{"report_id":"b7c5bfd6-e63a-442f-bc93-aba0c031da79","version":6,"status":"done","tags":[],"date":"2025-03-06T08:38:04Z","url":{"schema":"http","addr":"eakjkj.wy5532.com/","fqdn":"eakjkj.wy5532.com","domain":"wy5532.com","tld":"com"},"ip":{"addr":"185.107.56.199","port":0,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"c.trackmytarget.com/?a=pe58f6\u0026i=fmfdl5\u0026click_id=v030400012124e75ad9c3414c4982af2d01353bd8def2\u0026r=https%3A%2F%2Fsinful.no","fqdn":"c.trackmytarget.com","domain":"trackmytarget.com","tld":"com"},"title":"c.trackmytarget.com/?a=pe58f6\u0026i=fmfdl5\u0026click_id=v030400012124e75ad9c3414c4982af2d01353bd8def2\u0026r=https%3A%2F%2Fsinful.no"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T08:38:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"click-v4.explodasclksec.com","ip":{"addr":"198.134.116.17","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"domain_registered":"2024-12-01","domain_rank":0,"first_seen":"2025-02-17T15:11:07Z","last_seen":"2025-03-04T14:15:06.937297Z","alert_count":0,"request_count":1,"received_data":13218,"sent_data":517,"comment":"","tags":null,"fingerprints":null},{"fqdn":"clcktrck.com","ip":{"addr":"3.73.249.248","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2023-02-28","domain_rank":0,"first_seen":"2021-01-31T11:30:46Z","last_seen":"2025-03-05T11:06:50.125887Z","alert_count":0,"request_count":2,"received_data":3879,"sent_data":1307,"comment":"","tags":null,"fingerprints":null},{"fqdn":"c.trackmytarget.com","ip":{"addr":"18.200.202.54","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2014-04-10","domain_rank":0,"first_seen":"2014-10-08T02:52:34Z","last_seen":"2025-02-27T13:54:02.919909Z","alert_count":0,"request_count":1,"received_data":415,"sent_data":623,"comment":"","tags":null,"fingerprints":null},{"fqdn":"eakjkj.wy5532.com","ip":{"addr":"172.93.103.102","port":443,"asn":23470,"as":"RELIABLESITE","country":"United States","country_code":"US"},"domain_registered":"2021-12-30","domain_rank":0,"first_seen":"2025-03-06T08:38:04.34998Z","last_seen":"2025-03-06T08:38:04.34998Z","alert_count":0,"request_count":3,"received_data":14514,"sent_data":1872,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lernodydenknow.info","ip":{"addr":"143.204.55.115","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-12-31","domain_rank":0,"first_seen":"2024-01-24T12:30:53Z","last_seen":"2025-02-27T02:07:44.770912Z","alert_count":0,"request_count":1,"received_data":14151,"sent_data":508,"comment":"","tags":null,"fingerprints":null},{"fqdn":"froloi.com","ip":{"addr":"172.67.191.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-10-15","domain_rank":0,"first_seen":"2024-10-25T23:47:39Z","last_seen":"2025-03-06T06:08:40.503904Z","alert_count":0,"request_count":1,"received_data":3235,"sent_data":638,"comment":"","tags":null,"fingerprints":null},{"fqdn":"filter.servsserverz.com","ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"domain_registered":"2023-07-05","domain_rank":0,"first_seen":"2024-12-05T06:13:57Z","last_seen":"2025-03-04T14:15:07.571212Z","alert_count":1,"request_count":1,"received_data":13258,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xml.responseservez.com","ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"domain_registered":"2023-07-05","domain_rank":0,"first_seen":"2024-07-24T22:32:02Z","last_seen":"2025-02-24T23:55:50.049389Z","alert_count":0,"request_count":2,"received_data":14982,"sent_data":1991,"comment":"","tags":null,"fingerprints":null},{"fqdn":"charmgriff.com","ip":{"addr":"172.67.159.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-08-31","domain_rank":0,"first_seen":"2023-08-31T16:49:50Z","last_seen":"2025-03-04T19:22:30.485919Z","alert_count":0,"request_count":2,"received_data":4917,"sent_data":1519,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r.bestadperf.com","ip":{"addr":"54.154.136.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2023-11-24","domain_rank":0,"first_seen":"2024-01-31T19:33:06Z","last_seen":"2025-02-27T11:04:16.228325Z","alert_count":2,"request_count":2,"received_data":3767,"sent_data":1557,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-03-06T08:37:46Z","timestamp":1741250266,"ip_dst":{"addr":"172.18.0.12","port":60944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-03-06T08:37:46.957640+0000\",\"flow_id\":606182538101786,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.134.116.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.12\",\"dest_port\":60944,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"filter.servsserverz.com\",\"url\":\"/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2641},\"files\":[{\"filename\":\"/filter\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2641,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":827,\"bytes_toclient\":4682,\"start\":\"2025-03-06T08:37:46.738330+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-02-06","alert":"Lumma Stealer","trigger":"r.bestadperf.com","verdict":"malicious","severity":"medium","comment":"Lumma Stealer","link":"https://threatfox.abuse.ch/","meta":null},{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-02-06","alert":"Lumma Stealer","trigger":"r.bestadperf.com","verdict":"malicious","severity":"medium","comment":"Lumma Stealer","link":"https://threatfox.abuse.ch/","meta":null}]}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"filter.servsserverz.com/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7","fqdn":"filter.servsserverz.com","domain":"servsserverz.com","tld":"com"},"ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"56f2e798b912606f085d36f4927629c4","sha1":"1b3407d3895ab71d08daa9f19e216a8ba79f6394","sha256":"229b43e4b5960428f468c286c539416a8729af10cb0387b28a29da78b4fc66db","sha512":"8be51ed006007fd06ba60bfa5cd72d3c1b9c1effd9c4000dfc75858bdea56c190c7f94f895ea5fc4a6dcc5118c20bbe4dd818bc2063eb47428431d4a33fd9a4e","ssdeep":"","tlshash":"fc6000000230a00a802800bc02022208a2a008820082800088000000b8200030020080","size":17,"data":"","first_seen":"2023-04-20T03:27:53Z","last_seen":"2026-02-17T07:38:22.620876Z","times_seen":1357,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-03-06T08:37:46Z","timestamp":1741250266,"ip_dst":{"addr":"172.18.0.12","port":60944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-03-06T08:37:46.957640+0000\",\"flow_id\":606182538101786,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.134.116.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.12\",\"dest_port\":60944,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"filter.servsserverz.com\",\"url\":\"/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2641},\"files\":[{\"filename\":\"/filter\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2641,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":827,\"bytes_toclient\":4682,\"start\":\"2025-03-06T08:37:46.738330+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"filter.servsserverz.com/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7","fqdn":"filter.servsserverz.com","domain":"servsserverz.com","tld":"com"},"ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"648a1a7595508fd9bce9f6dfeefade67","sha1":"15de73677a63e5c9bca6160719c10ef19cd37bc9","sha256":"51accdc1eaa0fc87e1534069c5390ff5227848673849a8d4c4bab758e523b00a","sha512":"66a7ba9485af2a90085f4950c605dacc5a9c13e2004f1971408a3c51d41ff77727438f8f0f0a94f45497f981e33fa97c23909f50f005fdc94731dedd38d68656","ssdeep":"192:civF1WdRQMPYSSYMMQkwXiw249iYylMh8nCmh85F4Uid0dR:civfWQ1SSxMQkwyw249tylMh8nCmh3Ur","tlshash":"a432fb4e7e273022422335b2142f810bb2779dbb764a08e1d6d3c5749e79dad522bf5c","size":11222,"data":"","first_seen":"2025-03-06T08:38:05.681327Z","last_seen":"2025-03-06T08:38:05.681327Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-03-06T08:37:46Z","timestamp":1741250266,"ip_dst":{"addr":"172.18.0.12","port":60944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-03-06T08:37:46.957640+0000\",\"flow_id\":606182538101786,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.134.116.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.12\",\"dest_port\":60944,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"filter.servsserverz.com\",\"url\":\"/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2641},\"files\":[{\"filename\":\"/filter\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2641,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":827,\"bytes_toclient\":4682,\"start\":\"2025-03-06T08:37:46.738330+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"r.bestadperf.com/v2/go?t=ot.pu%3An%2Fs.2rFc%25m3tsrteh.ro2%2Fea8pb55f1%26d%3Dfm2d95cc1i3k9ia%3D7040101002423ev5dd_cc4l4%264l8faf2i06383ed%3Dd%3Ffm%26c%3Dttgpa%25yAk2a%25tFci%2Ffsltnh\u0026e=1\u0026ai=659304a458f74d0bbb2e186ec9b53eed\u0026sct=0\u0026ct=1741250268764\u0026cu=e75ad9c3414c4982af2d01353bd8def2\u0026cs=a6c005ea4ec3e51fcff2af1f8264228b","fqdn":"r.bestadperf.com","domain":"bestadperf.com","tld":"com"},"ip":{"addr":"54.154.136.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d7d81528c7359a8f562b3b6800d6145","sha1":"f5f6c4282eaaf6de7dffa6875b94aecb25129971","sha256":"5644b776eff39bf57ac8b445370b993975996f2dc3403f8edcef3188db2f963c","sha512":"bed962ff555d8e1f5dbac728ab9df4ab9975a441389ce97edb17b388d666118eba1e981ba64a86911fc4ecead478677b928862b4df3600d4555346c68c904f4f","ssdeep":"","tlshash":"cd21c9697ca224a11ba7a82fa1ab1b0c52b3191bac0ac1447d7d6e849f62e212305799","size":1181,"data":"","first_seen":"2025-03-06T08:38:05.682218Z","last_seen":"2025-03-06T08:38:05.682218Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"click-v4.explodasclksec.com/click?i=KBDe6518nw4_0","fqdn":"click-v4.explodasclksec.com","domain":"explodasclksec.com","tld":"com"},"ip":{"addr":"198.134.116.17","port":443,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:45.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.explodasclksec.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Feb 2025 12:02:37 GMT","end":"Sun, 22 Mar 2026 12:02:36 GMT"},"fingerprint":{"sha1":"D9:87:33:92:5C:84:02:59:2E:A2:B0:5C:BE:59:34:F0:2C:7F:A1:70","sha256":"47:E3:4A:8F:01:8D:D1:FD:1E:A9:68:16:3E:97:6B:30:F0:7E:88:2E:DD:D7:8D:CC:09:0B:0C:27:E7:5A:05:09"}}},"request":{"raw":"GET /click?i=KBDe6518nw4_0 HTTP/1.1\r\nHost: click-v4.explodasclksec.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 06 Mar 2025 08:37:46 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-store\r\nLocation: https://lernodydenknow.info/redirect?tid=1029936\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":13016,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":801,"timings":{"blocked":322,"dns":0,"connect":103,"send":0,"wait":158,"receive":0,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"xml.responseservez.com/click?i=sbCDjHUrSZc_0\u0026p=1741250266.244025","fqdn":"xml.responseservez.com","domain":"responseservez.com","tld":"com"},"ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:46.493Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /click?i=sbCDjHUrSZc_0\u0026p=1741250266.244025 HTTP/1.1\r\nHost: xml.responseservez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: no-store\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: x3327657=442839262; Domain=.responseservez.com\r\nLocation: http://filter.servsserverz.com/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":13016,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":110,"dns":12,"connect":98,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"charmgriff.com/charm/?charm=https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026ctrl_offerid=6e6f5f73696e66756c2e6e6f\u0026ctrl_scid=52\u0026ctrl_aff=noc\u0026ctrl_vol_oid=1f7bbcb7-afc3-4eea-8f13-5f9aeca4a697\u0026uid=w4nmgqt7obkmug783d89mle6","fqdn":"charmgriff.com","domain":"charmgriff.com","tld":"com"},"ip":{"addr":"172.67.159.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:47.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"charmgriff.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Feb 2025 14:36:51 GMT","end":"Tue, 13 May 2025 15:35:34 GMT"},"fingerprint":{"sha1":"98:E1:00:76:43:51:5F:46:F3:77:04:31:78:5B:23:A6:41:9E:DE:92","sha256":"38:2A:AA:50:3B:F7:EE:6A:6A:8A:6C:AA:00:26:B2:43:21:52:0A:1D:17:8F:C2:A5:B3:A7:FB:25:D6:B2:28:CB"}}},"request":{"raw":"GET /charm/?charm=https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026ctrl_offerid=6e6f5f73696e66756c2e6e6f\u0026ctrl_scid=52\u0026ctrl_aff=noc\u0026ctrl_vol_oid=1f7bbcb7-afc3-4eea-8f13-5f9aeca4a697\u0026uid=w4nmgqt7obkmug783d89mle6 HTTP/1.1\r\nHost: charmgriff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://filter.servsserverz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 06 Mar 2025 08:37:48 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreferrer-policy: no-referrer\r\nlocation: /charm/?charm=https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026ctrl_offerid=6e6f5f73696e66756c2e6e6f\u0026ctrl_scid=52\u0026ctrl_aff=noc\u0026ctrl_vol_oid=1f7bbcb7-afc3-4eea-8f13-5f9aeca4a697\u0026uid=w4nmgqt7obkmug783d89mle6\u0026tg_rid=67c95edc00810953010271\u0026tg_s=dr1\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ZL6oawDZ%2FjjydM%2FWaRRF1ei9h6Q98BpBF3Z3RoRluhrLygxhiFW28MU8GaXRF9k8AQGnpvMyi8CfuIoh3obA0ObuMqt6x%2Bx4rwAJzcSJ1LGEsQcVrCU9FZKJhr4Yd9An4A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 91c0887d7972569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=6150\u0026min_rtt=555\u0026rtt_var=11102\u0026sent=8\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3209\u0026recv_bytes=1321\u0026delivery_rate=7063414\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=52c1f17ccb8603b4\u0026ts=333\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":49,"dns":24,"connect":1,"send":0,"wait":313,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"r.bestadperf.com/v2/go?t=ot.pu%3An%2Fs.2rFc%25m3tsrteh.ro2%2Fea8pb55f1%26d%3Dfm2d95cc1i3k9ia%3D7040101002423ev5dd_cc4l4%264l8faf2i06383ed%3Dd%3Ffm%26c%3Dttgpa%25yAk2a%25tFci%2Ffsltnh\u0026e=1\u0026ai=659304a458f74d0bbb2e186ec9b53eed\u0026sct=0\u0026ct=1741250268764\u0026cu=e75ad9c3414c4982af2d01353bd8def2\u0026cs=a6c005ea4ec3e51fcff2af1f8264228b","fqdn":"r.bestadperf.com","domain":"bestadperf.com","tld":"com"},"ip":{"addr":"54.154.136.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:48.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linksprf.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Jan 2025 06:14:21 GMT","end":"Thu, 17 Apr 2025 06:14:20 GMT"},"fingerprint":{"sha1":"71:03:11:6C:93:38:12:48:58:1C:32:ED:44:18:F4:88:C2:15:85:B1","sha256":"78:C5:A3:86:25:D5:71:30:94:6E:B5:85:97:D3:C2:BA:F5:96:2E:AE:8D:AD:A4:4B:49:E8:74:9A:A3:21:0C:74"}}},"request":{"raw":"GET /v2/go?t=ot.pu%3An%2Fs.2rFc%25m3tsrteh.ro2%2Fea8pb55f1%26d%3Dfm2d95cc1i3k9ia%3D7040101002423ev5dd_cc4l4%264l8faf2i06383ed%3Dd%3Ffm%26c%3Dttgpa%25yAk2a%25tFci%2Ffsltnh\u0026e=1\u0026ai=659304a458f74d0bbb2e186ec9b53eed\u0026sct=0\u0026ct=1741250268764\u0026cu=e75ad9c3414c4982af2d01353bd8def2\u0026cs=a6c005ea4ec3e51fcff2af1f8264228b HTTP/1.1\r\nHost: r.bestadperf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ykuid=00549eb856184ff090c23f846707bb02; JSESSIONID=D2A1DDFEFDFFDC6AFE8EC13219EB323D\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 06 Mar 2025 08:37:48 GMT\r\ncontent-type: text/html;charset=UTF-8\r\ncontent-length: 1454\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (1499), with no line terminators","md5":"69c63a39f70358943c0e74ad43fc1bbe","sha1":"4d3e7c100545d081ebe7a74a985e98d716661dca","sha256":"38261b25d7ab9989a179546af6f4185db8fb0c02a55dbe0402a02fa9e40d935d","sha512":"b7e2660ae5717dc2d35df0e1d5839d3eb1ee809a8e48fa746cd11e79c02244944f5ad86fc150809f84767751cf0077677325f4f848be21e510d7b430414b7dbc","ssdeep":"","tlshash":"0d31503a7c9524b21f53bdae62f35b0c01a3380a6c0280843dbd1f449baae3567127e9","first_seen":"2025-03-06T08:38:05.676642Z","last_seen":"2025-03-06T08:38:05.676642Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-02-06","alert":"Lumma Stealer","trigger":"r.bestadperf.com","verdict":"malicious","severity":"medium","comment":"Lumma Stealer","link":"https://threatfox.abuse.ch/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"xml.responseservez.com/click2?i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026j=rv%3Db%26ss%3D1280x1024%26ws%3D1280x1024%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6110%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3D%26lo%3Dfilter.servsserverz.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A134.0%29%2BGecko%252F20100101%2BFirefox%252F134.0%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1280x1024%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1264x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DMesa%26vrd%3Dllvmpipe%26pnt%3Dprompt%26cnvs%3D7f7f7f80","fqdn":"xml.responseservez.com","domain":"responseservez.com","tld":"com"},"ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:47.428Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /click2?i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026j=rv%3Db%26ss%3D1280x1024%26ws%3D1280x1024%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6110%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3D%26lo%3Dfilter.servsserverz.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%253B%2Brv%253A134.0%29%2BGecko%252F20100101%2BFirefox%252F134.0%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1280x1024%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1264x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D52%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DMesa%26vrd%3Dllvmpipe%26pnt%3Dprompt%26cnvs%3D7f7f7f80 HTTP/1.1\r\nHost: xml.responseservez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://filter.servsserverz.com/\r\nCookie: x3327657=442839262\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: no-store\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: https://froloi.com/970404bc-6288-4140-a2de-1d1805cb8150?banner=6725679\u0026pubfeed=244025\u0026siteid=1029936\u0026cost=0.00025\u0026conversion=x-sF8SE6Fu4\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026uid=w4nmgqt7obkmug783d89mle6","fqdn":"clcktrck.com","domain":"clcktrck.com","tld":"com"},"ip":{"addr":"3.73.249.248","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:48.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clcktrck.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Feb 2025 09:51:58 GMT","end":"Mon, 05 May 2025 09:51:57 GMT"},"fingerprint":{"sha1":"E0:0E:49:D0:35:29:20:12:66:F9:2B:CE:78:22:74:60:AD:C2:F7:0A","sha256":"1D:F0:8F:73:FD:CE:6B:50:71:79:09:F5:58:32:C4:90:09:AC:77:E5:05:97:04:38:E9:B0:7B:3C:BB:D8:B0:D2"}}},"request":{"raw":"GET /no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026uid=w4nmgqt7obkmug783d89mle6 HTTP/1.1\r\nHost: clcktrck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nReferrer-Policy: origin\r\nCache-Control: no-cache, private\r\nDate: Thu, 06 Mar 2025 08:37:48 GMT\r\nLocation: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/24be45420d78766b5aec34489d70625edb21466237bbbebacb0c1095511faf2104d2017a45dc97b71975a8c3f5b37ca22b84cbfbedb5d095d19c35d6bc6e1025921b2f07b72f585d829ef236a928ad3b52d2639d790c934edce0a4c4a6c781d2b9b1ad56e27e90502787cd2fb6254175\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":467,"timings":{"blocked":217,"dns":46,"connect":21,"send":0,"wait":31,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clcktrck.com/3340b07f6352b061e0908fa0e76668dc/24be45420d78766b5aec34489d70625edb21466237bbbebacb0c1095511faf2104d2017a45dc97b71975a8c3f5b37ca22b84cbfbedb5d095d19c35d6bc6e1025921b2f07b72f585d829ef236a928ad3b52d2639d790c934edce0a4c4a6c781d2b9b1ad56e27e90502787cd2fb6254175","fqdn":"clcktrck.com","domain":"clcktrck.com","tld":"com"},"ip":{"addr":"3.73.249.248","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:48.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clcktrck.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Feb 2025 09:51:58 GMT","end":"Mon, 05 May 2025 09:51:57 GMT"},"fingerprint":{"sha1":"E0:0E:49:D0:35:29:20:12:66:F9:2B:CE:78:22:74:60:AD:C2:F7:0A","sha256":"1D:F0:8F:73:FD:CE:6B:50:71:79:09:F5:58:32:C4:90:09:AC:77:E5:05:97:04:38:E9:B0:7B:3C:BB:D8:B0:D2"}}},"request":{"raw":"GET /3340b07f6352b061e0908fa0e76668dc/24be45420d78766b5aec34489d70625edb21466237bbbebacb0c1095511faf2104d2017a45dc97b71975a8c3f5b37ca22b84cbfbedb5d095d19c35d6bc6e1025921b2f07b72f585d829ef236a928ad3b52d2639d790c934edce0a4c4a6c781d2b9b1ad56e27e90502787cd2fb6254175 HTTP/1.1\r\nHost: clcktrck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nDate: Thu, 06 Mar 2025 08:37:48 GMT\r\nLocation: https://r.bestadperf.com/v1/redirect?url=https%3A%2F%2Fsinful.no\u0026api_key=526ce45b25e1f6dcb86f05e8f2c94e64\u0026site_id=172ec35490a342c89783ec6d5a5d7477\u0026type=url\u0026source=discounthero.org\u0026yk_tag=a6aae9ea9eb64ff5533458e99cc080a9\r\nReferrer-Policy: origin\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"r.bestadperf.com/v1/redirect?url=https%3A%2F%2Fsinful.no\u0026api_key=526ce45b25e1f6dcb86f05e8f2c94e64\u0026site_id=172ec35490a342c89783ec6d5a5d7477\u0026type=url\u0026source=discounthero.org\u0026yk_tag=a6aae9ea9eb64ff5533458e99cc080a9","fqdn":"r.bestadperf.com","domain":"bestadperf.com","tld":"com"},"ip":{"addr":"54.154.136.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:48.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linksprf.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Jan 2025 06:14:21 GMT","end":"Thu, 17 Apr 2025 06:14:20 GMT"},"fingerprint":{"sha1":"71:03:11:6C:93:38:12:48:58:1C:32:ED:44:18:F4:88:C2:15:85:B1","sha256":"78:C5:A3:86:25:D5:71:30:94:6E:B5:85:97:D3:C2:BA:F5:96:2E:AE:8D:AD:A4:4B:49:E8:74:9A:A3:21:0C:74"}}},"request":{"raw":"GET /v1/redirect?url=https%3A%2F%2Fsinful.no\u0026api_key=526ce45b25e1f6dcb86f05e8f2c94e64\u0026site_id=172ec35490a342c89783ec6d5a5d7477\u0026type=url\u0026source=discounthero.org\u0026yk_tag=a6aae9ea9eb64ff5533458e99cc080a9 HTTP/1.1\r\nHost: r.bestadperf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 06 Mar 2025 08:37:48 GMT\r\ncontent-length: 0\r\nset-cookie: ykuid=00549eb856184ff090c23f846707bb02; Path=/; Secure; Domain=.bestadperf.com; Max-Age=31536000; SameSite=None\nJSESSIONID=D2A1DDFEFDFFDC6AFE8EC13219EB323D; Path=/; HttpOnly\r\nlocation: /v2/go?t=ot.pu%3An%2Fs.2rFc%25m3tsrteh.ro2%2Fea8pb55f1%26d%3Dfm2d95cc1i3k9ia%3D7040101002423ev5dd_cc4l4%264l8faf2i06383ed%3Dd%3Ffm%26c%3Dttgpa%25yAk2a%25tFci%2Ffsltnh\u0026e=1\u0026ai=659304a458f74d0bbb2e186ec9b53eed\u0026sct=0\u0026ct=1741250268764\u0026cu=e75ad9c3414c4982af2d01353bd8def2\u0026cs=a6c005ea4ec3e51fcff2af1f8264228b\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":471,"timings":{"blocked":202,"dns":20,"connect":35,"send":0,"wait":66,"receive":0,"ssl":145},"alerts":{"ids":null,"analyzer":[{"sensor_name":"threatfox","sensor_type":"url","title":"","description":"ThreatFox","scan_date":"2025-02-06","alert":"Lumma Stealer","trigger":"r.bestadperf.com","verdict":"malicious","severity":"medium","comment":"Lumma Stealer","link":"https://threatfox.abuse.ch/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"charmgriff.com/charm/?charm=https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026ctrl_offerid=6e6f5f73696e66756c2e6e6f\u0026ctrl_scid=52\u0026ctrl_aff=noc\u0026ctrl_vol_oid=1f7bbcb7-afc3-4eea-8f13-5f9aeca4a697\u0026uid=w4nmgqt7obkmug783d89mle6\u0026tg_rid=67c95edc00810953010271\u0026tg_s=dr1","fqdn":"charmgriff.com","domain":"charmgriff.com","tld":"com"},"ip":{"addr":"172.67.159.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:48.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"charmgriff.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Feb 2025 14:36:51 GMT","end":"Tue, 13 May 2025 15:35:34 GMT"},"fingerprint":{"sha1":"98:E1:00:76:43:51:5F:46:F3:77:04:31:78:5B:23:A6:41:9E:DE:92","sha256":"38:2A:AA:50:3B:F7:EE:6A:6A:8A:6C:AA:00:26:B2:43:21:52:0A:1D:17:8F:C2:A5:B3:A7:FB:25:D6:B2:28:CB"}}},"request":{"raw":"GET /charm/?charm=https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026ctrl_offerid=6e6f5f73696e66756c2e6e6f\u0026ctrl_scid=52\u0026ctrl_aff=noc\u0026ctrl_vol_oid=1f7bbcb7-afc3-4eea-8f13-5f9aeca4a697\u0026uid=w4nmgqt7obkmug783d89mle6\u0026tg_rid=67c95edc00810953010271\u0026tg_s=dr1 HTTP/1.1\r\nHost: charmgriff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 06 Mar 2025 08:37:48 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026uid=w4nmgqt7obkmug783d89mle6\r\nreferrer-policy: no-referrer\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cghmb3aWf%2Fah0I%2FvizTg2vsR%2FnODuBEcMos%2BmyIgm8i8Uw%2FvzeuX7KbJ9Gwo30Sac%2BGAtsu8orLGywG6oqz0TdM4bwp8zD3yPj6NkNXtO%2BfqMCBHWE1NwRvMbFA2KxgJlg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 91c0887f7d53569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=4852\u0026min_rtt=555\u0026rtt_var=8495\u0026sent=11\u0026recv=14\u0026lost=0\u0026retrans=0\u0026sent_bytes=4059\u0026recv_bytes=1588\u0026delivery_rate=7063414\u0026cwnd=256\u0026unsent_bytes=0\u0026cid=52c1f17ccb8603b4\u0026ts=481\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.trackmytarget.com/?a=pe58f6\u0026i=fmfdl5\u0026click_id=v030400012124e75ad9c3414c4982af2d01353bd8def2\u0026r=https%3A%2F%2Fsinful.no","fqdn":"c.trackmytarget.com","domain":"trackmytarget.com","tld":"com"},"ip":{"addr":"18.200.202.54","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:49.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.trackmytarget.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 23 Feb 2024 21:15:38 GMT","end":"Wed, 26 Mar 2025 21:15:38 GMT"},"fingerprint":{"sha1":"AE:09:51:FA:44:21:A6:D4:5B:04:F3:0E:4F:72:F6:75:21:E1:2D:1E","sha256":"E9:5C:38:F7:B9:4B:37:6B:51:C5:3F:5F:A0:9F:66:56:56:CA:79:05:A5:FF:F9:9E:FA:B9:46:DA:98:98:99:A2"}}},"request":{"raw":"GET /?a=pe58f6\u0026i=fmfdl5\u0026click_id=v030400012124e75ad9c3414c4982af2d01353bd8def2\u0026r=https%3A%2F%2Fsinful.no HTTP/1.1\r\nHost: c.trackmytarget.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://r.bestadperf.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ndate: Thu, 06 Mar 2025 08:37:49 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":253,"size_decoded":0,"mime_type":"application/vnd.mozilla.json.view","magic":"JSON text data","md5":"ede99a9c7c5b02e8f061f9280ee66c27","sha1":"0637146379708fdff54158425c7b3bea47fc8110","sha256":"cd8e2e3b13bdce7dbdfa8c1d6d936baabbdfb932fdcf3a7ef20fc6639a7c5bc7","sha512":"b6d5b8cc631b525614cd7a98a51a692d29b1f096a573125be0389fa092f67b8f99f0ca804981ced3ce3214beab9bac260f1b192b1de5741f18d67b33a08e27bb","ssdeep":"","tlshash":"4ed097c48edc18519fcaeef2e0928f3c838b3c039502ae816e2c5d9c28860d8734c08b","first_seen":"2025-03-06T08:38:05.677581Z","last_seen":"2025-03-06T08:38:05.677581Z","times_seen":1,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":199,"dns":40,"connect":35,"send":0,"wait":155,"receive":0,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eakjkj.wy5532.com/","fqdn":"eakjkj.wy5532.com","domain":"wy5532.com","tld":"com"},"ip":{"addr":"172.93.103.102","port":443,"asn":23470,"as":"RELIABLESITE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:44.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wy5532.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Feb 2025 09:48:24 GMT","end":"Wed, 14 May 2025 09:48:23 GMT"},"fingerprint":{"sha1":"02:B7:9D:78:CB:6B:69:F1:B1:E5:07:DE:16:48:FE:28:8B:D7:FF:76","sha256":"5A:C9:B5:F2:94:94:49:1E:8F:7D:37:0C:56:71:37:14:B8:E6:22:5B:D4:B4:A3:A6:94:6B:F6:35:FE:5F:F9:7D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: eakjkj.wy5532.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 479\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 06 Mar 2025 08:37:44 GMT\r\nserver: Cowboy\r\nset-cookie: sid=46811bf2-fa66-11ef-9574-3f2a67d75ad4; path=/; domain=.wy5532.com; expires=Tue, 24 Mar 2093 11:51:51 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":479,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (479), with no line terminators","md5":"f9dd5bf7841aa79b43fc3323d0e10bf1","sha1":"0d2b802a0372a0293e65257138413c46e966c962","sha256":"a74844c1fc1af3759ad90294e65df37dff8a00a78a051043ce51f254799a8782","sha512":"596281aa6c2b815761024c380339b7b8ef647f11d085485af5fa09cb1598f72556f5391662eed16ac2271c30c4cc3a024afeba3ba150c1299e617e3e71a7c10a","ssdeep":"","tlshash":"10f0d4f79c4fc54db5e069448a9d55944588416230fdd4e571d85d5cb53138ebe0543c","first_seen":"2025-03-06T08:38:05.678398Z","last_seen":"2025-03-06T08:38:05.678398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1293,"timings":{"blocked":595,"dns":278,"connect":100,"send":0,"wait":102,"receive":0,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eakjkj.wy5532.com/?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc0MTI1NzQ2NCwiaWF0IjoxNzQxMjUwMjY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMGwyam92YnZxcTI5cW5oYjAzbTVjODciLCJuYmYiOjE3NDEyNTAyNjQsInRzIjoxNzQxMjUwMjY0ODI1NzMyfQ.R_d-3Xo8lHF_O9kwsGO13bxX2Kos4RPVyH2_EmsAydU\u0026sid=46811bf2-fa66-11ef-9574-3f2a67d75ad4","fqdn":"eakjkj.wy5532.com","domain":"wy5532.com","tld":"com"},"ip":{"addr":"172.93.103.102","port":443,"asn":23470,"as":"RELIABLESITE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:45.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wy5532.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Feb 2025 09:48:24 GMT","end":"Wed, 14 May 2025 09:48:23 GMT"},"fingerprint":{"sha1":"02:B7:9D:78:CB:6B:69:F1:B1:E5:07:DE:16:48:FE:28:8B:D7:FF:76","sha256":"5A:C9:B5:F2:94:94:49:1E:8F:7D:37:0C:56:71:37:14:B8:E6:22:5B:D4:B4:A3:A6:94:6B:F6:35:FE:5F:F9:7D"}}},"request":{"raw":"GET /?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc0MTI1NzQ2NCwiaWF0IjoxNzQxMjUwMjY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMGwyam92YnZxcTI5cW5oYjAzbTVjODciLCJuYmYiOjE3NDEyNTAyNjQsInRzIjoxNzQxMjUwMjY0ODI1NzMyfQ.R_d-3Xo8lHF_O9kwsGO13bxX2Kos4RPVyH2_EmsAydU\u0026sid=46811bf2-fa66-11ef-9574-3f2a67d75ad4 HTTP/1.1\r\nHost: eakjkj.wy5532.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://eakjkj.wy5532.com/\r\nCookie: sid=46811bf2-fa66-11ef-9574-3f2a67d75ad4\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 11\r\ndate: Thu, 06 Mar 2025 08:37:45 GMT\r\nlocation: http://click-v4.explodasclksec.com/click?i=KBDe6518nw4_0\r\nserver: Cowboy\r\nset-cookie: sid=46811bf2-fa66-11ef-9574-3f2a67d75ad4; path=/; domain=.wy5532.com; expires=Tue, 24 Mar 2093 11:51:52 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":13016,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lernodydenknow.info/redirect?tid=1029936","fqdn":"lernodydenknow.info","domain":"lernodydenknow.info","tld":"info"},"ip":{"addr":"143.204.55.115","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:46.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lernodydenknow.info","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 24 Dec 2024 00:00:00 GMT","end":"Fri, 23 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D1:10:57:B7:4C:3B:57:96:C0:87:5C:9C:9B:06:CC:44:D5:AF:DB:E2","sha256":"3A:5B:52:E5:27:E0:D0:39:EF:12:52:53:5F:9C:E0:9C:31:A0:0A:E9:FF:C1:7E:54:91:18:22:A5:0A:ED:39:D2"}}},"request":{"raw":"GET /redirect?tid=1029936 HTTP/1.1\r\nHost: lernodydenknow.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nlocation: http://xml.responseservez.com/click?i=sbCDjHUrSZc_0\u0026p=1741250266.244025\r\ndate: Thu, 06 Mar 2025 08:37:46 GMT\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nset-cookie: AWSALB=G//kni7aRZVyRWudZEZLWMZdn7xuv1mmPt+2naw/8Lr/JRY7qyQI137rVvmNpFvoFKu+sj9BMl02+JEtc7DsEmjtDaHxxcpY0O9TuknGUT1mv5bxi/5/Dkbtv/Fw; Expires=Thu, 13 Mar 2025 08:37:46 GMT; Path=/\nAWSALBCORS=G//kni7aRZVyRWudZEZLWMZdn7xuv1mmPt+2naw/8Lr/JRY7qyQI137rVvmNpFvoFKu+sj9BMl02+JEtc7DsEmjtDaHxxcpY0O9TuknGUT1mv5bxi/5/Dkbtv/Fw; Expires=Thu, 13 Mar 2025 08:37:46 GMT; Path=/; SameSite=None\ncsu=fcdc40fe-8572-4435-bca7-9c52cb0c9d0c\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: iQ2BtUWP6HdJ1BmVIeETRRwXq4pIhLQTSxbojhPL2TVNJHU-xVq_YA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":13016,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":439,"timings":{"blocked":18,"dns":6,"connect":1,"send":0,"wait":403,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"froloi.com/970404bc-6288-4140-a2de-1d1805cb8150?banner=6725679\u0026pubfeed=244025\u0026siteid=1029936\u0026cost=0.00025\u0026conversion=x-sF8SE6Fu4","fqdn":"froloi.com","domain":"froloi.com","tld":"com"},"ip":{"addr":"172.67.191.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:47.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"froloi.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Feb 2025 21:54:38 GMT","end":"Tue, 13 May 2025 22:52:19 GMT"},"fingerprint":{"sha1":"D5:23:91:8D:B6:D7:40:F6:0D:3A:E7:8A:12:6F:68:0D:9F:E9:CC:35","sha256":"F7:5A:2E:3C:E6:12:96:EA:7C:60:13:BB:5B:79:19:A7:90:24:C7:9E:C3:08:2C:3D:ED:23:3E:BD:D2:A1:F4:60"}}},"request":{"raw":"GET /970404bc-6288-4140-a2de-1d1805cb8150?banner=6725679\u0026pubfeed=244025\u0026siteid=1029936\u0026cost=0.00025\u0026conversion=x-sF8SE6Fu4 HTTP/1.1\r\nHost: froloi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://filter.servsserverz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 06 Mar 2025 08:37:47 GMT\r\ncontent-length: 0\r\nlocation: https://charmgriff.com/charm/?charm=https://clcktrck.com/no/s/red_u_plain.php?t=direct\u0026s=22170\u0026d=sinful.no\u0026pub=22170\u0026ctrl_offerid=6e6f5f73696e66756c2e6e6f\u0026ctrl_scid=52\u0026ctrl_aff=noc\u0026ctrl_vol_oid=1f7bbcb7-afc3-4eea-8f13-5f9aeca4a697\u0026uid=w4nmgqt7obkmug783d89mle6\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nset-cookie: 970404bc-6288-4140-a2de-1d1805cb8150-v4=tGfFbA20NL5sgtlnKELDsNMwbK49wR450nXmkqqkqqg; Max-Age=86400; Expires=Fri, 07 Mar 2025 08:37:47 GMT; Domain=froloi.com; Path=/; HttpOnly\ncc-v4=tlK%2FIayfnlxSLPxJA1ReDgOMeRliEMer%2Bi6lnjJa%2BBrz325ZNR4uBwfFHY6W5CI%2B2iTAJig6pS7Y%2BXf6%2BBUTlsk18WcfeHnr0n0GECaJ%2Fq6kgjqToJmfTZCuxDe%2FoMKlXPYUoO6JuiwJ%2Fv4QFTBzgQ%3D%3D; Max-Age=31536000; Expires=Fri, 06 Mar 2026 08:37:47 GMT; Domain=froloi.com; Path=/; HttpOnly\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: B0ENqjoYQvLEok-siY9wPGknHW5gzxJOPCQBGOyKOaH_D2LT3bHcFQ==\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=i9ytag4z0f4MEnX8ZcXctxUk1fZOuGyDFjdOjbByajKfSS6FFmkEzKNgQmFmUbvSBJZp1aN4g45bmOf3oyBLoRNbRQEXS3UvK18top4%2BXeS%2FD%2B7UQI4gw2eNum3G\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 91c0887c7d2c5695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=597\u0026min_rtt=448\u0026rtt_var=250\u0026sent=8\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3196\u0026recv_bytes=1230\u0026delivery_rate=6268398\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=7c0bc9688cf21e8f\u0026ts=131\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":51,"dns":20,"connect":1,"send":0,"wait":105,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eakjkj.wy5532.com/favicon.ico","fqdn":"eakjkj.wy5532.com","domain":"wy5532.com","tld":"com"},"ip":{"addr":"172.93.103.102","port":443,"asn":23470,"as":"RELIABLESITE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://eakjkj.wy5532.com/","date":"2025-03-06T08:37:45.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wy5532.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Feb 2025 09:48:24 GMT","end":"Wed, 14 May 2025 09:48:23 GMT"},"fingerprint":{"sha1":"02:B7:9D:78:CB:6B:69:F1:B1:E5:07:DE:16:48:FE:28:8B:D7:FF:76","sha256":"5A:C9:B5:F2:94:94:49:1E:8F:7D:37:0C:56:71:37:14:B8:E6:22:5B:D4:B4:A3:A6:94:6B:F6:35:FE:5F:F9:7D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: eakjkj.wy5532.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://eakjkj.wy5532.com/\r\nCookie: sid=46811bf2-fa66-11ef-9574-3f2a67d75ad4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 9\r\ndate: Thu, 06 Mar 2025 08:37:44 GMT\r\nserver: Cowboy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"image/x-icon","magic":"ASCII text, with no line terminators","md5":"d8f4a1993546cc4b850cde3599e27aec","sha1":"094b763b4cfcc0b05e5d040581cd513c3ca08067","sha256":"907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9","sha512":"7c696247f98aa6fe4e1df001fd6029abbbccf45b122d65dfdede8f8a400cda775387c657f96bd1e4e52da7409187892b1f0786c54d835d2e44227b2e1335eaf6","ssdeep":"","tlshash":"4a50000c0003030c0000003000c00030000c03000c0000300000c00c00000000c000cc","first_seen":"2023-03-08T07:11:06Z","last_seen":"2026-04-19T10:23:40.57665Z","times_seen":19248,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"filter.servsserverz.com/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7","fqdn":"filter.servsserverz.com","domain":"servsserverz.com","tld":"com"},"ip":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-06T08:37:46.726Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7 HTTP/1.1\r\nHost: filter.servsserverz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 13016\r\nConnection: keep-alive\r\nSet-Cookie: c-1000234717=-442839262\nx3327657=442839262; Domain=.servsserverz.com\r\nReferrer-Policy: unsafe-url\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13016,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (594)","md5":"7c11307114f07a97f7a6678de41b941e","sha1":"06e9fa40086cbeb993eb5fadb4d230d869e99093","sha256":"210bf7ca54a56348910e7dc3cdf9709593a4c00a215cf208b75d164dedb7e9a7","sha512":"07fe6c43457d743fb40ef20bd4df50e16f24319ff934c7a50c0071521ed0188d6620b2fb9a0af2fd8fe7ef0cedd94dc459cc8873151ed8a89731c94c3154791e","ssdeep":"384:pivfWQ1SSxMQkwyw249tylMh8nCmh3UbIcP04EzxU:pCflwMMi249sFCmhsIm9EzxU","tlshash":"ea42f94dbe573022432335b1146f810bb1779db6674a08d1e6c28974ae7cd9a5327f9c","first_seen":"2025-03-06T08:38:05.679908Z","last_seen":"2025-03-06T08:38:05.679908Z","times_seen":1,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":114,"dns":13,"connect":102,"send":0,"wait":117,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-03-06T08:37:46Z","timestamp":1741250266,"ip_dst":{"addr":"172.18.0.12","port":60944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.134.116.29","port":80,"asn":27257,"as":"WEBAIR-INTERNET","country":"United States","country_code":"US"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-03-06T08:37:46.957640+0000\",\"flow_id\":606182538101786,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.134.116.29\",\"src_port\":80,\"dest_ip\":\"172.18.0.12\",\"dest_port\":60944,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"filter.servsserverz.com\",\"url\":\"/filter?q=Anime+%2F+Manga\u0026i=sbCDjHUrSZc_0\u0026ci=-4036626107804805394\u0026t=1333756792\u0026h=7\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2641},\"files\":[{\"filename\":\"/filter\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2641,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":827,\"bytes_toclient\":4682,\"start\":\"2025-03-06T08:37:46.738330+0000\"}}"}],"analyzer":null,"urlquery":null}}]}