":"827b4511885d56f3038c4f3a674cd8d1","sha1":"e93494e8821d098678e488b1b6abb97b6145ee11","sha256":"68af9e85f638cdb38cd79c6319ca6ecabb711b86ef846077a355c4772375ac73","sha512":"30d6fa0c56c554c3d72de9200994bd9d50b7b83ca24660a64b7bbbc8000d6067f9f8af758fae36deba0435d088fd36c50016e35512c8a014c7b6467d8d9fa8ba","ssdeep":"6144:PoCvjVV8PH88AGWklKX9XWd3m4Fjhq3wj9d:PoCvjVVMH88AGWkY9XWd3m4Fjhq3wj9d","tlshash":"2b34a82772012804a52bca1d2fce4764173da062ae1d4ddfba462899c3cbed571b3fd6","first_seen":"2025-05-29T18:08:06.832566Z","last_seen":"2025-12-31T09:31:56.098003Z","times_seen":4,"resource_available":false,"data":null}},"time_used":940,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":607,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/favicon.png","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/favicon.png HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2291-389b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 14491\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"e74327a585db022ce9349b818b890c2c","sha1":"4fe609a73d5221d321146ff3e123ed10027acebb","sha256":"860a045963953db511f76564a55d2c1df832164f59847d53c3a2a78724673874","sha512":"2f8c14b84a5abc60c92d2529ff8236364d7e422b733e6484fbada8a074626dab8b4f2ae40bf63a593f3742764fecedb54d8a4ff8f07b30e5ccf26e027f3a40f9","ssdeep":"384:KpH/yDLqE15g9iplQK/Rmax2Hj4dN/hNwH26T:KV/y/qMmI4K5makkoHJT","tlshash":"5e52c0032e3926f787d9239fca71dde248498c84503f62da2db64063152165b55eeff0","first_seen":"2024-12-28T11:23:31.700789Z","last_seen":"2026-03-20T11:22:17.791884Z","times_seen":33,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Jun 2025 04:48:58 GMT","end":"Wed, 17 Sep 2025 04:48:57 GMT"},"fingerprint":{"sha1":"88:A4:4C:CB:13:BE:CA:B3:D3:96:C9:57:6A:11:AC:45:CA:0A:83:02","sha256":"EF:82:82:40:9D:7E:6E:0E:29:F7:26:8C:BE:6F:45:5A:78:DB:02:37:8A:E8:EA:95:39:17:EF:02:A4:05:30:B2"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vexa-tro.com/\r\nOrigin: https://vexa-tro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T04:48:00.941658Z","times_seen":46539,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":83,"dns":0,"connect":35,"send":0,"wait":155,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/cards/1.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/cards/1.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-713\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 1811\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1811,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cec3c9ef62fdc8bd334d52acd9b00f02","sha1":"071bc0f887a52b588e6a64ede29c80479b0ecac0","sha256":"97c9463f996afdc10dd82de0d490d2f7a655f75237d28e3263d367e1227aac11","sha512":"d60bce849683ca9022af5a0c6e239fcc814b4de3a127103bdd3f9e326e836554b389fac47220c79b7fc49fa1b44103f57b5614f80aa0897656a6a6c89cd9b3ff","ssdeep":"","tlshash":"ac3151d0af38c3a4a800f279cb1a76e47e6768c677011034c2682d08a9d47665e99afb","first_seen":"2024-12-28T11:23:31.678845Z","last_seen":"2026-04-04T01:39:01.072469Z","times_seen":61,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":514,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/scripts.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/scripts.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2291-5b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 91\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"d4b784c87e5bc6d6144218f8677c379a","sha1":"8e7c58a43f2cdd809c3017166fb20a332fde014a","sha256":"821a3a9b3b1665803d69fe10739e36e6a00a71e16e37470f9b548b9d6e7a038f","sha512":"3f6b147da0785f6a28807d24db00c69c8185429ba7bf1bc4de4a195b163ec89c7f0a9bd6f09eedab62192f9c74ada18676ec46144e8c5948c9afa83004c3cb8b","ssdeep":"","tlshash":"7ab0129160c2e3704fb3031c20e8500f8909125873015238944800c0b45a67275e100d","first_seen":"2024-12-28T11:23:31.673933Z","last_seen":"2026-04-04T01:39:01.074063Z","times_seen":59,"resource_available":true,"data":null}},"time_used":670,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/cards/4.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/cards/4.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-2475\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 9333\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f674e9e565dd9e10ee5839314ca32762","sha1":"110abd304e1a6ecdad7e989a172afdc10270ea6a","sha256":"1d58d6c356a6bcee4968365c6e1e9ed8c8edc240b40ab8a32ef3c93dd8fd2398","sha512":"637b1a7f00646c368de39448b94b9abc05fb250848412884943f43466b92873a4018919575aaabdeb3419af9cf744f056f44d311ba10a90af4c42d2f63d53773","ssdeep":"192:git15I5GKbR7IaAkKH5IWlqdDgTHVkidbBKjKgONUA:nrizIh/ygNngs","tlshash":"d912c6d43b75d7e8f905b2fcca2964d2be9724ddfb0584a0c3602d25ac02125ee9a9d3","first_seen":"2024-12-28T11:23:31.66147Z","last_seen":"2026-04-04T01:39:01.05303Z","times_seen":61,"resource_available":false,"data":null}},"time_used":736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":631,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/cards/2.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/cards/2.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-372\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 882\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":882,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57258ca40cc39c7888cc7a110ccb30eb","sha1":"1cb7e11c60a69fc3164c6e6e8748a6ec0719aab2","sha256":"e0df1bf572d3b536485f841610b9e3d5f7114651e209adfcfd6b4d4a3934ee49","sha512":"1ee2c51345bdcde0341e8625cc573d03abb0b6ffcf25b3a4f600d4808e695110e349c89007a5e5e2cfb73426b07fa4d097060230b011ff8b7f0a60807b2144d2","ssdeep":"","tlshash":"271152c0a31c46a5d1025a71c11f74256ceb60f66208e59ece4a291fef526fd2c10bdd","first_seen":"2024-12-28T11:23:31.663919Z","last_seen":"2026-04-04T01:39:01.033055Z","times_seen":61,"resource_available":false,"data":null}},"time_used":737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":104,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/quotes/3.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/quotes/3.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-a76c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 42860\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42860,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x960, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f6b913c6a90281c612441184b5d054b2","sha1":"76e1ae5fb9a6d78785db8c6e3f3026d3a233e1e1","sha256":"e33aa13866d146c0346087460c5d372b6894ebb51b8ee5df2bf05792327eb70d","sha512":"b7b6947d0ba2a82772152ae7b77dc85a3161fabb81d667cdf29cc98ab08f81d46531baedb1c8fb6ded055c79a7c7752375f7cee0b5943418521be3eb68d3cbea","ssdeep":"768:BZzxQ6SVavwJk9le1eTMQvYxBjkQAFzUcfD8z7XIyaMs5ZFCl7nwPUfTSKOQ2Ag3:BaaP9ZMQvcAFzDfD8fXOZFClVTSKONAy","tlshash":"2013028f8a5d9319590dc8c9f356cc0c54a5ec7fb9ec78e5e87a0a66e00b7d342110c7","first_seen":"2024-12-28T11:23:31.682934Z","last_seen":"2026-04-04T01:39:01.053838Z","times_seen":67,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/quotes/1.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/quotes/1.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-fb64\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 64356\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64356,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x956, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"83bb560655a7ba2fad752705a50497ca","sha1":"579fea4c4c30401784e90d3cd1aa5ae94b3a7cc3","sha256":"09f1190dccd5f0abd59aa1acfefc8a2ce53c69ea9f59d094390f1c5221709f4d","sha512":"511575466b4c769511e0726b2ad0c43f2254a6444eba94ee5537fa4ee4d85b992dae3483b25a135d4a99a52ded82aec70bf596ba4f9b2a94889f4a9fe01c4857","ssdeep":"1536:mdGuWQBeCyRttjM8hzqIVD2yiFdbXDkPWR7VlFn:mtverRttF9a1FtDkPclFn","tlshash":"9f5302a033e5e6667b52164f5d9e08ac0119e12fc4938294e6123fbfe9b43d2512fa35","first_seen":"2024-12-28T11:23:31.68694Z","last_seen":"2026-04-04T01:39:01.046154Z","times_seen":67,"resource_available":false,"data":null}},"time_used":864,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":736,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/intlTelInput.min.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/intlTelInput.min.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-734f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 29519\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29519,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29164)","md5":"6c9bacd626f8da329cfd17986468b921","sha1":"b8ef112f4c44f07c914363756792e9baff14be34","sha256":"a5bd18c50d0bedc08c05eec31019f087887e4454a02b2f8959dbdfbebba8ffb9","sha512":"09e7d0ad1436136919ddd67933ebb806ec1dff914f3139af7b11f513064f54e02d82a8c7d35b511b0cd9ab18bb570dcd18d50f1722ea0a2ab64e2510536e78cd","ssdeep":"768:IY03Xlqn/kiIzOT9FSRo/6mCIQkjMdt24vD8B:ItiIzU/6YjMdo","tlshash":"55d2e7ae63655b37a6fcc2a270e54503ae6f79444a44083d7cacdece0288ed271f5b34","first_seen":"2024-12-28T11:23:31.679776Z","last_seen":"2026-04-04T04:03:43.86103Z","times_seen":996,"resource_available":true,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/spoiler.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/spoiler.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-1928\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 6440\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6440,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"5f68bab6de0adedcc40e1a55460abeca","sha1":"f903e75d59de14759ff231395fee9447b15f3b0b","sha256":"ba40957e0be0a2cf4aeb47388f7827eae554c1cc4e158af21629c0e722c77553","sha512":"8de304d8a53f23b463b93480a37105c41a30e37899a7b67f71934240e026f4c5c9e2de4d7de0383ccfe53333343555605219646ed0b2429a6e74a8d7aead745d","ssdeep":"192:w6t39aKgJmZmlN3ijS714hUuAcBNgGYAcfAcUAcnAcow/PvPdOfrodBC/uzVDdzS:wE9aKgJmZmfSjS714hUuAcBNgTAcfAcf","tlshash":"9dd15090711f233623e6336e5434ee566858c6fbf5420faf78a49a9da0e28405273e7c","first_seen":"2024-12-28T11:23:31.669519Z","last_seen":"2026-04-04T01:39:01.070628Z","times_seen":60,"resource_available":true,"data":null}},"time_used":708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/grid/1.webp","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/grid/1.webp HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/webp\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: \"680a2292-2f20\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 12064\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12064,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"76c10e08dfcccee84a47c54a6aef2270","sha1":"89e82d60b4d84eb87436c3935e85570b1e73d649","sha256":"5d1a3eec151ffdfb6a1d43f93809f52e5a7404b79f936d82529c104ef0bd16ad","sha512":"c6351e5e20bc9902049b87c7766be3e194a612443661068de9ef763b788a2e67f591e0f4038e3aa95dc099a90200a5b3b839e0f4c5ffa16552d330498d8af473","ssdeep":"192:PWG05MG4nJTNKps8hvklAIiXoHaI6Re1hUwYdE+AjnYazEHMyH9fdlCFF8qASEMj:PxdG4ZNIM+FXoER2UtE+ApzE9H9Wf8ba","tlshash":"f342e02165202c63d7794fcb2a42ab5c050aa73aad700fcc81d00ed8f4bd7335ae0686","first_seen":"2025-05-29T18:08:06.850254Z","last_seen":"2025-12-31T09:31:56.052967Z","times_seen":5,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/js/forms.js","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /js/forms.js HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2291-4ea1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:53 GMT\r\nserver: \r\ncontent-length: 20129\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20129,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"ded136e24ee75ba7dc3a5db9a417c303","sha1":"7d75f32ddc89e13e85ea517d932d1eaf95906d5e","sha256":"8651df8821bd9405e71bf5f6a7a1b24d086ff15cd32ce550ba3073eb22d7165b","sha512":"2d53c2fadd2c86129f2db512aab47795269af5498cf32750912b947a3f9590152b488f36548c0b5584f81d1bfec1bd81912d7efa15a63a57e2fa514e1fa6cdc6","ssdeep":"384:fM/XK+gzbIVJiNq7BwqNUn6qsv5wHzO6k9bKSk109bK0eM1d5xoulfYJJbub/TyI:b3IVAN+BLIlG5wTEbKSTbK0eM1dfjlfj","tlshash":"e39252d8761f043bdae913ed70fe4441bdace66149409468b0fce40d36e6f984ab2bd9","first_seen":"2025-04-17T18:26:42.756382Z","last_seen":"2026-04-04T01:39:01.042887Z","times_seen":45,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":581,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/flags.png?1","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:12.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/flags.png?1 HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/css/style.css\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 23 Jun 2025 01:08:12 GMT\r\netag: \"680a2292-112b5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 70325\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":70325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5762 x 15, 8-bit/color RGBA, non-interlaced","md5":"0b1ca148890222235a0f9903636ca21a","sha1":"b451b4db431749cc40cc2a5f271f9807ca21f1d3","sha256":"54dc5bc49fbe41359681fa0af8add039fa1383a4f4eade34f7a0a5a257dd1caa","sha512":"37553ab4cecdb30b631d883dc0a1afe4b5e81b921fa2fb8054a63fa054c2f57954dddebfee1a5b676f97a392b954aaa553a803e6e9abeedd56f87da0b58a8475","ssdeep":"1536:3Cc3jdCcCx1zjonyR5/Gm5mwoKVehnITl1G/Ghdfal4pMy9c:SczdzCx9jonyT5mwo1hIp1hQ4pMOc","tlshash":"966302b241c2a627f87cb972b955522b673bfb30d280780a00cf15b6979517f04e3a3a","first_seen":"2023-09-16T21:00:24Z","last_seen":"2026-04-04T04:03:43.868259Z","times_seen":5034,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vexa-tro.com/img/partners/2.svg","fqdn":"vexa-tro.com","domain":"vexa-tro.com","tld":"com"},"ip":{"addr":"104.168.101.21","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://vexa-tro.com/","date":"2025-06-23T01:08:11.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vexa-tro.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 10:33:53 GMT","end":"Wed, 23 Jul 2025 10:33:52 GMT"},"fingerprint":{"sha1":"60:3F:BC:1D:2C:4E:D0:FF:B7:7E:46:54:F2:B3:77:21:F8:51:FC:4A","sha256":"CC:5F:30:BB:F2:76:F5:6B:9B:3C:9E:A0:26:A5:CB:75:3A:CC:15:25:7B:D2:BC:BE:7C:7C:1B:3B:C6:BE:F2:EA"}}},"request":{"raw":"GET /img/partners/2.svg HTTP/1.1\r\nHost: vexa-tro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vexa-tro.com/\r\nCookie: 392d0516=261f70d7b755771b07955cf4ea78d7b0b14f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=315360000\r\ncontent-type: image/svg+xml\r\ndate: Mon, 23 Jun 2025 01:08:11 GMT\r\netag: W/\"680a2292-11a6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Thu, 24 Apr 2025 11:37:54 GMT\r\nserver: \r\ncontent-length: 4518\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4518,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cdadf4da300afd7bb83c66c224d073bd","sha1":"b29e36e91f1d36596a19bad69876f266820c8a8c","sha256":"0a17afde2e5231958996f8015cbef0efedd7c5772b10b59824aa9a5e9d7be659","sha512":"f33dc5fbe34f5e61750fb273041d74e1895a8d57aa00ee883a1cf562159b54c67d373e85c92c6e3a736a339610ddf0a0f6badf292ffd2338ca7a13d064b99a45","ssdeep":"96:GDkFFSSJSYOgs7jSlSQFd1Ko/4GwCsvQGY:RFF74YplSEdb/4GmY","tlshash":"dd91d8c833fd11facc42eda2ff26a47a345f11ee62590d60c3656f0928688e95e268c0","first_seen":"2025-05-12T01:13:37.000993Z","last_seen":"2026-04-04T04:03:43.882843Z","times_seen":215,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-23","alert":"Sinkholed","trigger":"vexa-tro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}