{"report_id":"a68bbf23-8960-4c62-8b2e-5af51a3f260c","version":6,"status":"done","tags":[],"date":"2025-10-10T10:39:23Z","url":{"schema":"https","addr":"urlvanish.com/8ec66b7a","fqdn":"urlvanish.com","domain":"urlvanish.com","tld":"com"},"ip":{"addr":"172.67.215.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"title":"Kosdegmedmeg.com"},"submit":{"url":{"schema":"https","addr":"urlvanish.com/8ec66b7a","fqdn":"urlvanish.com","domain":"urlvanish.com","tld":"com"},"ip":{"addr":"172.67.215.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-14T10:39:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"greenplacetech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.eln3ax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.opoxv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.chmsrv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.chmsrv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.chnsrv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"urlvanish.com","ip":{"addr":"172.67.215.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-27","domain_rank":4964821,"first_seen":"2025-06-03T03:24:46.603101Z","last_seen":"2025-09-26T00:05:22.340346Z","alert_count":0,"request_count":1,"received_data":34585,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}]},{"fqdn":"sync_events.atsptp.com","ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2020-02-13","domain_rank":0,"first_seen":"2021-04-17T07:57:10Z","last_seen":"2025-10-06T22:54:41.651703Z","alert_count":0,"request_count":1,"received_data":653,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"s.dsp7c5.com","ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-12","domain_rank":0,"first_seen":"2025-10-05T05:09:59.79432Z","last_seen":"2025-10-05T05:09:59.79432Z","alert_count":0,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.chmsrv.com","ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-09-22","domain_rank":0,"first_seen":"2025-09-23T09:30:19.263762Z","last_seen":"2025-10-07T14:51:53.513739Z","alert_count":2,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ad.twinrdengine.com","ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2023-06-07","domain_rank":79586,"first_seen":"2024-01-20T17:03:24Z","last_seen":"2025-10-08T01:58:49.288707Z","alert_count":0,"request_count":3,"received_data":735,"sent_data":1411,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"hw-cdn2.adtng.com","ip":{"addr":"151.101.131.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2018-07-20","domain_rank":157324,"first_seen":"2020-02-20T16:50:17Z","last_seen":"2025-10-07T12:26:30.822382Z","alert_count":0,"request_count":1,"received_data":56132,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"region1.google-analytics.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-07-18","domain_rank":19689,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-10-09T03:46:15.24522Z","alert_count":0,"request_count":2,"received_data":1688,"sent_data":2737,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.samlesamtykke.com","ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-05-22","domain_rank":0,"first_seen":"2018-05-31T09:13:36Z","last_seen":"2025-10-08T01:58:48.465844Z","alert_count":0,"request_count":12,"received_data":18164,"sent_data":6448,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"s.orbsrv.com","ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2020-05-16","domain_rank":50502,"first_seen":"2020-09-02T21:53:48Z","last_seen":"2025-10-06T22:54:41.923755Z","alert_count":0,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.eln3ax.com","ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-02-17","domain_rank":358654,"first_seen":"2025-03-22T19:46:49.365602Z","last_seen":"2025-10-06T17:33:12.65891Z","alert_count":1,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pixel.rtbix.com","ip":{"addr":"172.67.188.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-07-30","domain_rank":4337019,"first_seen":"2021-07-26T09:42:36Z","last_seen":"2025-10-06T22:54:40.834562Z","alert_count":0,"request_count":1,"received_data":581,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"samlesamtykke.com","ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-05-22","domain_rank":5170506,"first_seen":"2018-05-31T09:13:35Z","last_seen":"2025-10-08T01:58:48.567352Z","alert_count":0,"request_count":2,"received_data":196128,"sent_data":986,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-05T22:12:07.052692Z","alert_count":0,"request_count":2,"received_data":753340,"sent_data":896,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":2,"received_data":32564,"sent_data":1054,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s.chnsrv.com","ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-15","domain_rank":356919,"first_seen":"2025-07-16T14:39:46.853439Z","last_seen":"2025-10-06T04:21:24.149426Z","alert_count":1,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.zlinkt.com","ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-30","domain_rank":4002425,"first_seen":"2025-08-06T13:39:35.476818Z","last_seen":"2025-10-06T17:33:12.681698Z","alert_count":0,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.exoclick.com","ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2006-09-01","domain_rank":368079,"first_seen":"2019-05-20T13:17:49Z","last_seen":"2025-10-03T00:30:26.296012Z","alert_count":0,"request_count":1,"received_data":1405,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"syndication.realsrv.com","ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2019-02-07","domain_rank":176973,"first_seen":"2019-07-03T21:39:52Z","last_seen":"2025-10-06T06:06:09.46775Z","alert_count":0,"request_count":1,"received_data":419,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-10-05T22:12:07.360997Z","alert_count":0,"request_count":5,"received_data":2564275,"sent_data":2417,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s.opoxv.com","ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2019-12-02","domain_rank":213712,"first_seen":"2019-12-13T09:21:20Z","last_seen":"2025-10-06T07:40:09.13407Z","alert_count":1,"request_count":1,"received_data":417,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.magsrv.com","ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-08-01","domain_rank":47665,"first_seen":"2023-08-04T12:48:00Z","last_seen":"2025-10-06T04:36:36.341016Z","alert_count":0,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"greenplacetech.com","ip":{"addr":"52.206.208.112","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2023-01-02","domain_rank":0,"first_seen":"2023-01-03T00:36:46Z","last_seen":"2025-10-08T01:58:48.351457Z","alert_count":1,"request_count":1,"received_data":33717,"sent_data":548,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tsyndicate.com","ip":{"addr":"94.130.134.159","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2017-03-08","domain_rank":1289,"first_seen":"2017-03-16T09:04:54Z","last_seen":"2025-10-06T14:56:38.951453Z","alert_count":0,"request_count":1,"received_data":917,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.dspbw7.com","ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-12","domain_rank":0,"first_seen":"2025-10-08T13:10:52.880634Z","last_seen":"2025-10-08T13:10:52.880634Z","alert_count":0,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.pemsrv.com","ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-08-01","domain_rank":104334,"first_seen":"2023-08-04T13:10:46Z","last_seen":"2025-10-06T06:12:02.450894Z","alert_count":0,"request_count":1,"received_data":418,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"dev.visualwebsiteoptimizer.com","ip":{"addr":"34.107.218.251","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2009-11-13","domain_rank":18329,"first_seen":"2012-05-21T13:21:05Z","last_seen":"2025-10-10T10:08:20.95749Z","alert_count":0,"request_count":1,"received_data":3385,"sent_data":641,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sync.atsptp.com","ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2020-02-13","domain_rank":369566,"first_seen":"2020-06-17T16:56:18Z","last_seen":"2025-10-07T19:56:52.749213Z","alert_count":0,"request_count":3,"received_data":1855,"sent_data":1575,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-10-05T22:12:06.955348Z","alert_count":0,"request_count":3,"received_data":81475,"sent_data":1911,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.kosdegmedmeg.com","ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2020-06-18","domain_rank":2661595,"first_seen":"2020-06-29T09:59:14Z","last_seen":"2025-10-09T15:39:26.015478Z","alert_count":0,"request_count":15,"received_data":632676,"sent_data":8837,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"ExoClick","description":"ExoClick is a Barcelona-based online advertising company, which provides online advertising services to both advertisers and publishers.","website":"https://www.exoclick.com","common_platform_enumeration":"","icon":"ExoClick.png","categories":["Advertising"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"a.exoclick.com/tag_gen.js","fqdn":"a.exoclick.com","domain":"exoclick.com","tld":"com"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"dbd1b90776c3318f80da69be7cf24bb4","sha1":"06b048d9e943ce67645262b82f98339fff6193e6","sha256":"78e4b570a0a7abc08fe02463ddb3d0b2a129db6f286ca23815b28d985ca1030a","sha512":"f09983a137bf0fafad01423f51914943e74fcf4a35c8eb28fdac6f99c06ffcbe689590c4479cf6e1061fc7ab6c58f59754b00ec564a9ab261dc78e07155663bf","ssdeep":"","tlshash":"76110478b97891306591181ea4fe5ee0f4b906252f539fe104dfa804843cfda050afcc","size":892,"data":"","first_seen":"2025-10-08T13:10:58.705427Z","last_seen":"2025-10-10T22:55:48.959111Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"be812bf746c8e7a3a66c88d236594975","sha1":"73689320385f35ae31e5f51a999ca9c9eed05943","sha256":"3683bc447c46edd71dc2ae41607055e7e100d0c0a3cbcacabce01a018359de23","sha512":"ff02eca5435a22f1b8139addf9756c1e87f32151b912bdc90003ab238020cb927a9d589c40da1e6dc2e8cda3b628e676eb51c9518d76ca5281719ea7157cc819","ssdeep":"","tlshash":"84c08c0ca92f96a0072b28da79d2e318243484aaf084ca4435be05014f607dc0d0ed04","size":148,"data":"","first_seen":"2025-04-16T01:09:11.68596Z","last_seen":"2026-04-03T20:24:15.1636Z","times_seen":717,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dca9d53787fff314e5bd1a123b28906a","sha1":"1350c858f60bbb03d1b53b05cbad6cea82ff29d1","sha256":"2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f","sha512":"4f123c356eec731b4f3653afdc258b385c8a0040ea14831893fa850c1275efe1fd49c51d4acb5f7541e01f2b9e46bbac0266e5893a6987b568f6aa2e0b0d492a","ssdeep":"","tlshash":"41a002f3187682224e93c660d963fb88d952515dfd4985cc60259e5ae7e29dbc010e90","size":75,"data":"","first_seen":"2023-03-07T01:15:59Z","last_seen":"2026-04-03T20:33:40.13085Z","times_seen":77610,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d82d546643b96e426269c2ef03a4e2fe","sha1":"c19893d3ab388738209d55854936e2a8c80aabf1","sha256":"4d86f50fe878fbeb5c08a11fcd4f08173dbe440ec2addbda297813b83361c2d4","sha512":"fd2bcb480212ee521b033d716ed35537cde949e684ca93628f6d62cd2a31f89d7227b7690387e60e05c717582424f93048d105f09abf2f1b3903d08e8d7a89d8","ssdeep":"","tlshash":"a7d02b9de281b26b33b5002d534eb353b0523e825b0f38137c9fe3513d2200388eaa5b","size":288,"data":"","first_seen":"2025-10-09T12:05:11.046285Z","last_seen":"2025-11-21T10:09:24.483353Z","times_seen":204,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"86142e10ec1144a9cd7bb80d90299f82","sha1":"4e992a50d71910070d2d69e75139a43cd905a403","sha256":"06748ca898e17dee23c533ccea12c89295570c9e4a2f66d7fa849075b656f726","sha512":"5929ecfd5fe19bf8441fab6d9ec884bca4029b6b64fd8dd1970fffcb207effda806e3a8e1eb3636bde542248503a2971e33635be96311c13e1a57251ea800847","ssdeep":"192:FWMarxRm/x3z4cZGlDHeEEFAx6xCRwLCuTg:cE3zRAD+E4Qr0u","tlshash":"6202736e39e7516601a7b03e67af9518703384173848ec00be9c4a105f6b71d66f6fde","size":8782,"data":"","first_seen":"2025-10-10T10:39:34.943742Z","last_seen":"2025-10-10T10:39:34.943742Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/js/vendor.js","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb221caebd85f232dcd5435ec4af5826","sha1":"a2ccd51c3c129dbecae49da51f23269a229d5d73","sha256":"9c4142a61bac423bb043345712ed5a61f7625b080639056808ba0363ed1f7fce","sha512":"d36aa1d230518eb8e03d3077298b075d5be85b87ac521ddb51b3dff647f2e9aa45dea7b76bd16432dbf737896759114db2cdd82c7d25fa24413135f7158aa825","ssdeep":"1536:L6LiB3wGnUL6oXHUbxmyBWpsbm1Tmu9dnI9ETHCRlNzDnXEYsSBuPTn8GlDKUQTi:+lmKi6TCtErPTnoL0fZ","tlshash":"a5c339ce72c6706247ab31ba046f550bf23a5959384d8840f169e4e5bc71b8e8277f3e","size":123566,"data":"","first_seen":"2025-09-18T09:39:11.638322Z","last_seen":"2025-10-15T08:25:51.740731Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a7059ff8a74a0f1a0b8265fb0740a86","sha1":"1ed31b1a68886375036b89608b209ab01631b6f4","sha256":"dc5ea5caa8ddf8ff97e6c272fa8f8ea7f6cb39fb9fb5a79525e139f65d098b31","sha512":"10c155c0b69755ab3eae25954fcf120842f8b87dccebcaf5ad5acc498a7cd796e5b075a1949ad61f5dd8cf9c734e5ed8b0c256b65f3351434796e5b1104e5753","ssdeep":"","tlshash":"4571638778c1623a47e51071407f673cf62958964b044464753deaa6eb38fe77923acc","size":3494,"data":"","first_seen":"2025-04-11T13:51:33.914989Z","last_seen":"2026-04-03T20:24:15.165409Z","times_seen":718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6fe51bf5bdf9cb4d47a750f9d341ca7a","sha1":"8049673666fecc9b492f92676dfdf905fa8809ef","sha256":"810adf302af0867a0b59481d32b448d138b915c8dc66e5628f9475ec70e27d04","sha512":"6e96744db3c39811d77e6907eeaaa9bbdc6897b23fc85310826c4f3d58703815d1754c4cc0c03b43711d7b492598d7461abd34607ff9c0ca829700cbacf3482b","ssdeep":"","tlshash":"8dd0227e24b233c0e08e30bccf1aea033530a2b3b1918820b9ee0e001f2580b4329a64","size":214,"data":"","first_seen":"2024-06-06T19:28:29Z","last_seen":"2026-04-03T20:24:15.166535Z","times_seen":1001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b375c74456053411ec5414e21ecf870f","sha1":"00a6b32dd64dbf1470f439ce9fa89c712500eebc","sha256":"a200a9bc6b415237c4571f14eb0eaa8f0f0fcfcd7eeafa8860441a805e4a144f","sha512":"1eac7d01125e86bf9c830911887999c922e321b80d1cfab8b000940dd75b088baa19d8fd2f905c9a68bd5dbbec45882e8c309f8f677f754c2a4a33c342a34ac9","ssdeep":"","tlshash":"dab0121c67b15242a033a07c971bd0e41013501778c1d560bf0c17903f30103d07f95e","size":103,"data":"","first_seen":"2023-03-07T12:09:25Z","last_seen":"2026-04-03T20:24:15.171009Z","times_seen":903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fd2ade1d73ac3b875614763496e6f29b","sha1":"bda8a0fdb4da75712f0e46ad503c1b9b6a6bc03a","sha256":"d43f77a4a46fca0b44747dc6fd5b92ea77873a595841a3eb35414c365171529b","sha512":"aa399597c7c0598105f9a2ed997ce6434ea0fb39bb206f22ed0861915c2f17e45881f6492b2180488851825ec1961cbdfdefa0bd08e71cd4147be5cf1734541e","ssdeep":"","tlshash":"b2a0025872417838422f361633bbf75f751715a01a07150cc20914463630247f9ddbce","size":64,"data":"","first_seen":"2024-10-11T08:45:33.687432Z","last_seen":"2026-04-03T20:48:22.804086Z","times_seen":902,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4e166cd425dc184a463d6aa07afa6867","sha1":"d72cb428adfa6e4f30b03c5bde876f20e7842a14","sha256":"5ae6e22f5235ba596c83a486646376608602b35ca2b4ac9a27a76f660bbfd38f","sha512":"1285575036e2a22d62c9fe79cb5d1a928cdbb742b39f55857f8b366a0cc0a41c903813dd000715f35403f1ad2f2456518e35fec70b7b5ea41aad20b7f047c1b8","ssdeep":"384:Oiz0joqGHuyUZDnr5L2Tg+FpdnaeUCyZfAXGE:OigEOV92Tg+zJaeufAX7","tlshash":"b682c7e9b6d2b9295222f0f504bf251ee3f72855b90c211cb106c6952e70bed406ff7a","size":18924,"data":"","first_seen":"2025-10-01T07:12:00.621564Z","last_seen":"2025-10-14T07:00:30.648974Z","times_seen":3369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/js/landing064.js","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c36703fb2389ad2e3bbb22b658f8e7f","sha1":"f9880c64bbdc22f8c69c975912baaaa05ce166f6","sha256":"1f729e78cdc3dfc5505d791118411c34271a31c4c5852e31e4a3ca4acabdde7c","sha512":"a7863975e3eac5bcd4a4a3af8ef98652ca540788e8c26cea6af27e7e425dcb81752789a8dc84198c35685abe4b1c83d174270ac742bb9096cd620d517a5d3e2f","ssdeep":"768:wyYFEbtir+z4v4irVJxfBEPakztAPLRT4D+sKYzUhvukpCI+h6ixH/iyhTCcOZSN:wT+btiqrAtYAYWB47/U7S/","tlshash":"fb630a8cb2a5b1a2035360f9502f110aa377ac689c4d4860f714d8d53d7ad8ab77bf7e","size":67657,"data":"","first_seen":"2025-10-10T10:39:34.885697Z","last_seen":"2025-10-10T10:39:34.885697Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"44352326c4d15d35823eb11baadc5f10","sha1":"39d662ffade25093ccb7436fc2b414bc3d2b5359","sha256":"601cb510179fc49232bc4d5ed1922c21900125e96915968551d40ccc007473f6","sha512":"17d5457449c0aeb9ac7bb21a6c3b749c72f06974baf0c435412e62dce64abe300cf0034dda267f20810f971081627b827cde3fa41fb05b73a5f8b8709ee4c626","ssdeep":"","tlshash":"cb7000082c882008a322322202eb028802a28000000a2000020000800c3020a0002b08","size":22,"data":"","first_seen":"2025-10-01T07:12:00.687279Z","last_seen":"2025-10-14T07:00:30.363679Z","times_seen":3371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"6bb754b2ac8386252adbcdafe69485b0","sha1":"709b9e4150dacb7a646829dc5ec29526bcdd301f","sha256":"f7ffb6cd74e7fa3d7650dde9f0efe182fee153189e606cf60da4850158dd3000","sha512":"36a61a451385e8d1625af5fc9c7518a0cf752737a02c1f98590c5df4b6224f65bae32d3e33080fae26efcee92f4428c38e91cba2574c588bd6ecdfff12a2a05a","ssdeep":"","tlshash":"89a002d41c87750c252921d5c1ee962557b188017f948e28014c96c63b2023d59de6e6","size":62,"data":"","first_seen":"2025-10-01T07:12:00.611946Z","last_seen":"2025-10-14T07:00:30.651812Z","times_seen":3369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3\u0026cx=c\u0026gtm=4e5a80","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5306d643d047668df23824aa129b12a5","sha1":"809d6776b73573dd36bcc783b00ae1454022b26d","sha256":"db84cf2c992a46de24477f0962d51f78b30949328087fc41751b7026d9be2641","sha512":"22f6859abd48c93e8aff0b4e536647918e5cf82f8c030906cab574b4e2a6eb89c0447f85652f735e97d4b75bcc95414b40a2967791e0fc85f4a06390f913e95b","ssdeep":"6144:Uo/yp2d4tk0uwbWZJT+Nju5204O0RppdXAQu:8YWm0KZJu0Ig","tlshash":"768418ce73d674225396a478503f018bb57b28a2f44cc899f18acde52e74a9a0177f7c","size":399516,"data":"","first_seen":"2025-10-10T10:39:34.750164Z","last_seen":"2025-10-10T10:39:34.750164Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d82d546643b96e426269c2ef03a4e2fe","sha1":"c19893d3ab388738209d55854936e2a8c80aabf1","sha256":"4d86f50fe878fbeb5c08a11fcd4f08173dbe440ec2addbda297813b83361c2d4","sha512":"fd2bcb480212ee521b033d716ed35537cde949e684ca93628f6d62cd2a31f89d7227b7690387e60e05c717582424f93048d105f09abf2f1b3903d08e8d7a89d8","ssdeep":"","tlshash":"a7d02b9de281b26b33b5002d534eb353b0523e825b0f38137c9fe3513d2200388eaa5b","size":288,"data":"","first_seen":"2025-10-09T12:05:11.046285Z","last_seen":"2025-11-21T10:09:24.483353Z","times_seen":204,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a759a4d296ad7f756ce88d6c7c595bd4","sha1":"a83be23fd4e46fe235816e0536f71ed17a8ee06e","sha256":"5844a0cd7869d70e5b3cdabe09c26d50d5be306884e14a9823acaf5768b82bc5","sha512":"c011fc0f6e47d5961fc8c18f42566070474bfbe582b41e5bda0f29cdc6fb2680fa3bed545803613bfc00005db582e708c1e16680713653d5c1f60afbb35e9b0f","ssdeep":"","tlshash":"5421c0b6170a907e0bb219a1b1fec772dc51701cb15c48dda642ea851eaeccfce05559","size":1241,"data":"","first_seen":"2025-10-07T08:33:59.736583Z","last_seen":"2025-10-13T10:49:22.821268Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7c30234b7bf626af1abf57d402628101","sha1":"631dbf3c494a82cb7ce1c84de335ec50feff2f38","sha256":"dc87051dc947ab8cdb9093cc5b02fa705d0ec2453052986be2beaa380a644f2c","sha512":"50cd29f3677f631b5cf521fafde85cd4b8b2ca78875af07717b20d56dcb156b8f5408b22e6596bdcd1a9b9b6a4cbbb5b3cd8de5befc9b4ff4bc594ea7a37801d","ssdeep":"","tlshash":"90b0120c63b95241e033a06c471be1591013101328c19550ff4c0b903f3161390bdade","size":103,"data":"","first_seen":"2023-03-07T12:09:25Z","last_seen":"2026-03-30T02:40:55.080861Z","times_seen":603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samlesamtykke.com/cc.js?wId=7NAbiKFF1VQ7gWk99P3mAj\u0026domain=kosdegmedmeg.com\u0026languageCode=nb\u0026languageTerritory=NO\u0026sessionId=960d9909077b4a50af7de7cf8a0005ff","fqdn":"samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"db31570e4026bcc20d5faff20d2bdc5a","sha1":"5ffef3f76112e6e0e55dcac12b2f51a7c846ff6a","sha256":"ce458541a0455df27a69167fee546a568b14b62b5e6de8da3624539eaefaaccf","sha512":"aa2b1ca8713c1d97bd92dd62460886711a38137257577bbed68b92c06e1f35b75209173ec20cd2f164ab125be8c527327d9bea730e54f9121c96ed520d0d629f","ssdeep":"1536:kDA9ANRksb7jGaxkGCNMPWiaDQnNJ/rsdNJOTfn5aLNTiTeVdT0k1WfEV1mBHRMo:0AMksb7jGa1bH510wj","tlshash":"5ff32e4a35e7563242df707e4e4f609cb134852714099800bcac97d88fb5f2866fafea","size":159186,"data":"","first_seen":"2025-10-10T10:39:34.842011Z","last_seen":"2025-10-10T10:39:34.842011Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"30ac07948e41526122fb7496f3e320e3","sha1":"b4449961ae6470f1365d306a3acd39c9b1e80785","sha256":"a190ba32a0b26b14c3cf8361b7c9a3d80567a9a399e4a20b3fbb779b897c3696","sha512":"6776d3d0359b32ce56aa95d1e8117c01be6eb1e60f07cbde4432384ae6d920d91e2aec4529d83392e213a9b60dfb09ec232f443a4a36374f83c473bcec0c61b8","ssdeep":"3072:YvR2am+So4npn/06s6VIkDcajIu1yeZGbQU4vT8PWNjxW55204O/ZhuAzFjA://npn2hk0uwb7n+Nju5204O/hJE","tlshash":"bb7418cdb3d674228393a478503f018bb57b2892b44cc899f189cdd42e74aaa5277f7d","size":352590,"data":"","first_seen":"2025-10-10T10:39:34.810709Z","last_seen":"2025-10-10T10:39:34.810709Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4ea86c1c1f256ec24c41e21e24e280fc","sha1":"f871f735bfa3170a847dedc6c0b015578e36ca31","sha256":"df89e2e1260c232fdcddb4ca5fbe36a49cb3ac5835a7ec1a5f92e2d0ba993e1c","sha512":"5ed4630e37e3a2b8dfdb0f66f03af68c0f60b1945e005ef086365840db90b5ad7c96833fb4675f6313132f0db6556831d0ed95045652d4081726dcbeb63bc0e0","ssdeep":"384:cz0joqGHuyUZDnr5X2Tg+FpdnaeUCyZfAXGU:cgEOVt2Tg+zJaeufAXL","tlshash":"a0a2b6e9f6d679295222f0f504bf251ee3f72855f90c221cb106c6952e70be9406bf3a","size":22707,"data":"","first_seen":"2025-10-10T10:39:34.983988Z","last_seen":"2025-10-10T10:39:34.983988Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8a81377a647bdea836809865c62d171b","sha1":"dd72dda89aacfe74746d2c73421ea55a23ab313d","sha256":"9c7aa944eeb31b5765d0c1674cdc445dff6dd572a6fe897f6d5137ce181d44a9","sha512":"1fcef0b6d8ed19dbf0bb930941854233c028b6f894cf63955fd49e8e9514c601ed1a328a6c842c8ffbe5eea505e4c10f99e96a933a2f65a4ad484a7bb70946a5","ssdeep":"","tlshash":"89e05e1e56ba0d426667294c8a5fc0027d93635308cdea103f5cab181f9051fbaa929c","size":308,"data":"","first_seen":"2023-03-07T12:09:25Z","last_seen":"2026-04-03T20:24:15.173807Z","times_seen":1466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bce9e85f38aa11d35ab51517f8d07e4","sha1":"44102e17b879843f3ce36a51c0f132d11a24588a","sha256":"1a828972d3e667311b0fe5662301cc433f2c5e97d5018cbd331c4c59ad34d311","sha512":"08489944c9e40c9f71bad98402a22467e3de06545feab6314b08a2510224d75eae877604b64bb37f281f3bb5e1408b3a3c2ef71ec9c742120c002fe553b751b0","ssdeep":"12288:l4zpNa1FTCz4BpuKYXsrFoCvL67G1+zEnHYJ7HlEiU9J:OzBkruKYsuyO7G1gs4JBhk","tlshash":"66054ad87112b5e59322b9f2a067201da37ea535c84c4c5eb29588f12ef1c4e70b6ef7","size":824931,"data":"","first_seen":"2025-10-07T06:40:38.110565Z","last_seen":"2026-03-30T18:12:53.501353Z","times_seen":16338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a94b47d77a9ba644d5b6484d02ca3ee1","sha1":"4737c437314373c683f0c9cb076d50058a5acb4b","sha256":"ba3ca1cbb85e521af18c2d2317bb7573774ada4bb9c0f1ebef24f8e249ab2947","sha512":"afa7c1ff827689404714ab3fb3a5ae7d752a9fbf9151a77f297e8abb42cb5aa1f8bc5c5efa812daa67be651bdd1dcef6f2b05164ee643df461d7086484b645da","ssdeep":"1536:+GGMkGmnbft9z1k4KytdQ1JVfTnCAHCWdvFD/eVnfx:+3xz1k7MdQ1JVdHRdvlehp","tlshash":"ee63be2ba70770ffefbe9741a2d162e8133da04e149304dd16ff05a18a2a8d5b6791dc","size":68611,"data":"","first_seen":"2025-10-10T10:39:35.006961Z","last_seen":"2025-10-10T10:39:35.006961Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bce9e85f38aa11d35ab51517f8d07e4","sha1":"44102e17b879843f3ce36a51c0f132d11a24588a","sha256":"1a828972d3e667311b0fe5662301cc433f2c5e97d5018cbd331c4c59ad34d311","sha512":"08489944c9e40c9f71bad98402a22467e3de06545feab6314b08a2510224d75eae877604b64bb37f281f3bb5e1408b3a3c2ef71ec9c742120c002fe553b751b0","ssdeep":"12288:l4zpNa1FTCz4BpuKYXsrFoCvL67G1+zEnHYJ7HlEiU9J:OzBkruKYsuyO7G1gs4JBhk","tlshash":"66054ad87112b5e59322b9f2a067201da37ea535c84c4c5eb29588f12ef1c4e70b6ef7","size":824931,"data":"","first_seen":"2025-10-07T06:40:38.110565Z","last_seen":"2026-03-30T18:12:53.501353Z","times_seen":16338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d2114e35b6b1d9d01e640fdad6954ab8","sha1":"e71dec24b3385dda389b4d46e2a906aec926b924","sha256":"d295c3ad555fac94975e435e9aa20787c44b97b4d215335b64689456d19bb904","sha512":"1578ee3f8feb979afd770f0d086e07d5ddc9b2179fbc7e60dcdd1c676cb8cd68e41387a19df47bc6db6c408e36d2625eb72e458f0c110d79ea0da0d799e9c209","ssdeep":"","tlshash":"b77000082c88200a22223222022b088802a20008000a2c00020000800c3022a0002b0a","size":22,"data":"","first_seen":"2025-10-01T07:12:00.644065Z","last_seen":"2025-10-14T07:00:30.51668Z","times_seen":3369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"407403468961a963270546f9c670e5b1","sha1":"424d65b3e27e0976197b799f16455fe134142321","sha256":"6c674b585b406a37fc2c37ca2a9ef3257e8d8c0b45261d170b28f950a2462ba2","sha512":"1a268b8169e819a5255dac2b7936fb465971926ce2079afc1c130ca904e2b8a60c8f56dd6e015aff56456d6b2f1af73cb9064d90692a32695009f20497b2fd29","ssdeep":"","tlshash":"13e0aba6a2560d304d73bebe8ad7b324282c725f18d980467bce8d80df1a99bb0149c4","size":427,"data":"","first_seen":"2025-09-10T13:05:02.205071Z","last_seen":"2026-04-03T20:24:15.174429Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw-cdn2.adtng.com/delivery/idsync/idsync.min.js","fqdn":"hw-cdn2.adtng.com","domain":"adtng.com","tld":"com"},"ip":{"addr":"151.101.131.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"314cda749bceaf674446b0b6e294595a","sha1":"691325db17552447e53fb6a090a736955edaebc5","sha256":"875c9225e41341067eee9916c855e4e636ce8554784aecddcddee14a4467098e","sha512":"4dbef550be549df2aa5640cf8f91611d7e42d4551516863f293ba08c6d10ae37cc5441cc763440949d5cf4f4686e93ad1b67fc827c3b0766ff2bac41178ac640","ssdeep":"768:66VT558z8h4yo3pc9NwlJWDNEqLcgOKq8wOElg+:6qZxo3peNMJWZEqLcBZ","tlshash":"874318c9b2c3b06852a338b9443f200ab23e7e56641d8851e562d5d1bc79e5f9233fbd","size":55335,"data":"","first_seen":"2025-09-03T22:43:19.182619Z","last_seen":"2026-03-28T10:16:01.915212Z","times_seen":949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6061ae6d459c6be9288f6d6f0a2d4558","sha1":"25ec9f29433678ba91c1a59243330dedb813f5c1","sha256":"9b19fd3f4956bd05150e35cf4fdfae3d2e8e63bf0da0455b69fc43739316bdae","sha512":"aa782c1b20c6a4602ec1f5c0da373e941b330e312f820b79240c446da1e7b50c2736f19e44546cb1f3a7ece360d15e04cc7cbba8514f8da2da4342ffa6383ec0","ssdeep":"","tlshash":"ab5152fb0052456601fb08916baf7f18b3a40737c848d098c9a69b0cf637b1fe106af6","size":2865,"data":"","first_seen":"2025-10-10T10:39:34.83564Z","last_seen":"2025-10-10T10:39:34.83564Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/media-registry.js","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4a8d5b1687b297c0db9f7bc2c712918","sha1":"d112eb5631804cc5d5ef3617c6d4d13031b0aa6a","sha256":"8960a5a8dd99236da091299125e26cfee3c108ed9f3a8f78979fd435647c3c17","sha512":"88b8b817e9e2be4f830a895dfd2b35d7d9a8a9454efe7cbb4b4ff40d4eaf1baaa72ec175277424ec6c3906c987f503796ed1fd27c37dce1e8658f089c9e74ce8","ssdeep":"3072:Z9zzO1VCd44d7HB7Of+sCgPXh4s7BXA0PonstL:Z9zzbd44d7HB7Of+sCgPXh4s7BXA0Pos","tlshash":"0ec3a007ba5cbe2bfb3cfd656ca29d4168dc34106447f0a0b2eac81545de1d817caeda","size":124095,"data":"","first_seen":"2025-10-08T10:28:37.611692Z","last_seen":"2025-10-10T10:39:34.745494Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"43128965f9afc6b2616232887e958646","sha1":"b5e3effcc815d8755ef4496bf938ee82b154eba9","sha256":"de2450eb475540f1145f50699f8f320a7aabf88d5f18c0fb56f593adfea411e1","sha512":"c4d1952cc1811396fca33657905e147f63f41c3161dfb759e8e8e6b4b1d913b2d87114dced8b08d3ea4dbed593822d8191226ca12ce950359d7f47ea5f80088a","ssdeep":"","tlshash":"0ee02689e81d707a1ca72266f33a5349207831eaa50008316668908a1a6cd175d4280e","size":324,"data":"","first_seen":"2025-10-09T15:08:29.686871Z","last_seen":"2025-10-10T10:39:35.031885Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"region1.google-analytics.com/g/collect?v=2\u0026tid=G-QXFHHE16V3\u0026gtm=45je5a80v9106874940z89103010110za200zb9103010110zd9103010110\u0026_p=1760092741362\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1064309950.1760092742\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105322302~115480709~115616986~115834636~115834638~115868792~115868794~115995680~115995682\u0026dl=https%3A%2F%2Fwww.kosdegmedmeg.com%2Flanding64%3Fcat%3Ddefault%26pi%3D10070%26pt1%3D211571139%26pe%3Dfridayx3%253freferer%253durlvanish.com%252f8ec66b7a\u0026sid=1760092742\u0026sct=1\u0026seg=0\u0026dt=Kosdegmedmeg.com\u0026en=page_load\u0026ep.user_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026epn.loading_time=3.55\u0026ep.screen_size=1280x1024\u0026ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026tfd=8572","fqdn":"region1.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:07.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-QXFHHE16V3\u0026gtm=45je5a80v9106874940z89103010110za200zb9103010110zd9103010110\u0026_p=1760092741362\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1064309950.1760092742\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105322302~115480709~115616986~115834636~115834638~115868792~115868794~115995680~115995682\u0026dl=https%3A%2F%2Fwww.kosdegmedmeg.com%2Flanding64%3Fcat%3Ddefault%26pi%3D10070%26pt1%3D211571139%26pe%3Dfridayx3%253freferer%253durlvanish.com%252f8ec66b7a\u0026sid=1760092742\u0026sct=1\u0026seg=0\u0026dt=Kosdegmedmeg.com\u0026en=page_load\u0026ep.user_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026epn.loading_time=3.55\u0026ep.screen_size=1280x1024\u0026ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026tfd=8572 HTTP/1.1\r\nHost: region1.google-analytics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\ndate: Fri, 10 Oct 2025 10:39:07 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0\r\nreport-to: {\"group\":\"ascnsrsggc:102:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/aud/aHlxTtBjlhQNk8MNH6Oy7YuVwvm4T2wg?noscript=1\u0026cb=545736","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 01:00:18 GMT","end":"Sat, 29 Nov 2025 01:56:13 GMT"},"fingerprint":{"sha1":"1F:1D:97:E3:94:C0:3D:60:4A:4D:9F:3D:6E:0B:58:91:87:CF:3B:5D","sha256":"95:97:BE:B3:B2:08:B9:BB:49:A2:52:7D:BE:80:FB:FA:42:90:DC:15:FE:32:8E:85:DE:F2:22:A0:53:86:06:8F"}}},"request":{"raw":"GET /aud/aHlxTtBjlhQNk8MNH6Oy7YuVwvm4T2wg?noscript=1\u0026cb=545736 HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Thu, 09 Oct 2025 10:39:02 GMT\r\netag: 5639bc2d-a5c5-11f0-9624-e905c46db6f6\r\nlast-modified: Fri, 10 Oct 2025 10:39:02 GMT\r\npragma: no-cache\r\nvary: *\r\ncontent-length: 0\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"POST /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 225\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 360\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":360,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"c8609b141cf0533da2605b1ac1537c6c","sha1":"ed8b101e71286c3e582b8f6ed4162c2077b3fd88","sha256":"99eccbc41e04b151073613276ac5248e10ff2dcd4c9b3049df4c6ebd8b4de5aa","sha512":"10b68994046570ca339099c30f2e40fc96bcf80e9aa3201fd4165c3b9e13ab7a090f6ac289f88721601a7cb7e2b2a1645bf77a8f5b29fef27d738c3bb8209617","ssdeep":"","tlshash":"90e0c0f656aee3b25d4283c3251ef742338553a44a58025884a98c0a10e0664654e6c1","first_seen":"2025-04-11T13:51:33.911951Z","last_seen":"2026-04-03T20:24:15.143996Z","times_seen":486,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.dspbw7.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.dspbw7.com","domain":"dspbw7.com","tld":"com"},"ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dspbw7.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 Aug 2025 11:54:10 GMT","end":"Mon, 24 Nov 2025 11:54:09 GMT"},"fingerprint":{"sha1":"6D:9B:1A:A4:3B:68:91:C4:95:D2:22:1A:29:F7:69:0E:37:71:57:C9","sha256":"E8:B6:BE:F5:B1:A7:8F:FA:4E:2D:7E:92:7C:EA:36:E2:DC:2D:4F:47:81:02:32:4A:26:89:E4:22:0B:A8:00:57"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.dspbw7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.dspbw7.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":154,"dns":54,"connect":28,"send":0,"wait":30,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/webworker.js?hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","date":"2025-10-10T10:39:01.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:18 GMT","end":"Mon, 08 Dec 2025 08:34:17 GMT"},"fingerprint":{"sha1":"33:09:D4:D3:61:83:44:73:CF:04:5A:44:53:2E:B5:36:64:BB:FC:7F","sha256":"86:F0:16:7D:8B:24:BC:17:6C:2B:06:E6:05:A6:33:43:10:A0:61:A6:BA:81:FB:58:ED:0A:DC:0B:AE:5D:08:C6"}}},"request":{"raw":"GET /recaptcha/enterprise/webworker.js?hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Fri, 10 Oct 2025 10:39:01 GMT\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: same-site\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"490babe8a94aa3f4de88d222cfc7ecbc","sha1":"c765a73f577ff7011fcdfc15bff3bec5a436a7bc","sha256":"d8a123e769b7af496332c2bf1e93af5b0dc071bc9b84ec3a13213f4f76180351","sha512":"294f4f9c9051788d2b1ca967cbb1ada2568cf73b3385a0e1b035b7a25e241095ba76888cedab2255011acca04f8c09ab892cddb581e911b343ad1315fe6c0b4b","ssdeep":"","tlshash":"c8b012370910c51c4c000206c867a7f9f0018424e79090f5907d0fd587641b38002714","first_seen":"2025-10-07T06:40:38.151057Z","last_seen":"2025-11-24T07:53:44.502854Z","times_seen":13551,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samlesamtykke.com/cc.css?v=1.0.0","fqdn":"samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"GET /cc.css?v=1.0.0 HTTP/1.1\r\nHost: samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\nlast-modified: Mon, 06 Oct 2025 11:54:24 GMT\r\netag: \"8dcc-6407c1cdf4fe1-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 6293\r\ncontent-type: text/css\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":36300,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"6ea621236e1c39880fcf3fada8019d7e","sha1":"e9a2110bbbe80fe599383e70e211834febfab593","sha256":"25da97364025524bd8bbc662e02d080126a3a10ab3bc197eab666524aa942b96","sha512":"022e6ed8ab8ced8d119f317acc941afca332b841f789bac59df9a160b50463230d528a23477064d9fe2560e7e270a8ce45ed89c56e4487b78d87c18aa16f4292","ssdeep":"768:OFaFB3FxdFy3F1FxFlmUbFaXFOSFsIFaKFOoN+y8Nz5wLM7bbVldi1OqjUBy4ZHw:OYnTd43XDXtybfzjN+y8Nz5wLM7bbVlm","tlshash":"24f231539e633851253f80ac5f6ab206323a5463a78bcd6cf98c641ccfccadc925679c","first_seen":"2025-10-06T14:23:02.058897Z","last_seen":"2025-10-13T10:49:23.342556Z","times_seen":33,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"POST /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 224\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 2889\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2889,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"33b847bd7d825d8f32ff61d948445021","sha1":"f98423d7f558df2b2e088a6177ad474ae295e39b","sha256":"ae32400eb041db99d2072a962915623a1faaab162e8c8c4436d1d3c6fc4919ac","sha512":"2e419a02a170f5f60262aa536f0e505ddc63fb1c8ebb3d98c0e0cae2716a24bb28e17dd15e976754fae310a799bf2e09c6f6506f98c0fb83013e04cf27c9d79f","ssdeep":"","tlshash":"8e516581856af325dfad425fd018557296af832cc66486bb8dc880fb20c3dac99ce247","first_seen":"2025-06-23T10:25:51.872903Z","last_seen":"2025-11-06T09:39:33.204376Z","times_seen":190,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.exoclick.com/tag_gen.js","fqdn":"a.exoclick.com","domain":"exoclick.com","tld":"com"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exoclick.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 10:51:43 GMT","end":"Fri, 31 Oct 2025 10:51:42 GMT"},"fingerprint":{"sha1":"82:91:BB:EE:5D:5E:AB:38:82:DD:28:BC:34:5E:41:86:FC:19:35:C2","sha256":"E0:07:74:BE:BC:CE:EB:FB:FC:0C:0B:E4:DA:D6:95:62:26:AB:76:63:07:A2:76:62:3E:35:00:91:42:0E:2B:CC"}}},"request":{"raw":"GET /tag_gen.js HTTP/1.1\r\nHost: a.exoclick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\ncontent-type: application/javascript\r\netag: W/\"06b048d9e943ce67645262b82f9\"\r\nexpires: Wed, 08 Oct 2025 14:24:42 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBX63NDQH3Ex8AAAwBuUwKEwH3VAEAAAwBJRPCLgG3AAAAAA\r\nx-77-nzt-ray: 2a494a1500c190fb69e2e8684381551b\r\nx-77-cache: HIT\r\nx-77-age: 7955\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (892), with no line terminators","md5":"dbd1b90776c3318f80da69be7cf24bb4","sha1":"06b048d9e943ce67645262b82f98339fff6193e6","sha256":"78e4b570a0a7abc08fe02463ddb3d0b2a129db6f286ca23815b28d985ca1030a","sha512":"f09983a137bf0fafad01423f51914943e74fcf4a35c8eb28fdac6f99c06ffcbe689590c4479cf6e1061fc7ab6c58f59754b00ec564a9ab261dc78e07155663bf","ssdeep":"","tlshash":"76110478b97891306591181ea4fe5ee0f4b906252f539fe104dfa804843cfda050afcc","first_seen":"2025-10-08T13:10:58.705427Z","last_seen":"2025-10-10T22:55:48.959111Z","times_seen":27,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":73,"dns":50,"connect":1,"send":0,"wait":1,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:37:19 GMT","end":"Mon, 08 Dec 2025 08:37:18 GMT"},"fingerprint":{"sha1":"71:09:AD:C8:6A:D2:25:DB:C9:D9:5E:5B:C1:06:E1:0D:D6:39:D6:F0","sha256":"A9:72:F7:39:49:86:27:92:AA:EE:65:04:99:A9:0E:A8:02:70:01:E6:72:46:C2:FB:DC:5E:5E:6B:DC:B8:27:A0"}}},"request":{"raw":"GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Fri, 10 Oct 2025 10:39:00 GMT\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1241,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1241), with no line terminators","md5":"a759a4d296ad7f756ce88d6c7c595bd4","sha1":"a83be23fd4e46fe235816e0536f71ed17a8ee06e","sha256":"5844a0cd7869d70e5b3cdabe09c26d50d5be306884e14a9823acaf5768b82bc5","sha512":"c011fc0f6e47d5961fc8c18f42566070474bfbe582b41e5bda0f29cdc6fb2680fa3bed545803613bfc00005db582e708c1e16680713653d5c1f60afbb35e9b0f","ssdeep":"","tlshash":"5421c0b6170a907e0bb219a1b1fec772dc51701cb15c48dda642ea851eaeccfce05559","first_seen":"2025-10-07T08:33:59.736583Z","last_seen":"2025-10-13T10:49:22.821268Z","times_seen":19,"resource_available":true,"data":null}},"time_used":359,"timings":{"blocked":155,"dns":0,"connect":23,"send":0,"wait":37,"receive":0,"ssl":142},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.pemsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.pemsrv.com","domain":"pemsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pemsrv.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 10:26:30 GMT","end":"Sun, 09 Nov 2025 10:26:29 GMT"},"fingerprint":{"sha1":"5F:47:25:B6:96:C0:63:5C:07:7B:C4:6F:89:5C:87:0B:49:94:70:EA","sha256":"B5:77:8A:78:DA:8C:29:56:B2:2E:AD:B2:BC:02:75:DB:93:32:DF:FD:CA:6F:97:04:2E:34:4F:41:C4:5E:7B:09"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.pemsrv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":44,"connect":29,"send":0,"wait":31,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync_events.atsptp.com/p/e","fqdn":"sync_events.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 17:50:37 GMT","end":"Sat, 03 Jan 2026 17:50:36 GMT"},"fingerprint":{"sha1":"7A:BC:85:53:25:22:B5:55:B4:F9:F9:CC:2B:48:5F:5A:72:43:2D:93","sha256":"D4:46:67:C0:E0:87:AB:76:FA:58:F5:8A:95:43:15:B1:C0:28:77:79:3C:CC:B5:F0:D8:60:77:A2:04:8A:BB:F2"}}},"request":{"raw":"POST /p/e HTTP/1.1\r\nHost: sync_events.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 516\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST\r\naccess-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\nset-cookie: d_uidb=da9a698f-b89b-a0b7-0a6d-9390821f130b\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\ncontent-type: application/json\r\ncontent-length: 8\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":8,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"c5946eb9400717fd6f40e26e36cdb498","sha1":"38428a698ab1222540680e7ab78e1d739e9afd1c","sha256":"318c5ad51e9b36ff5924ae323dd59031245413a3e0f2aa3e03cc42902e9e7acc","sha512":"f2e79b59e286405076bdaffa56310693bf20fa909a5acaed6c11c901e09bbb9bd2eb4fea8b83daa7ecf5d1346997167785222ed645b15ae9435c6a6c2d4f44cf","ssdeep":"","tlshash":"8f500000000300030000000000003000000000c0030000c00cfc000000000300000000","first_seen":"2023-04-06T21:19:48Z","last_seen":"2026-04-03T20:24:15.157475Z","times_seen":1216,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":137,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/css/landing064.css","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/css/landing064.css HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: text/css;charset=UTF-8\r\nx-powered-by: PHP/7.2.34\r\nx-host: kosdegmedmeg.com\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 11875974\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":27506,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"54dae51fdd0035f5f3700068cbdee909","sha1":"b5c9324e3198f4104e9e39f22ea13b68da6a4122","sha256":"6c641d06dec88d159374ae9ef8a90c342dfd8738362ab6de09e5e69e47e4cb64","sha512":"c88697e97fff7aac5e9ef36b86664ca079e90683b8f77b19c6a82f2e4d16e97ed1415251a4b6d08b551726242fbc9db7e1b669a2b59e19d4eecdd28ac6a838f9","ssdeep":"384:Gexl+hIuuiO5kLNLwS0qjUFKRWFGFeFozJWtNqa5FMi/A8FCv9:GeCZmqjUFKYFGFeFozJWtNqeFMyFC1","tlshash":"d3c210ae2af51104626b896427de2b34331cc893661fecaaf1d1249dcfd1b9c26c574b","first_seen":"2025-10-10T10:39:34.735821Z","last_seen":"2025-10-10T10:39:34.735821Z","times_seen":1,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syndication.realsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"syndication.realsrv.com","domain":"realsrv.com","tld":"com"},"ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"realsrv.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 10:28:32 GMT","end":"Sun, 09 Nov 2025 10:28:31 GMT"},"fingerprint":{"sha1":"49:F9:A3:64:80:4E:E7:1E:08:38:FE:16:31:4F:0C:5D:A2:56:E9:39","sha256":"60:92:1C:94:D6:08:A7:43:1E:69:C7:33:E1:1B:03:49:60:49:78:E2:72:D2:98:57:09:3A:90:E6:50:34:AF:48"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: syndication.realsrv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":46,"connect":50,"send":0,"wait":28,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/media-registry.js","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/media-registry.js HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:00:33 GMT\r\nserver: nginx/1.14.2\r\nx-guploader-uploadid: AAwnv3IlCC0u2AYRDG69MdTcIdkdN3C3IhWsV9bjFNuJ-8Oy59vQTk5YUJN7sAj8S5cuQGvBs_tuDto\r\nx-goog-generation: 1759908982176352\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 124095\r\nx-goog-hash: crc32c=0jRAAQ==, md5=xKjVsWh7KXwNufe8LHEpGA==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2307\r\nlast-modified: Wed, 08 Oct 2025 07:36:22 GMT\r\netag: \"c4a8d5b1687b297c0db9f7bc2c712918-gzip\"\r\ncontent-type: application/javascript\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nvia: 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124095,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c4a8d5b1687b297c0db9f7bc2c712918","sha1":"d112eb5631804cc5d5ef3617c6d4d13031b0aa6a","sha256":"8960a5a8dd99236da091299125e26cfee3c108ed9f3a8f78979fd435647c3c17","sha512":"88b8b817e9e2be4f830a895dfd2b35d7d9a8a9454efe7cbb4b4ff40d4eaf1baaa72ec175277424ec6c3906c987f503796ed1fd27c37dce1e8658f089c9e74ce8","ssdeep":"3072:Z9zzO1VCd44d7HB7Of+sCgPXh4s7BXA0PonstL:Z9zzbd44d7HB7Of+sCgPXh4s7BXA0Pos","tlshash":"0ec3a007ba5cbe2bfb3cfd656ca29d4168dc34106447f0a0b2eac81545de1d817caeda","first_seen":"2025-10-08T10:28:37.611692Z","last_seen":"2025-10-10T10:39:34.745494Z","times_seen":6,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3\u0026cx=c\u0026gtm=4e5a80","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-QXFHHE16V3\u0026cx=c\u0026gtm=4e5a80 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nexpires: Fri, 10 Oct 2025 10:39:01 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135524\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":399516,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"5306d643d047668df23824aa129b12a5","sha1":"809d6776b73573dd36bcc783b00ae1454022b26d","sha256":"db84cf2c992a46de24477f0962d51f78b30949328087fc41751b7026d9be2641","sha512":"22f6859abd48c93e8aff0b4e536647918e5cf82f8c030906cab574b4e2a6eb89c0447f85652f735e97d4b75bcc95414b40a2967791e0fc85f4a06390f913e95b","ssdeep":"6144:Uo/yp2d4tk0uwbWZJT+Nju5204O0RppdXAQu:8YWm0KZJu0Ig","tlshash":"768418ce73d674225396a478503f018bb57b28a2f44cc899f18acde52e74a9a0177f7c","first_seen":"2025-10-10T10:39:34.750164Z","last_seen":"2025-10-10T10:39:34.750164Z","times_seen":1,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":44,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.orbsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.orbsrv.com","domain":"orbsrv.com","tld":"com"},"ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"orbsrv.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 10:26:18 GMT","end":"Sun, 09 Nov 2025 10:26:17 GMT"},"fingerprint":{"sha1":"00:74:5D:38:3E:06:53:77:B8:F1:AE:17:A8:D6:76:6D:1A:00:70:42","sha256":"92:60:CE:DC:13:DC:18:C6:14:88:11:40:ED:8C:58:5B:97:94:42:B0:84:09:B9:2C:88:48:CF:94:97:09:B3:D4"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.orbsrv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":1,"connect":32,"send":0,"wait":32,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"POST /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 169\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 4915\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4915,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"cf8709996b0e1a4100a39fcc51f50515","sha1":"dedde23a14b9e1f9d7bfb3f3e3fc4aacc6a93842","sha256":"160373d54caf104dc7e190ce4bd4081befdbc97ca2abb0543bc1ae04d8380dab","sha512":"1330f17a41b994537c1bcc9aa15e644a6b3cabf66e84f91d328a911a495d7004ec9058d0affea6e03a1e3136a07e145c528aa8e20fb17b627668aa660b90709f","ssdeep":"48:ppp0SCzsP7UbnMJWFEbnWrePQkrXrs5r6risr4rkrStrdYcrhYrPn:pX09sPobMjbQ2QGbKUFaGS5d94P","tlshash":"23a1ed7e056881fdabff71a9c6071958676c11f3b2487c05ea9cc1b82cfa1d132b162b","first_seen":"2024-06-01T20:33:18Z","last_seen":"2026-01-18T16:45:57.13568Z","times_seen":68,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","date":"2025-10-10T10:39:01.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15344\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:57:38 GMT\r\nexpires: Fri, 09 Oct 2026 12:57:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 78083\r\nlast-modified: Mon, 16 Oct 2017 17:32:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15344, version 1.0","md5":"5d4aeb4e5f5ef754e307d7ffaef688bd","sha1":"06db651cdf354c64a7383ea9c77024ef4fb4cef8","sha256":"3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc","sha512":"7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48","ssdeep":"384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw","tlshash":"5162e16aef76dc7e4f1af1361c01b45404462290ba6155eff00d6e1d4eed1aff461392","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:27:07.148188Z","times_seen":535998,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":40,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/enterprise/webworker.js?hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q","date":"2025-10-10T10:39:02.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 352219\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 10 Oct 2025 10:01:06 GMT\r\nexpires: Sat, 10 Oct 2026 10:01:06 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 06 Oct 2025 04:00:11 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 2276\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":824931,"size_decoded":0,"mime_type":"text/javascript","magic":"data","md5":"5bce9e85f38aa11d35ab51517f8d07e4","sha1":"44102e17b879843f3ce36a51c0f132d11a24588a","sha256":"1a828972d3e667311b0fe5662301cc433f2c5e97d5018cbd331c4c59ad34d311","sha512":"08489944c9e40c9f71bad98402a22467e3de06545feab6314b08a2510224d75eae877604b64bb37f281f3bb5e1408b3a3c2ef71ec9c742120c002fe553b751b0","ssdeep":"12288:l4zpNa1FTCz4BpuKYXsrFoCvL67G1+zEnHYJ7HlEiU9J:OzBkruKYsuyO7G1gs4JBhk","tlshash":"66054ad87112b5e59322b9f2a067201da37ea535c84c4c5eb29588f12ef1c4e70b6ef7","first_seen":"2025-10-07T06:40:38.110565Z","last_seen":"2026-03-30T18:12:53.501353Z","times_seen":16338,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T10:38:59.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: text/html;charset=UTF-8\r\nx-powered-by: PHP/7.2.34\r\nx-host: kosdegmedmeg.com\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 12556564\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"ExoClick","description":"ExoClick is a Barcelona-based online advertising company, which provides online advertising services to both advertisers and publishers.","website":"https://www.exoclick.com","common_platform_enumeration":"","icon":"ExoClick.png","categories":["Advertising"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]}],"data":{"size":32930,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3163)","md5":"baf988d69e80942db7abd6c101ca2c81","sha1":"7deff9b83aaa04ee89c3c1d9aceb886f675c5bcd","sha256":"a9c2aedb16f588529091bbbb9dc74adaf474707495a421c77a6a24b061268576","sha512":"2d869bb6403100f5643e22b3417928cc8198c3f6f71d6e7df64aaccca9d8ba99b122881eaf895f21af06e31e6120eef994c7deec38fc65272aeb527b941376d1","ssdeep":"384:0E3zRAD+E4Qr0ZNIITeijS9p2X1PnTW0CxLYY83Vp+8nYt:r3zmy0PITBjS9p2X1vTNiLI3VQkYt","tlshash":"c1e294adbcfa4d51125341ec926b7208b421f10feb892480b59d45a41fc6ef5b8277df","first_seen":"2025-10-10T10:39:34.773967Z","last_seen":"2025-10-10T10:39:34.773967Z","times_seen":1,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":257,"dns":44,"connect":26,"send":0,"wait":151,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/images/loader/loading.webp","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/images/loader/loading.webp HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:29:37 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 1054\r\nlast-modified: Wed, 08 Oct 2025 07:28:00 GMT\r\netag: \"68e61280-41e\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 10072722 12551741\r\nage: 0\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1054,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32e9921a6e2174afbf4451c49adf1d4d","sha1":"f13214fa19e26a9210f0d237d39533c35eaa184d","sha256":"6a3e1b9c1e7f8766d521750f974dc78fe5ae55174d54c2eebbbe510c5887250e","sha512":"3c5d044b87f7a4e91620b3badbae4527a377a9a111906584f64f5d44ddd015932367620d993657512133457ad8e2593d746c7b06f02a9a5cbbdbee4972cbfd99","ssdeep":"","tlshash":"7b11b6fba396e6c0e1f45dfb60995800f71788148867dd961417b8b6f3a3280f50a7b8","first_seen":"2025-01-27T15:47:23.301014Z","last_seen":"2026-04-03T20:24:15.147791Z","times_seen":642,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/beh.engine?b=551\u0026o=1\u0026x=\u0026s=","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 01:00:18 GMT","end":"Sat, 29 Nov 2025 01:56:13 GMT"},"fingerprint":{"sha1":"1F:1D:97:E3:94:C0:3D:60:4A:4D:9F:3D:6E:0B:58:91:87:CF:3B:5D","sha256":"95:97:BE:B3:B2:08:B9:BB:49:A2:52:7D:BE:80:FB:FA:42:90:DC:15:FE:32:8E:85:DE:F2:22:A0:53:86:06:8F"}}},"request":{"raw":"GET /beh.engine?b=551\u0026o=1\u0026x=\u0026s= HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 10 Oct 2025 10:38:59 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":378,"timings":{"blocked":157,"dns":14,"connect":28,"send":0,"wait":55,"receive":0,"ssl":121},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.dsp7c5.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.dsp7c5.com","domain":"dsp7c5.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dsp7c5.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 Aug 2025 11:53:58 GMT","end":"Mon, 24 Nov 2025 11:53:57 GMT"},"fingerprint":{"sha1":"E3:4E:D9:10:53:5D:D2:5D:FB:61:19:58:38:3B:38:3D:17:E9:46:16","sha256":"18:96:0D:0B:77:86:30:32:2C:85:BC:02:26:1C:21:45:28:FF:93:1E:18:61:95:5E:34:1E:88:7C:99:4B:BF:BF"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.dsp7c5.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.dsp7c5.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":179,"dns":54,"connect":41,"send":0,"wait":26,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 352219\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 10 Oct 2025 10:01:06 GMT\r\nexpires: Sat, 10 Oct 2026 10:01:06 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 06 Oct 2025 04:00:11 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 2274\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":824931,"size_decoded":0,"mime_type":"text/javascript","magic":"data","md5":"5bce9e85f38aa11d35ab51517f8d07e4","sha1":"44102e17b879843f3ce36a51c0f132d11a24588a","sha256":"1a828972d3e667311b0fe5662301cc433f2c5e97d5018cbd331c4c59ad34d311","sha512":"08489944c9e40c9f71bad98402a22467e3de06545feab6314b08a2510224d75eae877604b64bb37f281f3bb5e1408b3a3c2ef71ec9c742120c002fe553b751b0","ssdeep":"12288:l4zpNa1FTCz4BpuKYXsrFoCvL67G1+zEnHYJ7HlEiU9J:OzBkruKYsuyO7G1gs4JBhk","tlshash":"66054ad87112b5e59322b9f2a067201da37ea535c84c4c5eb29588f12ef1c4e70b6ef7","first_seen":"2025-10-07T06:40:38.110565Z","last_seen":"2026-03-30T18:12:53.501353Z","times_seen":16338,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":32,"connect":16,"send":0,"wait":10,"receive":38,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/confirmExplicit","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"POST /consent/confirmExplicit HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 568\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"urlvanish.com/8ec66b7a","fqdn":"urlvanish.com","domain":"urlvanish.com","tld":"com"},"ip":{"addr":"172.67.215.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T10:38:58.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"urlvanish.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 14:28:31 GMT","end":"Tue, 23 Dec 2025 15:25:52 GMT"},"fingerprint":{"sha1":"C6:07:DB:FD:92:44:7B:54:44:B1:94:B7:63:F2:77:7E:A4:A3:1D:4D","sha256":"60:31:C9:03:22:7B:18:47:55:C2:46:E6:0C:1A:22:39:C9:BF:84:88:73:3F:C1:31:9B:93:9E:8A:6A:72:7B:67"}}},"request":{"raw":"GET /8ec66b7a HTTP/1.1\r\nHost: urlvanish.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Fri, 10 Oct 2025 10:38:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://greenplacetech.com/?a=10070\u0026c=56524\u0026s1=fridayx3?referer=urlvanish.com%2F8ec66b7a\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p2mDlQaS%2BSk6Fae6u%2BuLocs3jlCGmrzlMDeisF2qVOu%2BNxiu4xSnvKyRemGfOchjATJadZFNN1M6EiIgQYb0XLP4wUOO0coNL7vN\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-security-policy: default-src 'self'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; upgrade-insecure-requests; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://cdnjs.cloudflare.com; connect-src 'self' https://www.google-analytics.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://cdnjs.cloudflare.com https://fonts.gstatic.com\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nset-cookie: PHPSESSID=90e37601f97c8b813f860c7006176ec9; Secure; Path=/\r\ncf-ray: 98c57dc21bd9712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":32930,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":230,"dns":5,"connect":1,"send":0,"wait":203,"receive":0,"ssl":225},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"greenplacetech.com/?a=10070\u0026c=56524\u0026s1=fridayx3?referer=urlvanish.com%2F8ec66b7a","fqdn":"greenplacetech.com","domain":"greenplacetech.com","tld":"com"},"ip":{"addr":"52.206.208.112","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T10:38:59.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.greenplacetech.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 09 Jan 2025 04:55:39 GMT","end":"Tue, 10 Feb 2026 04:55:38 GMT"},"fingerprint":{"sha1":"6D:14:24:FF:92:61:8C:B1:B8:31:9C:67:15:4F:39:00:94:91:3E:5C","sha256":"1D:83:CE:97:E0:9C:A1:FA:AD:89:47:22:18:C5:F2:8E:BD:14:6E:27:D5:56:AB:32:3D:8C:75:47:B6:A3:6A:2B"}}},"request":{"raw":"GET /?a=10070\u0026c=56524\u0026s1=fridayx3?referer=urlvanish.com%2F8ec66b7a HTTP/1.1\r\nHost: greenplacetech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Length: 251\r\nContent-Type: text/html; charset=utf-8\r\nDate: Fri, 10 Oct 2025 10:38:59 GMT\r\nLocation: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nP3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nSet-Cookie: sid=8wGd+AGapF0T5cx0kv9lRMZJRVw89tIPU3bxgqIDYwWF8FTL3/GvDg==; domain=.greenplacetech.com; path=/; HttpOnly\ntrk=ERK/KENazS2APa7/86BGGMZJRVw89tIPU3bxgqIDYwWF8FTL3/GvDg==; domain=.greenplacetech.com; expires=Sun, 10-Oct-2027 10:38:59 GMT; path=/; HttpOnly\nc3922=8wGd+AGapF3XB4MBMzZKGJzGoAgDp0OaUORNAxE6gRTXjB9PuHEiKA==; domain=.greenplacetech.com; expires=Fri, 10-Oct-2025 10:38:59 GMT; path=/; HttpOnly\r\nConnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":32930,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":1040,"timings":{"blocked":437,"dns":33,"connect":97,"send":0,"wait":161,"receive":0,"ssl":309},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"greenplacetech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/css/theme/pornhub.css","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/css/theme/pornhub.css HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:21:37 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: text/css;charset=UTF-8\r\nx-powered-by: PHP/7.2.34\r\nx-host: kosdegmedmeg.com\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 12139025 12553757\r\nage: 0\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":15632,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"12bb6456f13fa0cfc130dde86e34bf4b","sha1":"cca1b8a3af0b2c54b34aa54fbd2ba3267877cc72","sha256":"670e8f1169612bf4f51990292746e1aa8f716c55de4fe909466853cd8274e995","sha512":"35002e3cea390110255604029dee05f3e46b4c28feb0c7abdddbd524ee64ca642bebc2182791cf3cefb9a4ea0dfc160a0a818be9f305609781fb76d2e969bcdd","ssdeep":"192:/WJHxZ2ttK0/leM5Wkhmmt+JSY0XJxpYGQhd:rF/V0ST5DYJ","tlshash":"1d622a62f2f5894731278aac125295ac273c51d1d48a4f3df2be74f8e6cc5c478ba8c6","first_seen":"2025-08-06T09:43:12.707969Z","last_seen":"2026-02-01T11:15:39.595657Z","times_seen":19,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.eln3ax.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.eln3ax.com","domain":"eln3ax.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eln3ax.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 06 Oct 2025 06:12:34 GMT","end":"Sun, 04 Jan 2026 06:12:33 GMT"},"fingerprint":{"sha1":"5B:95:E5:8E:6C:3D:2A:30:3E:B8:12:FF:5A:7D:34:40:40:A2:12:4E","sha256":"92:BF:30:90:75:A0:3D:60:49:C8:4C:0F:9D:F8:CF:22:45:6F:EC:01:45:6C:C5:62:45:27:38:E6:77:6E:5E:C4"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.eln3ax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.eln3ax.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":349,"timings":{"blocked":148,"dns":53,"connect":28,"send":0,"wait":30,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.eln3ax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.opoxv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.opoxv.com","domain":"opoxv.com","tld":"com"},"ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opoxv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 10:25:12 GMT","end":"Sun, 09 Nov 2025 10:25:11 GMT"},"fingerprint":{"sha1":"68:5E:F5:98:80:4F:51:62:3E:34:DE:D7:9A:F2:A6:B0:4D:A9:FF:09","sha256":"BC:6E:9E:51:56:04:CF:25:D2:4F:63:33:72:D6:77:40:07:C1:10:91:CA:BE:47:D5:EE:CA:5F:0A:5C:EE:D5:DD"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.opoxv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":1,"connect":26,"send":0,"wait":32,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.opoxv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 Aug 2025 10:23:20 GMT","end":"Sun, 09 Nov 2025 10:23:19 GMT"},"fingerprint":{"sha1":"55:BE:EE:FC:B1:CE:38:D7:E3:0B:2C:85:5B:6D:AB:D5:10:D4:4A:F5","sha256":"24:7B:E3:CE:C3:89:75:CF:67:F0:7D:DE:47:E2:76:14:8C:B0:ED:F5:77:94:62:09:16:06:5A:DE:2E:51:00:4F"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":283,"timings":{"blocked":113,"dns":3,"connect":27,"send":0,"wait":33,"receive":0,"ssl":100},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/favicon/favicon.ico","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /favicon/favicon.ico HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nserver: Apache/2.4.58 (Ubuntu)\r\ncontent-length: 282\r\ncontent-type: text/html; charset=iso-8859-1\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":282,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"ee513a6aa8f28901a5df2751005dc37c","sha1":"58b9976f11ddb91efb4af6e255d9c49227c70138","sha256":"e1fe2f289e01b8159824613bdf9b84406f4d1b7cf73c5bd4ab854bd0c8c7163a","sha512":"27378523580a51a43b73bdaa775c440163631919e12ba05520c87675b7030f3af97bc0f85264696f28f25be7dcf5d228394da241a0d80e2aaca66f61f635d0ad","ssdeep":"","tlshash":"ead02b9e5443a28b481315617ac629c2264c13faa43a89e86dc6e48b629853ecd9b6dc","first_seen":"2023-12-03T19:55:43Z","last_seen":"2026-02-01T11:15:39.584054Z","times_seen":45,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.chmsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.chmsrv.com","domain":"chmsrv.com","tld":"com"},"ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chmsrv.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 07:05:31 GMT","end":"Mon, 22 Dec 2025 07:05:30 GMT"},"fingerprint":{"sha1":"DC:69:AA:7A:CB:99:90:71:5F:8E:4A:2E:80:64:31:D2:4A:2B:D1:38","sha256":"24:AA:6E:63:97:AA:BE:6E:8F:C5:FC:E2:68:69:F1:70:BC:FB:F6:C7:E2:0F:52:E3:E6:39:02:2E:FE:D5:BA:F7"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.chmsrv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.chmsrv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":415,"timings":{"blocked":191,"dns":66,"connect":50,"send":0,"wait":28,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.chmsrv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.chmsrv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:18 GMT","end":"Mon, 08 Dec 2025 08:34:17 GMT"},"fingerprint":{"sha1":"33:09:D4:D3:61:83:44:73:CF:04:5A:44:53:2E:B5:36:64:BB:FC:7F","sha256":"86:F0:16:7D:8B:24:BC:17:6C:2B:06:E6:05:A6:33:43:10:A0:61:A6:BA:81:FB:58:ED:0A:DC:0B:AE:5D:08:C6"}}},"request":{"raw":"GET /recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\ncontent-security-policy: script-src 'nonce-nXhMvnsYiTsWsr5UCwD-fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":77530,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (56639)","md5":"6c5fba0c3916ff0e6a7fd2c632316363","sha1":"51cbccf1ef4248b54a75b8a6ca6617f4cb362b23","sha256":"f608ef61ffb20cec6225c52e29a2387f15957eb10cc93c0cdd15316f2343ad1f","sha512":"3b92b7862c5cf8fb4c01240fbd136f4b100134f67e38c2e27e3844621d0bd295c26a90884002894d3bab36ecfd3c98df0eef3cb3fced1ee4dd721c19b66ed015","ssdeep":"1536:ikrc6GGMkGmnbft9z1k4KytdQ1JVfTnCAHCWdvFD/eVnfo:ikr13xz1k7MdQ1JVdHRdvlehg","tlshash":"a7739f26570774afefbb8f8173c636a8533e6149209344dd17fe05a48daac96b27438c","first_seen":"2025-10-10T10:39:34.798241Z","last_seen":"2025-10-10T10:39:34.798241Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtm.js?id=GTM-KBRH6NB HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nexpires: Fri, 10 Oct 2025 10:39:01 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 10 Oct 2025 09:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 116381\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":352590,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9761)","md5":"30ac07948e41526122fb7496f3e320e3","sha1":"b4449961ae6470f1365d306a3acd39c9b1e80785","sha256":"a190ba32a0b26b14c3cf8361b7c9a3d80567a9a399e4a20b3fbb779b897c3696","sha512":"6776d3d0359b32ce56aa95d1e8117c01be6eb1e60f07cbde4432384ae6d920d91e2aec4529d83392e213a9b60dfb09ec232f443a4a36374f83c473bcec0c61b8","ssdeep":"3072:YvR2am+So4npn/06s6VIkDcajIu1yeZGbQU4vT8PWNjxW55204O/ZhuAzFjA://npn2hk0uwb7n+Nju5204O/hJE","tlshash":"bb7418cdb3d674228393a478503f018bb57b2892b44cc899f189cdd42e74aaa5277f7d","first_seen":"2025-10-10T10:39:34.810709Z","last_seen":"2025-10-10T10:39:34.810709Z","times_seen":1,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":86,"dns":9,"connect":21,"send":0,"wait":35,"receive":53,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/images/landing064/default/default/slide03.webp?geo=no","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:11.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/images/landing064/default/default/slide03.webp?geo=no HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_QXFHHE16V3=GS2.1.s1760092742$o1$g0$t1760092742$j60$l0$h0; _ga=GA1.1.1064309950.1760092742; d_fs=1; d_uid=da9a698f-b89b-a0b7-0a6d-9390821f130b; d_uidb=da9a698f-b89b-a0b7-0a6d-9390821f130b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:37:35 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 30946\r\nlast-modified: Wed, 08 Oct 2025 07:28:00 GMT\r\netag: \"68e61280-78e2\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 11876032 12519905\r\nage: 0\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":30946,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b37d262415279e676718dcec0bae4e84","sha1":"151e7d00c6f42ece98f767d5b0c8b540969f2071","sha256":"1e66088dcf94faed12c5aa15d5b6b41a79ddab8776b60c63f0149b08805aa394","sha512":"678c3a39f542ad2d48ce5a8c323ed917d90e1da52e7fe87ab195d41f91c8552ad5dc97f387c8d08d5b5a1af5787ff3e71dd131b3980068a8148d7ed174d67426","ssdeep":"768:5mn3y3OmTekv826KvCYVtMxEGZufXfg1f+0fB0Mcnv03TfyC1l+7TC:In3fhd26KvCYVtMxZufXK1SMcWfhl+y","tlshash":"29d2d189ee4d1a1ded09597a4f411ebe92f866780033dbf5dc6e404b41a7eb00b34587","first_seen":"2025-07-12T05:15:22.761849Z","last_seen":"2026-03-30T02:40:55.065566Z","times_seen":13,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":76,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.chnsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.chnsrv.com","domain":"chnsrv.com","tld":"com"},"ip":{"addr":"95.211.229.247","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chnsrv.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 18:41:58 GMT","end":"Fri, 12 Dec 2025 18:41:57 GMT"},"fingerprint":{"sha1":"3B:86:83:D3:C2:FA:8F:B3:2D:67:B2:E7:C0:73:C9:1D:F2:F2:F1:72","sha256":"AA:EB:D4:ED:D1:EC:8B:24:91:40:9E:07:E2:5F:23:F4:D2:2B:9C:FD:28:0F:5D:22:9B:59:1A:22:CA:E4:24:95"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.chnsrv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.chnsrv.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":94,"dns":1,"connect":26,"send":0,"wait":41,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"s.chnsrv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/translations/nb-no2.json","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/translations/nb-no2.json HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:38 GMT\r\nserver: nginx/1.14.2\r\ncontent-length: 132068\r\nx-guploader-uploadid: AAwnv3KqLxfDwmQo0IUILOQdOUD7qq8eyuFAqPJwcLA6lyneOe484mx3Nmwds2An0CMvZyYRsuEMKD8\r\nx-goog-generation: 1760082309223387\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 132068\r\nx-goog-hash: crc32c=QFbBFA==, md5=sDm7lHbiE551LnJ2/mddJQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 3143\r\nlast-modified: Fri, 10 Oct 2025 09:45:48 GMT\r\netag: \"b039bb9476e2139e752e7276fe675d25\"\r\ncontent-type: application/json\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":132068,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (940)","md5":"9c9c471f189c9bb7e7bbad06a01fac0e","sha1":"9aacd9ca26e0b1eba976036eb111593479696860","sha256":"895ad0c521ba2e02abeaf1aea7834cf5aed8b1fa4507ce3462ba5f57218f8c74","sha512":"05c0646d24547cdc7fb7f73ce2a98cc413f99418bafa79f29aa76a23452b509fd22db0ecc2fbdaf0865ebe7cb916d326939b742fdf38952510b6744fbdeba12a","ssdeep":"1536:Vvjr+WSiUPlfNqd7R8BP6uDr0Y0iBCpXlJYZnLmje1vqiv4sDEB6WI:xj6RfPtw3MPNDr01iyKgepqG9","tlshash":"f5d35fb1e492af2350d01274f8a56503953c85679f84b4e5b78c876e0fcf96f38ba24e","first_seen":"2025-10-10T03:24:59.015678Z","last_seen":"2025-10-17T08:01:13.687316Z","times_seen":18,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/favicon/apple-touch-icon-180x180.png","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /favicon/apple-touch-icon-180x180.png HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nserver: Apache/2.4.58 (Ubuntu)\r\ncontent-length: 282\r\ncontent-type: text/html; charset=iso-8859-1\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":282,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"ee513a6aa8f28901a5df2751005dc37c","sha1":"58b9976f11ddb91efb4af6e255d9c49227c70138","sha256":"e1fe2f289e01b8159824613bdf9b84406f4d1b7cf73c5bd4ab854bd0c8c7163a","sha512":"27378523580a51a43b73bdaa775c440163631919e12ba05520c87675b7030f3af97bc0f85264696f28f25be7dcf5d228394da241a0d80e2aaca66f61f635d0ad","ssdeep":"","tlshash":"ead02b9e5443a28b481315617ac629c2264c13faa43a89e86dc6e48b629853ecd9b6dc","first_seen":"2023-12-03T19:55:43Z","last_seen":"2026-02-01T11:15:39.584054Z","times_seen":45,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","date":"2025-10-10T10:39:01.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42514\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 10 Oct 2025 10:00:41 GMT\r\nexpires: Sat, 10 Oct 2026 10:00:41 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 06 Oct 2025 04:00:11 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 2300\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":82951,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1dad30337202f6db53b8d7916218b39a","sha1":"99407cbb64189004ef4c7122251f569fdc2d8d8d","sha256":"60870879fe9da0249afa57c27bc3e76b009269faf9d3c774d63d08bb82a0e0ad","sha512":"9c43c9c9e390a6bda5fa0824e7e691661c265e2c5ba12ee2a1abea4ff74744c92dda1937c7c313edf03509a764c584f14e462ccdaeaf68ab339b911e680d0ad4","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOIsCdthXwW5l1Dx7:1GRFauOxLA/+IcTOsLX1","tlshash":"c4838e7338513b39fc2b9b616186b9edf22cc423e5514bfab5457a20c3db1968253b07","first_seen":"2025-10-07T06:40:38.165447Z","last_seen":"2026-03-30T18:12:53.578199Z","times_seen":16354,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dev.visualwebsiteoptimizer.com/j.php?a=795793\u0026u=https%3A%2F%2Fwww.kosdegmedmeg.com%2Flanding64%3Fcat%3Ddefault%26pi%3D10070%26pt1%3D211571139%26pe%3Dfridayx3%253freferer%253durlvanish.com%252f8ec66b7a\u0026vn=2.1\u0026x=true","fqdn":"dev.visualwebsiteoptimizer.com","domain":"visualwebsiteoptimizer.com","tld":"com"},"ip":{"addr":"34.107.218.251","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.visualwebsiteoptimizer.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Mon, 30 Jun 2025 05:18:44 GMT","end":"Mon, 06 Jul 2026 12:37:36 GMT"},"fingerprint":{"sha1":"AD:3C:B3:A5:65:90:0E:71:2F:52:95:F7:12:FA:99:7E:5F:0D:83:C7","sha256":"4D:E2:09:AF:13:71:59:93:2F:66:C9:9D:76:8C:54:00:A0:D5:A0:36:D6:9C:9A:AD:17:85:8D:D0:A1:5E:04:B1"}}},"request":{"raw":"GET /j.php?a=795793\u0026u=https%3A%2F%2Fwww.kosdegmedmeg.com%2Flanding64%3Fcat%3Ddefault%26pi%3D10070%26pt1%3D211571139%26pe%3Dfridayx3%253freferer%253durlvanish.com%252f8ec66b7a\u0026vn=2.1\u0026x=true HTTP/1.1\r\nHost: dev.visualwebsiteoptimizer.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:38:59 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=0, no-cache, must-revalidate\r\nserver: gams2\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2865,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2545)","md5":"6061ae6d459c6be9288f6d6f0a2d4558","sha1":"25ec9f29433678ba91c1a59243330dedb813f5c1","sha256":"9b19fd3f4956bd05150e35cf4fdfae3d2e8e63bf0da0455b69fc43739316bdae","sha512":"aa782c1b20c6a4602ec1f5c0da373e941b330e312f820b79240c446da1e7b50c2736f19e44546cb1f3a7ece360d15e04cc7cbba8514f8da2da4342ffa6383ec0","ssdeep":"","tlshash":"ab5152fb0052456601fb08916baf7f18b3a40737c848d098c9a69b0cf637b1fe106af6","first_seen":"2025-10-10T10:39:34.83564Z","last_seen":"2025-10-10T10:39:34.83564Z","times_seen":1,"resource_available":true,"data":null}},"time_used":563,"timings":{"blocked":248,"dns":0,"connect":26,"send":0,"wait":64,"receive":0,"ssl":220},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samlesamtykke.com/cc.js?wId=7NAbiKFF1VQ7gWk99P3mAj\u0026domain=kosdegmedmeg.com\u0026languageCode=nb\u0026languageTerritory=NO\u0026sessionId=960d9909077b4a50af7de7cf8a0005ff","fqdn":"samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"GET /cc.js?wId=7NAbiKFF1VQ7gWk99P3mAj\u0026domain=kosdegmedmeg.com\u0026languageCode=nb\u0026languageTerritory=NO\u0026sessionId=960d9909077b4a50af7de7cf8a0005ff HTTP/1.1\r\nHost: samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 20692\r\ncontent-type: application/javascript\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":159186,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"db31570e4026bcc20d5faff20d2bdc5a","sha1":"5ffef3f76112e6e0e55dcac12b2f51a7c846ff6a","sha256":"ce458541a0455df27a69167fee546a568b14b62b5e6de8da3624539eaefaaccf","sha512":"aa2b1ca8713c1d97bd92dd62460886711a38137257577bbed68b92c06e1f35b75209173ec20cd2f164ab125be8c527327d9bea730e54f9121c96ed520d0d629f","ssdeep":"1536:kDA9ANRksb7jGaxkGCNMPWiaDQnNJ/rsdNJOTfn5aLNTiTeVdT0k1WfEV1mBHRMo:0AMksb7jGa1bH510wj","tlshash":"5ff32e4a35e7563242df707e4e4f609cb134852714099800bcac97d88fb5f2866fafea","first_seen":"2025-10-10T10:39:34.842011Z","last_seen":"2025-10-10T10:39:34.842011Z","times_seen":1,"resource_available":true,"data":null}},"time_used":798,"timings":{"blocked":374,"dns":6,"connect":18,"send":0,"wait":64,"receive":4,"ssl":325},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"OPTIONS /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.kosdegmedmeg.com/\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":55,"dns":12,"connect":12,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"OPTIONS /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.kosdegmedmeg.com/\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tsyndicate.com/api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959","fqdn":"tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"94.130.134.159","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tsyndicate.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 20:10:41 GMT","end":"Thu, 11 Dec 2025 20:10:40 GMT"},"fingerprint":{"sha1":"25:5B:D4:FE:8D:85:CA:1A:7D:3A:B0:58:EC:2D:7A:B0:62:90:21:1F","sha256":"DF:0A:26:3C:A9:CF:97:54:23:20:C6:11:EB:C6:8C:7F:02:14:58:C8:F6:3B:08:10:27:BF:78:67:09:32:DC:9C"}}},"request":{"raw":"GET /api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959 HTTP/1.1\r\nHost: tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\npragma: no-cache\r\nexpires: 0\r\nvary: *\r\nx-api-version: 2\r\nset-cookie: ts_rt_bff23756-21d2-46e2-8261-55d262650959=AAMC; expires=Sat, 10 Oct 2026 10:39:00 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, no-transform\r\nx-robots-tag: none, noindex, nofollow\r\nreport-to: { \"url\": \"https://pxl.tsyndicate.com/api/v1/heavy-ad/report\", \"max_age\": 86401 }\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\npermissions-policy: ch-ua-model=(self \"https://tsyndicate.com\"), ch-ua-platform-version=(self)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ba036c43037cfe89320d1ef7b64cd43f","sha1":"88c72d3e26047eb1e45e5564a76427734f120efe","sha256":"42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb","sha512":"aa80ccd27c05eb729f730b9d830b011650bcf12cbb25d19edf29efcf962c7465bb5685a5ff5d084356c6710c08e829d16b59e7a59a41767eb14744f326b6c124","ssdeep":"","tlshash":"19900403f5400003d175d03107170340134cd110057c0307405d505cdc553510c01010","first_seen":"2023-05-10T09:10:20Z","last_seen":"2026-04-03T20:24:15.155336Z","times_seen":14406,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":69,"dns":2,"connect":25,"send":0,"wait":26,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel.rtbix.com/r?hash=dYmamhQsJL3dBvu","fqdn":"pixel.rtbix.com","domain":"rtbix.com","tld":"com"},"ip":{"addr":"172.67.188.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rtbix.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 06:19:55 GMT","end":"Wed, 10 Dec 2025 07:18:02 GMT"},"fingerprint":{"sha1":"EE:A3:37:97:4A:37:3B:07:5D:B5:EE:54:A3:35:BB:35:2F:0B:CE:6B","sha256":"29:12:67:27:37:BD:3B:C6:E1:A1:5D:D8:EA:2A:2B:22:48:84:DA:6A:8F:27:84:E0:D8:57:9B:F4:4E:D3:13:81"}}},"request":{"raw":"GET /r?hash=dYmamhQsJL3dBvu HTTP/1.1\r\nHost: pixel.rtbix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: private, max-age=0, no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6hjui4367Qi1yDqHk40DLmcOm1MWyJqyr917NOvoPrWrYgz4t%2BaSgu7fwjLzIyyIqV%2BQ9xFhF3H5PetqAiaVcGXnMCyw9HUHDNvtSeg%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98c57dccadf77130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":187,"dns":4,"connect":1,"send":0,"wait":52,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","date":"2025-10-10T10:39:01.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:47:50 GMT\r\nexpires: Fri, 09 Oct 2026 11:47:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 16 Oct 2017 17:33:02 GMT\r\ncontent-type: font/woff2\r\nage: 82271\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15552,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15552, version 1.0","md5":"285467176f7fe6bb6a9c6873b3dad2cc","sha1":"ea04e4ff5142ddd69307c183def721a160e0a64e","sha256":"5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7","sha512":"5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1","ssdeep":"384:HDKhlQ8AGL0dgUoEGBQTc7r6QYMkyr/iobA2E4/jKcJZI7lhzi:jslQ+LhUoTB0Qr6Qjkg/DmcJufzi","tlshash":"8462e103f2bc4c01e786193ebb5870237205272619efa67780ce7ea4c65ec81a39b457","first_seen":"2023-04-05T04:58:40Z","last_seen":"2026-04-03T20:27:07.193105Z","times_seen":338456,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":39,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw-cdn2.adtng.com/delivery/idsync/idsync.min.js","fqdn":"hw-cdn2.adtng.com","domain":"adtng.com","tld":"com"},"ip":{"addr":"151.101.131.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adtng.com","organization":"AYLO Premium Ltd"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 28 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:67:8C:D2:F3:88:16:3D:99:D4:20:FD:1B:49:11:66:D1:6A:9F:43","sha256":"1A:A3:49:5D:8F:EA:EA:8E:F5:2F:82:5F:FF:33:C6:FF:50:0C:CF:FF:CA:65:5C:0A:74:2F:DB:27:1B:12:CF:EA"}}},"request":{"raw":"GET /delivery/idsync/idsync.min.js HTTP/1.1\r\nHost: hw-cdn2.adtng.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.19.9.1\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 03 Sep 2025 18:59:06 GMT\r\netag: \"d827-63dea32e8ecb5\"\r\nexpires: Mon, 05 Jan 2026 04:16:56 GMT\r\ncache-control: max-age=10660606, stale-while-revalidate=86400, stale-if-error=86400\r\nvia: 1.1 varnish, 1.1 varnish\r\nlei-timing: fetch=29451,misspass=106,do_stream=0\r\nlei-origin: shield=AMS,alternate_path=0,port=80,name=shield_cache_ams2100142_AMS,reason=OK,method=GET,host=hw-cdn2.adtng.com\r\nbackend_is_origin: 0\r\naccept-ranges: bytes\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\nage: 2716606\r\nx-served-by: cache-ams2100142-AMS, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 67, 19709\r\nx-timer: S1760092740.466246,VS0,VE0\r\naccess-control-allow-origin: *\r\ncontent-length: 55335\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55328), with no line terminators","md5":"314cda749bceaf674446b0b6e294595a","sha1":"691325db17552447e53fb6a090a736955edaebc5","sha256":"875c9225e41341067eee9916c855e4e636ce8554784aecddcddee14a4467098e","sha512":"4dbef550be549df2aa5640cf8f91611d7e42d4551516863f293ba08c6d10ae37cc5441cc763440949d5cf4f4686e93ad1b67fc827c3b0766ff2bac41178ac640","ssdeep":"768:66VT558z8h4yo3pc9NwlJWDNEqLcgOKq8wOElg+:6qZxo3peNMJWZEqLcBZ","tlshash":"874318c9b2c3b06852a338b9443f200ab23e7e56641d8851e562d5d1bc79e5f9233fbd","first_seen":"2025-09-03T22:43:19.182619Z","last_seen":"2026-03-28T10:16:01.915212Z","times_seen":949,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":70,"dns":25,"connect":13,"send":0,"wait":14,"receive":16,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/js/vendor.js","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/js/vendor.js HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:37:23 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 08 Oct 2025 07:28:10 GMT\r\netag: W/\"68e6128a-1e2ae\"\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 11590564 11884423\r\nage: 0\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":123566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60065)","md5":"eb221caebd85f232dcd5435ec4af5826","sha1":"a2ccd51c3c129dbecae49da51f23269a229d5d73","sha256":"9c4142a61bac423bb043345712ed5a61f7625b080639056808ba0363ed1f7fce","sha512":"d36aa1d230518eb8e03d3077298b075d5be85b87ac521ddb51b3dff647f2e9aa45dea7b76bd16432dbf737896759114db2cdd82c7d25fa24413135f7158aa825","ssdeep":"1536:L6LiB3wGnUL6oXHUbxmyBWpsbm1Tmu9dnI9ETHCRlNzDnXEYsSBuPTn8GlDKUQTi:+lmKi6TCtErPTnoL0fZ","tlshash":"a5c339ce72c6706247ab31ba046f550bf23a5959384d8840f169e4e5bc71b8e8277f3e","first_seen":"2025-09-18T09:39:11.638322Z","last_seen":"2025-10-15T08:25:51.740731Z","times_seen":81,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/images/landing064/default/default/slide01.webp?geo=no","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:01.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/images/landing064/default/default/slide01.webp?geo=no HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:01 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 30572\r\nlast-modified: Wed, 08 Oct 2025 07:28:00 GMT\r\netag: \"68e61280-776c\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 28323924\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":30572,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bcd20b5371bc48c741ce6e8c0f0d3976","sha1":"eb591905d32f4b081e01370fcae0d69116e0f391","sha256":"d26448bf3019b75bc0f6d7991563f1080987ba2826a4ca0e3728985fdb6a9ec9","sha512":"c2f489f1aa5c03e0dee399d6e6376d1b16125a5b43e0948c268c4d391f1a79873d74b979a57ca6352fb1b08585110f02cd65c8e0cf84a1ed59c8f58d8ea65713","ssdeep":"768:t5p2rFE5Hz+rJjoV/1CHp+O2iItkYC/N4Xsn:t5MrFERyoV/2pf2pvC/Nrn","tlshash":"0dd2d149b9079717fc8f28b1d7a24a68e7302d0a920193fa44ff757c90d7e851b2e726","first_seen":"2025-07-12T05:15:22.755562Z","last_seen":"2026-03-30T02:40:55.064444Z","times_seen":13,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"OPTIONS /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.kosdegmedmeg.com/\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/images/landing064/default/default/slide02.webp?geo=no","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:06.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/images/landing064/default/default/slide02.webp?geo=no HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_QXFHHE16V3=GS2.1.s1760092742$o1$g0$t1760092742$j60$l0$h0; _ga=GA1.1.1064309950.1760092742; d_fs=1; d_uid=da9a698f-b89b-a0b7-0a6d-9390821f130b; d_uidb=da9a698f-b89b-a0b7-0a6d-9390821f130b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:06 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 26622\r\nlast-modified: Wed, 08 Oct 2025 07:28:00 GMT\r\netag: \"68e61280-67fe\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 12525929\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26622,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"26d3fa98bfc681b4e8758a7fb7df8194","sha1":"d139c9dfb8c386dc8cf40dc4371925cd3387113b","sha256":"893c044a32b4bb5a8ea9359b356d7b730d7238c0ff840f1344109341918dd0de","sha512":"db5b26ea828e9d4033554f0a7f8c72a1c7a07f6466245e2e3381c34b94d4b17824d58ef0b05e460b209b162ac0d15b1bcabd2760ecdb4bc4d47fd81561f050c9","ssdeep":"768:ivmYsNo5AcBMILloDlqhAIyt5FMiNvKfzqeVmo9Ix7:ivHM2oDlqhAJt5nNvxUIF","tlshash":"69c2bf0536a5ef42f50f69b20a191a1da946d9083361ccfb9492d3bccba71c8dd3539f","first_seen":"2025-07-12T05:15:22.751168Z","last_seen":"2026-03-30T02:40:55.072147Z","times_seen":13,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":78,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/js/landing064.js","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/js/landing064.js HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:37:24 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 08 Oct 2025 07:28:10 GMT\r\netag: W/\"68e6128a-10849\"\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 11884798 12429479\r\nage: 0\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":67657,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65473), with no line terminators","md5":"1c36703fb2389ad2e3bbb22b658f8e7f","sha1":"f9880c64bbdc22f8c69c975912baaaa05ce166f6","sha256":"1f729e78cdc3dfc5505d791118411c34271a31c4c5852e31e4a3ca4acabdde7c","sha512":"a7863975e3eac5bcd4a4a3af8ef98652ca540788e8c26cea6af27e7e425dcb81752789a8dc84198c35685abe4b1c83d174270ac742bb9096cd620d517a5d3e2f","ssdeep":"768:wyYFEbtir+z4v4irVJxfBEPakztAPLRT4D+sKYzUhvukpCI+h6ixH/iyhTCcOZSN:wT+btiqrAtYAYWB47/U7S/","tlshash":"fb630a8cb2a5b1a2035360f9502f110aa377ac689c4d4860f714d8d53d7ad8ab77bf7e","first_seen":"2025-10-10T10:39:34.885697Z","last_seen":"2025-10-10T10:39:34.885697Z","times_seen":1,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/load","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"OPTIONS /consent/load HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.kosdegmedmeg.com/\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.atsptp.com/link/da9a698f-b89b-a0b7-0a6d-9390821f130b/origin/a/oldd/da9a698f-b89b-a0b7-0a6d-9390821f130b","fqdn":"sync.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 17:50:37 GMT","end":"Sat, 03 Jan 2026 17:50:36 GMT"},"fingerprint":{"sha1":"7A:BC:85:53:25:22:B5:55:B4:F9:F9:CC:2B:48:5F:5A:72:43:2D:93","sha256":"D4:46:67:C0:E0:87:AB:76:FA:58:F5:8A:95:43:15:B1:C0:28:77:79:3C:CC:B5:F0:D8:60:77:A2:04:8A:BB:F2"}}},"request":{"raw":"POST /link/da9a698f-b89b-a0b7-0a6d-9390821f130b/origin/a/oldd/da9a698f-b89b-a0b7-0a6d-9390821f130b HTTP/1.1\r\nHost: sync.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 144\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nset-cookie: d_uidb=da9a698f-b89b-a0b7-0a6d-9390821f130b; Max-Age=31536000; Expires=Sat, 10 Oct 2026 10:39:03 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncontent-length: 36\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":36,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"8cf85fc642dff46afaf8860cde87ce49","sha1":"f2e022363533c12aae9c2f5478813132ea7ad7e6","sha256":"314b5622d8301b0ff74b3e310bdc593cac99197e79fa11276b81b0393ddd0d93","sha512":"2065ff99d869b3d6bb7e4a2917fa298ff0b65cc71562f7c2b2eb4dff21af000e01bd10b73ff076bb94215415a8c94fd12c7a8f2ea2a59ddfc4871f3f3fd5858b","ssdeep":"","tlshash":"bc8000af30a8380a8fb30a0a8a38302c88a02302f8e208ce30388080a802208cc20832","first_seen":"2025-10-07T06:40:48.524971Z","last_seen":"2026-01-06T07:20:06.239522Z","times_seen":437,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","date":"2025-10-10T10:39:01.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:51:00 GMT\r\nexpires: Thu, 16 Oct 2025 11:51:00 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 82081\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-03T20:29:21.837805Z","times_seen":540466,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/landers/images/general/rotate.webp","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /landers/images/general/rotate.webp HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:37:23 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 5878\r\nlast-modified: Wed, 08 Oct 2025 07:27:59 GMT\r\netag: \"68e6127f-16f6\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 12429920 12181451\r\nage: 0\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":5878,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9582c3b7e1ebb38ab1b07c922b08b640","sha1":"4fe27b10652b9cae783ae82ba5756ece0f774893","sha256":"3cac0de3a00899092c360f3e40dfdd51306af87923201db4df5f1218d373279e","sha512":"a9715a6b243f52a3d9cd57235ab18647bff05720ca9213ff7bf32e1ccfae192642af4b2cbec7cfe18201fcf7e70d9d6bf783bab3ddc50cdef8e6f40f09fafdb3","ssdeep":"96:WKeoum0n2hzX5+gkVpDDVjiIZOjYjKWDZIGN+Ww/8+7Hh+MoazELZzhsx9v2fIv:kouf2Vmf/V+InJDZZNu9HcM7kZzhQR","tlshash":"1cc18d00d504fa2a1c85e91668fea2256411c0a066f890e4afbfe853f535235de890df","first_seen":"2025-04-16T01:09:11.664137Z","last_seen":"2026-04-03T20:24:15.151679Z","times_seen":720,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/beh.engine?b=551\u0026o=1\u0026x=\u0026s=","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 01:00:18 GMT","end":"Sat, 29 Nov 2025 01:56:13 GMT"},"fingerprint":{"sha1":"1F:1D:97:E3:94:C0:3D:60:4A:4D:9F:3D:6E:0B:58:91:87:CF:3B:5D","sha256":"95:97:BE:B3:B2:08:B9:BB:49:A2:52:7D:BE:80:FB:FA:42:90:DC:15:FE:32:8E:85:DE:F2:22:A0:53:86:06:8F"}}},"request":{"raw":"GET /beh.engine?b=551\u0026o=1\u0026x=\u0026s= HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 10 Oct 2025 10:38:59 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.zlinkt.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0","fqdn":"s.zlinkt.com","domain":"zlinkt.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zlinkt.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 21:24:53 GMT","end":"Fri, 12 Dec 2025 21:24:52 GMT"},"fingerprint":{"sha1":"86:C1:2C:65:C3:4A:95:9C:B8:48:D6:38:A9:9C:A3:D0:E1:17:05:19","sha256":"99:54:56:C6:FF:EA:85:45:8D:3F:D8:76:26:22:55:9B:86:53:30:9B:32:21:AD:0A:86:9F:AD:9F:BE:3B:B3:98"}}},"request":{"raw":"GET /tag.php?goal=d8cdfe8a962b6255a777da4356d197f0 HTTP/1.1\r\nHost: s.zlinkt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 10:39:00 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: goals=a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-10-10%22%3B%7D%7D; expires=Sat, 10 Oct 2026 10:39:00 GMT; path=/; domain=.zlinkt.com; Secure; SameSite=none\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":67,"connect":48,"send":0,"wait":36,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.atsptp.com/d/product/35062/jsfp/f19649becd04a7b1236c68996483e544","fqdn":"sync.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 17:50:37 GMT","end":"Sat, 03 Jan 2026 17:50:36 GMT"},"fingerprint":{"sha1":"7A:BC:85:53:25:22:B5:55:B4:F9:F9:CC:2B:48:5F:5A:72:43:2D:93","sha256":"D4:46:67:C0:E0:87:AB:76:FA:58:F5:8A:95:43:15:B1:C0:28:77:79:3C:CC:B5:F0:D8:60:77:A2:04:8A:BB:F2"}}},"request":{"raw":"GET /d/product/35062/jsfp/f19649becd04a7b1236c68996483e544 HTTP/1.1\r\nHost: sync.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nset-cookie: d_uidb=da9a698f-b89b-a0b7-0a6d-9390821f130b; Max-Age=31536000; Expires=Sat, 10 Oct 2026 10:39:03 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncontent-length: 36\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":36,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"8cf85fc642dff46afaf8860cde87ce49","sha1":"f2e022363533c12aae9c2f5478813132ea7ad7e6","sha256":"314b5622d8301b0ff74b3e310bdc593cac99197e79fa11276b81b0393ddd0d93","sha512":"2065ff99d869b3d6bb7e4a2917fa298ff0b65cc71562f7c2b2eb4dff21af000e01bd10b73ff076bb94215415a8c94fd12c7a8f2ea2a59ddfc4871f3f3fd5858b","ssdeep":"","tlshash":"bc8000af30a8380a8fb30a0a8a38302c88a02302f8e208ce30388080a802208cc20832","first_seen":"2025-10-07T06:40:48.524971Z","last_seen":"2026-01-06T07:20:06.239522Z","times_seen":437,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.kosdegmedmeg.com/img/logo.png","fqdn":"www.kosdegmedmeg.com","domain":"kosdegmedmeg.com","tld":"com"},"ip":{"addr":"34.149.196.159","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:00.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kosdegmedmeg.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 06:31:34 GMT","end":"Fri, 19 Dec 2025 07:24:27 GMT"},"fingerprint":{"sha1":"8B:1C:A0:AE:D4:A1:15:91:A9:8B:C7:7B:9C:92:99:F4:18:F7:27:BA","sha256":"29:37:8F:37:E7:D2:78:06:46:B7:11:F7:C9:86:48:33:32:16:6F:85:33:E1:BB:1B:01:3A:1E:C3:E3:86:83:0E"}}},"request":{"raw":"GET /img/logo.png HTTP/1.1\r\nHost: www.kosdegmedmeg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:00 GMT\r\nserver: Apache/2.4.58 (Ubuntu)\r\nvary: X-Forwarded-Proto\r\nlast-modified: Thu, 09 Oct 2025 13:58:02 GMT\r\netag: \"17ee-640ba308b58bc\"\r\naccept-ranges: bytes\r\ncontent-length: 6126\r\nx-ua-compatible: IE=edge,chrome=1\r\ncontent-type: image/png\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":6126,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced","md5":"2fbb68fe742bd3e95460943a0145a6a4","sha1":"83bf1d33d998ffd85f86e1a4054f2027231c9027","sha256":"c6397e3b8650383e006e29f14541c065bf9509f2bb7908df127a666c445205d3","sha512":"14ed6866cb91f1e5918b9fb44e06db7ec5bda7e28d8b270f5999438fda9078b94f7a12fde2cb7aa88bb27295f11d337d9a00ec094cb7fd53b2021c088b2144b9","ssdeep":"96:wwqKLu44WTApgeWdP/CO5HscfdTM+L9YUVdbvmPgd7bBiCvpXtjlUd6FXa:wk8ViyO+odnL9YUvvmPgdvB3vpXtPFq","tlshash":"94c18e95cdc6b85114d5e01233eb86ef0b680c954f54b1e85ed0a1397360bff881c6a7","first_seen":"2023-12-03T19:55:43Z","last_seen":"2026-02-01T11:15:39.604706Z","times_seen":29,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly93d3cua29zZGVnbWVkbWVnLmNvbTo0NDM.\u0026hl=en\u0026v=bGi-DxR800F5_ueMVcTwXc6q\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=mrn5e2h8vq0","date":"2025-10-10T10:39:01.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 352219\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 10 Oct 2025 10:01:06 GMT\r\nexpires: Sat, 10 Oct 2026 10:01:06 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 06 Oct 2025 04:00:11 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 2275\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":824931,"size_decoded":0,"mime_type":"text/javascript","magic":"data","md5":"5bce9e85f38aa11d35ab51517f8d07e4","sha1":"44102e17b879843f3ce36a51c0f132d11a24588a","sha256":"1a828972d3e667311b0fe5662301cc433f2c5e97d5018cbd331c4c59ad34d311","sha512":"08489944c9e40c9f71bad98402a22467e3de06545feab6314b08a2510224d75eae877604b64bb37f281f3bb5e1408b3a3c2ef71ec9c742120c002fe553b751b0","ssdeep":"12288:l4zpNa1FTCz4BpuKYXsrFoCvL67G1+zEnHYJ7HlEiU9J:OzBkruKYsuyO7G1gs4JBhk","tlshash":"66054ad87112b5e59322b9f2a067201da37ea535c84c4c5eb29588f12ef1c4e70b6ef7","first_seen":"2025-10-07T06:40:38.110565Z","last_seen":"2026-03-30T18:12:53.501353Z","times_seen":16338,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"POST /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 169\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 4915\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4915,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"cf8709996b0e1a4100a39fcc51f50515","sha1":"dedde23a14b9e1f9d7bfb3f3e3fc4aacc6a93842","sha256":"160373d54caf104dc7e190ce4bd4081befdbc97ca2abb0543bc1ae04d8380dab","sha512":"1330f17a41b994537c1bcc9aa15e644a6b3cabf66e84f91d328a911a495d7004ec9058d0affea6e03a1e3136a07e145c528aa8e20fb17b627668aa660b90709f","ssdeep":"48:ppp0SCzsP7UbnMJWFEbnWrePQkrXrs5r6risr4rkrStrdYcrhYrPn:pX09sPobMjbQ2QGbKUFaGS5d94P","tlshash":"23a1ed7e056881fdabff71a9c6071958676c11f3b2487c05ea9cc1b82cfa1d132b162b","first_seen":"2024-06-01T20:33:18Z","last_seen":"2026-01-18T16:45:57.13568Z","times_seen":68,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":88,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"OPTIONS /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.kosdegmedmeg.com/\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.atsptp.com/d/product/35062/jsfp/f19649becd04a7b1236c68996483e544","fqdn":"sync.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 17:50:37 GMT","end":"Sat, 03 Jan 2026 17:50:36 GMT"},"fingerprint":{"sha1":"7A:BC:85:53:25:22:B5:55:B4:F9:F9:CC:2B:48:5F:5A:72:43:2D:93","sha256":"D4:46:67:C0:E0:87:AB:76:FA:58:F5:8A:95:43:15:B1:C0:28:77:79:3C:CC:B5:F0:D8:60:77:A2:04:8A:BB:F2"}}},"request":{"raw":"GET /d/product/35062/jsfp/f19649becd04a7b1236c68996483e544 HTTP/1.1\r\nHost: sync.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nset-cookie: d_uidb=da9a698f-b89b-a0b7-0a6d-9390821f130b; Max-Age=31536000; Expires=Sat, 10 Oct 2026 10:39:03 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncontent-length: 36\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":36,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"8cf85fc642dff46afaf8860cde87ce49","sha1":"f2e022363533c12aae9c2f5478813132ea7ad7e6","sha256":"314b5622d8301b0ff74b3e310bdc593cac99197e79fa11276b81b0393ddd0d93","sha512":"2065ff99d869b3d6bb7e4a2917fa298ff0b65cc71562f7c2b2eb4dff21af000e01bd10b73ff076bb94215415a8c94fd12c7a8f2ea2a59ddfc4871f3f3fd5858b","ssdeep":"","tlshash":"bc8000af30a8380a8fb30a0a8a38302c88a02302f8e208ce30388080a802208cc20832","first_seen":"2025-10-07T06:40:48.524971Z","last_seen":"2026-01-06T07:20:06.239522Z","times_seen":437,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":61,"dns":12,"connect":19,"send":0,"wait":141,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/confirmExplicit","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"OPTIONS /consent/confirmExplicit HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.kosdegmedmeg.com/\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/load","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:03.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 21:21:36 GMT","end":"Wed, 31 Dec 2025 22:17:31 GMT"},"fingerprint":{"sha1":"50:01:17:8A:98:F9:7F:1F:84:04:31:24:CD:75:75:3A:67:D7:DA:C9","sha256":"31:BF:AC:74:BE:3A:AD:00:0E:89:F4:75:91:C5:8F:86:53:7F:77:6B:EE:9E:DF:54:BD:BB:BC:4E:9E:AC:E3:22"}}},"request":{"raw":"POST /consent/load HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 190\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 10:39:03 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 736\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":736,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"58e83cd9d459bbdf182f3352d3ba12c9","sha1":"36c34fa9ff68da624bdcf597e903cd5883b7d7ac","sha256":"0c20c370c27736f4ef840f0c53481365f8aa804893b3009c5a5e605af84f82d7","sha512":"44e0fc3178335b3b7850e33ac5ae270e2ad4ac39b077c89d10bc9909babd6d74d951067b4f8c81cc3ca992d602bcfd3e92433d423da8af59cf3bbd99b72d5ceb","ssdeep":"","tlshash":"84019011b2bff53be05c56977021a59a8e087375e59012ed0864fd7644c2f63a80d3c3","first_seen":"2024-06-25T05:45:48Z","last_seen":"2026-04-03T20:24:15.161674Z","times_seen":627,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.google-analytics.com/g/collect?v=2\u0026tid=G-QXFHHE16V3\u0026gtm=45je5a80v9106874940z89103010110za200zb9103010110zd9103010110\u0026_p=1760092741362\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1064309950.1760092742\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105322302~115480709~115616986~115834636~115834638~115868792~115868794~115995680~115995682\u0026sid=1760092742\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fwww.kosdegmedmeg.com%2Flanding64%3Fcat%3Ddefault%26pi%3D10070%26pt1%3D211571139%26pe%3Dfridayx3%253freferer%253durlvanish.com%252f8ec66b7a\u0026dt=Kosdegmedmeg.com\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026ep.user_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026epn.loading_time=0\u0026ep.screen_size=1280x1024\u0026tfd=3536","fqdn":"region1.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.kosdegmedmeg.com/landing64?cat=default\u0026pi=10070\u0026pt1=211571139\u0026pe=fridayx3%3freferer%3durlvanish.com%2f8ec66b7a","date":"2025-10-10T10:39:02.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-QXFHHE16V3\u0026gtm=45je5a80v9106874940z89103010110za200zb9103010110zd9103010110\u0026_p=1760092741362\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1064309950.1760092742\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105322302~115480709~115616986~115834636~115834638~115868792~115868794~115995680~115995682\u0026sid=1760092742\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fwww.kosdegmedmeg.com%2Flanding64%3Fcat%3Ddefault%26pi%3D10070%26pt1%3D211571139%26pe%3Dfridayx3%253freferer%253durlvanish.com%252f8ec66b7a\u0026dt=Kosdegmedmeg.com\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026ep.user_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026epn.loading_time=0\u0026ep.screen_size=1280x1024\u0026tfd=3536 HTTP/1.1\r\nHost: region1.google-analytics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.kosdegmedmeg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.kosdegmedmeg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://www.kosdegmedmeg.com\r\ndate: Fri, 10 Oct 2025 10:39:02 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0\r\nreport-to: {\"group\":\"ascnsrsggc:102:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":41,"dns":1,"connect":11,"send":0,"wait":17,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}