{"report_id":"b88b4dcf-640b-4fb7-a464-316017f9e8a9","version":6,"status":"done","tags":[],"date":"2025-10-22T11:57:50Z","url":{"schema":"http","addr":"torchfriendlypay.com/wdiwppatc?jaslq=72\u0026refer=https://a.asd.homes/%D9%81%D9%8A%D9%84%D9%85-fifty-shades-of-grey-2015-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/\u0026kw=[\"%D9%81%D9%8A%D9%84%D9%85\",\"fifty\",\"shades\",\"of\",\"grey\",\"2015\",\"%D9%85%D8%AA%D8%B1%D8%AC%D9%85\",\"-\",\"%D8%B9%D8%B1%D8%A8\",\"%D8%B3%D9%8A%D8%AF\"]\u0026key=6710543788e9f02584f3584d5416d1e3\u0026scrWidth=1920\u0026scrHeight=1080\u0026tz=1\u0026ship=1\u0026v=25.9.7989\u0026sub3=invoke_layer\u0026res=14.1055\u0026dev=e\u0026uuid=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1\u0026adb=n","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"title":"..."},"submit":{"url":{"schema":"http","addr":"torchfriendlypay.com/wdiwppatc?jaslq=72\u0026refer=https://a.asd.homes/%D9%81%D9%8A%D9%84%D9%85-fifty-shades-of-grey-2015-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/\u0026kw=[\"%D9%81%D9%8A%D9%84%D9%85\",\"fifty\",\"shades\",\"of\",\"grey\",\"2015\",\"%D9%85%D8%AA%D8%B1%D8%AC%D9%85\",\"-\",\"%D8%B9%D8%B1%D8%A8\",\"%D8%B3%D9%8A%D8%AF\"]\u0026key=6710543788e9f02584f3584d5416d1e3\u0026scrWidth=1920\u0026scrHeight=1080\u0026tz=1\u0026ship=1\u0026v=25.9.7989\u0026sub3=invoke_layer\u0026res=14.1055\u0026dev=e\u0026uuid=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1\u0026adb=n","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-26T11:57:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-19T22:12:35.4735Z","alert_count":0,"request_count":1,"received_data":6659,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pushtorm.net","ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2022-04-06","domain_rank":28502,"first_seen":"2022-04-08T00:43:12Z","last_seen":"2025-10-12T16:24:56.825252Z","alert_count":0,"request_count":4,"received_data":62584,"sent_data":1660,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"traffichubcontrol.com","ip":{"addr":"168.119.149.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-08-27","domain_rank":0,"first_seen":"2025-09-10T02:42:52.780634Z","last_seen":"2025-10-21T12:39:54.667738Z","alert_count":0,"request_count":1,"received_data":31213,"sent_data":739,"comment":"","tags":null,"fingerprints":null},{"fqdn":"novalinksy.com","ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-27","domain_rank":0,"first_seen":"2025-09-26T10:06:46.558994Z","last_seen":"2025-10-21T17:12:18.890683Z","alert_count":0,"request_count":11,"received_data":145649,"sent_data":5686,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-19T22:12:30.612025Z","alert_count":0,"request_count":1,"received_data":19475,"sent_data":572,"comment":"","tags":null,"fingerprints":null},{"fqdn":"torchfriendlypay.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-10-20T05:03:43.898332Z","alert_count":9,"request_count":3,"received_data":39758,"sent_data":5144,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134265937","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","size":1838,"data":"","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","size":15292,"data":"","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","size":15292,"data":"","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","size":15292,"data":"","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","size":15292,"data":"","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/index.js","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9e87b5f390102de64af97e901c80695","sha1":"b48b78b831fed9527b9d75b9cdb232ece9519e29","sha256":"e7a50d337bdbe4299068de034e4564cfe5fd45ca9257ded37b6ada9330cedf0f","sha512":"6d0bd18d87118dfccad92d1422ace65494c97eefdaa93d57df281e1f7f05eca71b9f3d590558efe97a0407b46894569a00dbbb13d302f0cfa1a8abf57af5e576","ssdeep":"1536:AMzKLhzq8yxihbjw9xs/7FENdZTvzGXlE47ZEJQu:AMzKLhzq8yt9M7FAdZTv4lE47ZmQu","tlshash":"5c93641e57ea1a31d41634299f4f62c8d621911f2d0ad9ac3c6cb7e81f9de3902a4ff4","size":90241,"data":"","first_seen":"2025-03-09T00:15:37.485068Z","last_seen":"2026-02-08T05:48:01.469842Z","times_seen":362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8185931d09627217019fd6398da229a8","sha1":"90843476247635a1d4f6c0cc0c1c410a87f3a276","sha256":"5d10bc60124ce3472e4fc1662997dc628a192ded73a54fa8f449205118287684","sha512":"d3daa8c75b3cb98c37e104b9ca9c38a5d4758a03388da91f50117717b3bbcebe77e92c2171511ac31a7a92b05850be3dacc3fe96d267946436d712425051ab67","ssdeep":"","tlshash":"a8e02b185db310b0455be01a1776d64d355110631444d8093d8d8e885f60e9658ddad4","size":423,"data":"","first_seen":"2025-03-09T00:15:37.489136Z","last_seen":"2026-02-08T05:48:01.472384Z","times_seen":358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134262669","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","size":1838,"data":"","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134263950","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","size":1838,"data":"","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134264998","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","size":1838,"data":"","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"novalinksy.com/lander-1/assets/default_100_percent/100-offline-sprite.png","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/assets/default_100_percent/100-offline-sprite.png HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 2645\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Feb 2025 18:19:05 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67b8c399-a55\"\r\nexpires: Thu, 23 Oct 2025 00:15:38 GMT\r\ncache-control: max-age=604800\r\naccept-ranges: bytes\r\nage: 560191\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NBEKuX4ctxC9jsWF1fMO%2FXkGTamy%2B0pxAAe41YOav%2BOHCrsgRUd3O2crKXB8fOE6mqaDVmZLDThVHicWQc0xt5gtsXOTukyuLpHAsQ%3D%3D\"}]}\r\ncf-ray: 9928d1498d3156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1233 x 68, 8-bit grayscale, non-interlaced","md5":"126bb0177752d9bcdaf27e9bd487a8ab","sha1":"c933d84c436b49d180dd945313fbd70e0c4fc125","sha256":"e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f","sha512":"1eae0820fae8f709bced42fb4c382b99ba1b712ebdeeb57dc6048fba1b0354b9284f3b1889f31b996c63d2f3db3c7208a7a2169b4cd2046446a50b6ffc108069","ssdeep":"","tlshash":"f1515c5beed868c3d16f021dc723398469d00125df5c335e110292614942f9a4de6ce2","first_seen":"2023-11-19T16:44:45Z","last_seen":"2026-02-19T19:48:46.249411Z","times_seen":366,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://novalinksy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18640\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 12:57:39 GMT\r\nexpires: Fri, 16 Oct 2026 12:57:39 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514791\r\nlast-modified: Mon, 15 Sep 2025 16:29:38 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18640,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18640, version 1.0","md5":"289ab8c3689e58c84c061039efc15d3a","sha1":"9432c99c4915ea17dea97eec0bbd0f2fa6ff0943","sha256":"0e44026ad31376af1b56593cd4acb4f353f8e8789c51759e18f64578e4ef296a","sha512":"4c0ea3fe4daefcd63f7337e7a8e86d169c0f4ce3543b12a69f9980a5bb598987521138454ad4df4474a1edb0fef0c38cfd2de312cb355c9c2665ea3445586787","ssdeep":"384:UubNl0SziXg7u9lPk6A/BViMAf2zAeyrmYAUXKb+cu5E0GW6o6:dbj0S2XjRk6A+MAf2UeGIUEbM4WZ6","tlshash":"9182d1454a3d7753f235a6425daef8cac2b5d42d56978c103be2541a3dff28e33109d8","first_seen":"2025-09-17T00:02:10.421759Z","last_seen":"2026-05-06T15:46:00.705845Z","times_seen":30352,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":56,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/api/users?token=L3dkaXdwcGF0Yz9hZGI9biZkZXY9ZSZqYXNscT03MiZrZXk9NjcxMDU0Mzc4OGU5ZjAyNTg0ZjM1ODRkNTQxNmQxZTMma3c9JTVCJTIyJUQ5JTgxJUQ5JThBJUQ5JTg0JUQ5JTg1JTIyJTJDJTIyZmlmdHklMjIlMkMlMjJzaGFkZXMlMjIlMkMlMjJvZiUyMiUyQyUyMmdyZXklMjIlMkMlMjIyMDE1JTIyJTJDJTIyJUQ5JTg1JUQ4JUFBJUQ4JUIxJUQ4JUFDJUQ5JTg1JTIyJTJDJTIyLSUyMiUyQyUyMiVEOCVCOSVEOCVCMSVEOCVBOCUyMiUyQyUyMiVEOCVCMyVEOSU4QSVEOCVBRiUyMiU1RCZwc3Q9MTc2MTEzNDMwOSZyZWZlcj1odHRwcyUzQSUyRiUyRmEuYXNkLmhvbWVzJTJGJUQ5JTgxJUQ5JThBJUQ5JTg0JUQ5JTg1LWZpZnR5LXNoYWRlcy1vZi1ncmV5LTIwMTUtJUQ5JTg1JUQ4JUFBJUQ4JUIxJUQ4JUFDJUQ5JTg1JTJGJnJlcz0xNC4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9MSZzaHU9YzUzZTc0YTEyMDVjZjVjNDljN2ZkODdkNDQ0ZTg1ZDg3NDA4YWE3NDJjZjUyNGQ4OWU4YWY2OGFlYTJjYzg0YjJiOTMzODAyMjAwZmUzYTI2ZDZmNjdmY2VhMDc3MTI4OWRjYzU4M2JlNDUwYmVmYzg4NTA0YmI5NzFkOThhM2YzOGVmMjEyYmI3MGYwMWM3ZDhmOTY4MDJhMjUwOWMwMzEyZjY2Mjc1YTgxMDAwOGY3MmIzZjkmc3ViMz1pbnZva2VfbGF5ZXImdHo9MSZ2PTI1LjkuNzk4OSZwaWk9JmluPSZ1dWlkPTI2YmJmYTZmLTYxYTEtNDFkNy05NzgwLTFmNmEyMDI2YjkxMiUzQTIlM0Ex","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-22T11:57:29.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /api/users?token=L3dkaXdwcGF0Yz9hZGI9biZkZXY9ZSZqYXNscT03MiZrZXk9NjcxMDU0Mzc4OGU5ZjAyNTg0ZjM1ODRkNTQxNmQxZTMma3c9JTVCJTIyJUQ5JTgxJUQ5JThBJUQ5JTg0JUQ5JTg1JTIyJTJDJTIyZmlmdHklMjIlMkMlMjJzaGFkZXMlMjIlMkMlMjJvZiUyMiUyQyUyMmdyZXklMjIlMkMlMjIyMDE1JTIyJTJDJTIyJUQ5JTg1JUQ4JUFBJUQ4JUIxJUQ4JUFDJUQ5JTg1JTIyJTJDJTIyLSUyMiUyQyUyMiVEOCVCOSVEOCVCMSVEOCVBOCUyMiUyQyUyMiVEOCVCMyVEOSU4QSVEOCVBRiUyMiU1RCZwc3Q9MTc2MTEzNDMwOSZyZWZlcj1odHRwcyUzQSUyRiUyRmEuYXNkLmhvbWVzJTJGJUQ5JTgxJUQ5JThBJUQ5JTg0JUQ5JTg1LWZpZnR5LXNoYWRlcy1vZi1ncmV5LTIwMTUtJUQ5JTg1JUQ4JUFBJUQ4JUIxJUQ4JUFDJUQ5JTg1JTJGJnJlcz0xNC4xMDU1JnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9MSZzaHU9YzUzZTc0YTEyMDVjZjVjNDljN2ZkODdkNDQ0ZTg1ZDg3NDA4YWE3NDJjZjUyNGQ4OWU4YWY2OGFlYTJjYzg0YjJiOTMzODAyMjAwZmUzYTI2ZDZmNjdmY2VhMDc3MTI4OWRjYzU4M2JlNDUwYmVmYzg4NTA0YmI5NzFkOThhM2YzOGVmMjEyYmI3MGYwMWM3ZDhmOTY4MDJhMjUwOWMwMzEyZjY2Mjc1YTgxMDAwOGY3MmIzZjkmc3ViMz1pbnZva2VfbGF5ZXImdHo9MSZ2PTI1LjkuNzk4OSZwaWk9JmluPSZ1dWlkPTI2YmJmYTZmLTYxYTEtNDFkNy05NzgwLTFmNmEyMDI2YjkxMiUzQTIlM0Ex HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torchfriendlypay.com/api/users?token=L3dkaXdwcGF0Yz9rZXk9MTBhZmFlYzM1NDA0ZmZkNWVkYmFkMDEzMWJiMzhlZTYmc3VibWV0cmljPTIxNjEwOTcz\r\nCookie: uid_id2=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMTYxMDk3MywiayI6IjY3MTA1NDM3ODhlOWYwMjU4NGYzNTg0ZDU0MTZkMWUzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDIzOTg0LCJwaWQiOjQ3OTI1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjgsInB0Ijo1LCJwayI6IndkaXdwcGF0YyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hLmFzZC5ob21lcy_ZgdmK2YTZhS1maWZ0eS1zaGFkZXMtb2YtZ3JleS0yMDE1LdmF2KrYsdis2YUvIiwiYXIiOltdfX0.4x8VMPfMWnCPMLUTKJjwK69Tyx7z0QVN08pG__jVC9Y; cjs=t\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.21.6\r\nDate: Wed, 22 Oct 2025 11:57:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nLocation: https://traffichubcontrol.com/index?cid=9ef2d03f3c4c9880d37d\u0026extclickid=5b11373719700d908e6b9d4b2437073c\u0026t1=21610973\u0026t2=3539582\u0026type=default\u0026publisher=47925\u0026advertiser=695339\u0026campaign_id=1322529\u0026zoneid=3023984\u0026category=Movies\u0026cost=0.300000\r\nSet-Cookie: uid_id2=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1; expires=Wed, 29 Oct 2025 11:57:29 GMT; path=/\npdhtkv=true; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\nuncs=1; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\npdhtkv28=true; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\nuncs28=1; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\nu_pl21610973=1; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\niprc_l+fc484518f7a268d2e70adce705876e62=6238425; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\niprc_l:6238425=1; expires=Thu, 23 Oct 2025 11:57:29 GMT; path=/\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 75cbf05ea74a7b075972f2ccf4ffe468\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30747,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T15:45:53.712693Z","times_seen":14742555,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Open+Sans HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 22 Oct 2025 11:57:30 GMT\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5973,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"52fd336aac376e54df69f73afa4d9a1e","sha1":"ff01fecffbb6ad52a66fc2464c9a06d64ac49ce4","sha256":"0493c5aeeeee76553b77f584271225f936ff2901a1838303744debf8e99728e3","sha512":"6221444a13a3adb37f5064882fa86db9f2e836e7ce90aecc12ac7345281799d902140f502e5a5b8f08d1651f217844cab59ed53e9d3f4b0e9d52d8ba4f6bd3b3","ssdeep":"96:ZOEM9JOEMWDFZ8OEMjkOEMFYOEMhOEMNy+aZjzBrWOEMzubqGIFuV4UOEMCOEMN4:w9AWjBF1INqbCbqGIwV4Rzlqx","tlshash":"25c14d900017545467471ce723cebe30ee4fa2606040d07aabfd8b9aeed6da9a37532d","first_seen":"2025-09-17T00:02:10.461951Z","last_seen":"2026-05-06T15:18:42.089205Z","times_seen":14428,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":59,"dns":1,"connect":8,"send":0,"wait":20,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/assets/default_200_percent/200-offline-sprite.png","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/assets/default_200_percent/200-offline-sprite.png HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 3244\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Feb 2025 18:19:05 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67b8c399-cac\"\r\nexpires: Wed, 22 Oct 2025 01:29:30 GMT\r\ncache-control: max-age=604800\r\naccept-ranges: bytes\r\nage: 149107\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mLEf8D%2FP%2F4l5TotxVKhbefJafjZdNzr3BibRhVVywJySK35JejnZCdtiwSxg5YOP4KDoC%2Bi7nZdoM%2F6%2FCjG0SXEmdqK69US7g62BmA%3D%3D\"}]}\r\ncf-ray: 9928d1498d3956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3244,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2441 x 130, 4-bit colormap, non-interlaced","md5":"04b297005713a535400790596beeed31","sha1":"b1f0ff7b93ea725cd686a51630a728c8fbc8c6da","sha256":"b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879","sha512":"f34e56d243e88daa8a16f8ce4595b5470434a404bd27b76e5f71ab4e0e23a86603a5ba59465533fd69b698146f974ac4b10833ffebaed766e587021595ef5c4f","ssdeep":"","tlshash":"6c617eacffdc4d31d43e6381869d74ea06d36a14415557200524c7bd1494d5e6e9c78f","first_seen":"2023-11-19T16:44:45Z","last_seen":"2026-02-19T19:48:46.193322Z","times_seen":366,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:44.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushtorm.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:01:11 GMT","end":"Sat, 03 Jan 2026 11:01:10 GMT"},"fingerprint":{"sha1":"6D:6F:C1:40:F8:00:84:19:C4:A6:CE:11:F8:26:30:5C:D4:92:10:E9","sha256":"2D:2D:DE:DF:23:E2:F1:CF:DE:39:08:3E:28:3B:7D:62:99:11:F6:37:F7:D0:33:97:DE:A6:8C:97:5D:6B:76:C6"}}},"request":{"raw":"GET /subscription.js HTTP/1.1\r\nHost: pushtorm.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Wed, 22 Oct 2025 11:57:44 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: br\r\nLast-Modified: Thu, 03 Oct 2024 16:16:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1db15af929133bf\"\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15295,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134264998","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:45.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/initpc.js?1761134264998 HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Oct 2025 11:57:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 21 Feb 2025 18:19:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BMZEJtwODqvCtcR8kiKu0Zevh0i6vmc5K%2FxuqC6XJh%2FegWMdatp42Qhn0yTu%2FAJTdJdx1mKPOHErAvqJrD%2FHDJ46B3NzeQAPh%2Bffs8WJ\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"67b8c398-72e\"\r\nexpires: Wed, 29 Oct 2025 11:57:45 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncf-ray: 9928d1a44bc75fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1838,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1838), with no line terminators","md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:45.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushtorm.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:01:11 GMT","end":"Sat, 03 Jan 2026 11:01:10 GMT"},"fingerprint":{"sha1":"6D:6F:C1:40:F8:00:84:19:C4:A6:CE:11:F8:26:30:5C:D4:92:10:E9","sha256":"2D:2D:DE:DF:23:E2:F1:CF:DE:39:08:3E:28:3B:7D:62:99:11:F6:37:F7:D0:33:97:DE:A6:8C:97:5D:6B:76:C6"}}},"request":{"raw":"GET /subscription.js HTTP/1.1\r\nHost: pushtorm.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Wed, 22 Oct 2025 11:57:46 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: br\r\nLast-Modified: Thu, 03 Oct 2024 16:16:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1db15af929133bf\"\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15295,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/favicon.ico","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://torchfriendlypay.com/wdiwppatc?jaslq=72\u0026refer=https://a.asd.homes/%D9%81%D9%8A%D9%84%D9%85-fifty-shades-of-grey-2015-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/\u0026kw=[%22%D9%81%D9%8A%D9%84%D9%85%22,%22fifty%22,%22shades%22,%22of%22,%22grey%22,%222015%22,%22%D9%85%D8%AA%D8%B1%D8%AC%D9%85%22,%22-%22,%22%D8%B9%D8%B1%D8%A8%22,%22%D8%B3%D9%8A%D8%AF%22]\u0026key=6710543788e9f02584f3584d5416d1e3\u0026scrWidth=1920\u0026scrHeight=1080\u0026tz=1\u0026ship=1\u0026v=25.9.7989\u0026sub3=invoke_layer\u0026res=14.1055\u0026dev=e\u0026uuid=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1\u0026adb=n","date":"2025-10-22T11:57:29.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://torchfriendlypay.com/api/users?token=L3dkaXdwcGF0Yz9rZXk9MTBhZmFlYzM1NDA0ZmZkNWVkYmFkMDEzMWJiMzhlZTYmc3VibWV0cmljPTIxNjEwOTcz\r\nCookie: uid_id2=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMTYxMDk3MywiayI6IjY3MTA1NDM3ODhlOWYwMjU4NGYzNTg0ZDU0MTZkMWUzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDIzOTg0LCJwaWQiOjQ3OTI1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjgsInB0Ijo1LCJwayI6IndkaXdwcGF0YyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hLmFzZC5ob21lcy_ZgdmK2YTZhS1maWZ0eS1zaGFkZXMtb2YtZ3JleS0yMDE1LdmF2KrYsdis2YUvIiwiYXIiOltdfX0.4x8VMPfMWnCPMLUTKJjwK69Tyx7z0QVN08pG__jVC9Y; cjs=t\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 22 Oct 2025 11:57:30 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b8312e3622b8c9ab3bd7cc884925b832\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T15:45:53.712693Z","times_seen":14742555,"resource_available":true,"data":null}},"time_used":376,"timings":{"blocked":0,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"traffichubcontrol.com/index?cid=9ef2d03f3c4c9880d37d\u0026extclickid=5b11373719700d908e6b9d4b2437073c\u0026t1=21610973\u0026t2=3539582\u0026type=default\u0026publisher=47925\u0026advertiser=695339\u0026campaign_id=1322529\u0026zoneid=3023984\u0026category=Movies\u0026cost=0.300000","fqdn":"traffichubcontrol.com","domain":"traffichubcontrol.com","tld":"com"},"ip":{"addr":"168.119.149.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-22T11:57:29.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"traffichubcontrol.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 15:46:59 GMT","end":"Tue, 25 Nov 2025 15:46:58 GMT"},"fingerprint":{"sha1":"0E:13:A3:6B:ED:BF:FD:CA:FE:54:46:11:83:86:64:DC:1E:81:92:7F","sha256":"89:4E:EB:53:45:8C:E2:BD:C0:42:1C:72:31:CA:46:D9:7C:08:AE:70:C8:93:B5:E4:34:10:86:53:3D:CC:7F:0D"}}},"request":{"raw":"GET /index?cid=9ef2d03f3c4c9880d37d\u0026extclickid=5b11373719700d908e6b9d4b2437073c\u0026t1=21610973\u0026t2=3539582\u0026type=default\u0026publisher=47925\u0026advertiser=695339\u0026campaign_id=1322529\u0026zoneid=3023984\u0026category=Movies\u0026cost=0.300000 HTTP/1.1\r\nHost: traffichubcontrol.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torchfriendlypay.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\nlocation: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nset-cookie: uclick=nL+Pl1leb9w1hbfybmCYv6eK4aGi2FXPy2gZ2jUEEbg2RAIFdJ51REqZlGEbIEKTU/FB29KiPg==; Max-Age=31536000; SameSite=Lax\nbcid=d3scdae071bc73ftqit0; Max-Age=31536000; SameSite=Lax\r\nvia: 1.1 Caddy\r\nx-request-id: da112b93-7d5f-40b9-9b47-52188c10d306\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":null,"data":{"size":30747,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T15:45:53.712693Z","times_seen":14742555,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":80,"dns":22,"connect":24,"send":0,"wait":56,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-22T11:57:30.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://torchfriendlypay.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eaCwexeDs9gQ8jjlvS8k3zoewjFKkwuhNJ%2BRJ2T6rvHHpjKEs7Paoo74guO3L%2F%2F5tb1wJ2KLjD6DXwlPr6PVZevZ1lxdWu%2BDz9wV4g%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9928d1480b9856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30747,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (12424), with CRLF line terminators","md5":"959043a96cb899ba089341319593c371","sha1":"5be1ce631bbb8c5b5c2327ef8a707bc91e79156d","sha256":"dcdf77a436b4e56d11a5246a6dddbfbd66fd5011319a1ce589f27aa0e9840efd","sha512":"1e5a96255ebac10115f60582807a8ca39a57a8d533ecd9eb5bd196bcffb3cb0c2631daf5dda864ff8e0b70ce5a018cd8ace363816c09a5d92fe1559a6b3f8d4c","ssdeep":"384:MvJYzmBs5GdYiMh81wkUUzYzmBs5GdYiMh81wRwnTa8crYqaYzmBs5GdYiMh81wL:Mv7d4K19td4K1SwTa88Wd4K1YpnB6HE","tlshash":"75d29d72109bbead576a1945e0105c80fffa70eb83389d25b7cc3ae17b23880d95f864","first_seen":"2025-03-09T00:15:37.466878Z","last_seen":"2026-02-08T05:48:01.468236Z","times_seen":361,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":194,"dns":21,"connect":1,"send":0,"wait":57,"receive":0,"ssl":171},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/assets/default_100_percent/100-error-offline.png","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/assets/default_100_percent/100-error-offline.png HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 196\r\nlast-modified: Fri, 21 Feb 2025 18:19:05 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5O%2Fsfe2ZUfG%2FoJUnBEH5WRlKT7ssBWTPq%2BBdS3dpy1BQXBHZCa2eUfhtScPJcr0Nyz6JZBEI%2BYIm1kNcOalEB0o1Ix7QhBgNowmgGMks\"}]}\r\netag: \"67b8c399-c4\"\r\nexpires: Wed, 22 Oct 2025 18:33:54 GMT\r\ncache-control: max-age=604800\r\naccept-ranges: bytes\r\nage: 450453\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9928d14a8cd95fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 1-bit colormap, non-interlaced","md5":"603727db1b706260019aa950dcf5fcd9","sha1":"82fb32413af0a3d30db040e16cf67435a8d2542b","sha256":"0d26708e4a360173db7a6a5e82ec2b5b95631feb886a76b343dbae951ece8565","sha512":"99f82c174dd64343d9021a3e70e903cfa28a19956c11d0a196b1daa134b7999d485b38ea4e009079ad80cf4f79c62cef511fe27dcdef3b715152c64b16407bbe","ssdeep":"","tlshash":"60d023e747125c248054cf1135945011cf742de8b6844d26221dc4fb2f111d8c6c4d16","first_seen":"2024-11-14T00:43:58.056169Z","last_seen":"2026-02-08T05:48:01.467125Z","times_seen":367,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134262669","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:42.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/initpc.js?1761134262669 HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Oct 2025 11:57:42 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 21 Feb 2025 18:19:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WRTUPOm%2FI8tjrykANPCJD2W3EYumhy2AXmxZhUFC9s7%2F28lAeibDNiB%2Bu8AFXQrtFy%2BhObxT%2BsjdbtoL4L2Ni1cVTGmjBKI2%2Bq7cOAP3\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"67b8c398-72e\"\r\nexpires: Wed, 29 Oct 2025 11:57:42 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncf-ray: 9928d195ba305fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1838,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1838), with no line terminators","md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:42.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushtorm.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:01:11 GMT","end":"Sat, 03 Jan 2026 11:01:10 GMT"},"fingerprint":{"sha1":"6D:6F:C1:40:F8:00:84:19:C4:A6:CE:11:F8:26:30:5C:D4:92:10:E9","sha256":"2D:2D:DE:DF:23:E2:F1:CF:DE:39:08:3E:28:3B:7D:62:99:11:F6:37:F7:D0:33:97:DE:A6:8C:97:5D:6B:76:C6"}}},"request":{"raw":"GET /subscription.js HTTP/1.1\r\nHost: pushtorm.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Wed, 22 Oct 2025 11:57:42 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: br\r\nLast-Modified: Thu, 03 Oct 2024 16:16:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1db15af929133bf\"\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15295,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":93,"dns":15,"connect":24,"send":0,"wait":25,"receive":1,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134263950","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:43.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/initpc.js?1761134263950 HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Oct 2025 11:57:44 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 21 Feb 2025 18:19:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bESBh4rhasR07RkUvoDLQF9DAh6KRM7XrIEQ1I7KazICm55e4usWtsozElnuXem9CoSihiOyFHWNdw8xWcnw9Vp53jE28SeTqQwcOpky\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"67b8c398-72e\"\r\nexpires: Wed, 29 Oct 2025 11:57:43 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncf-ray: 9928d19dbb2e5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1838,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1838), with no line terminators","md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/wdiwppatc?jaslq=72\u0026refer=https://a.asd.homes/%D9%81%D9%8A%D9%84%D9%85-fifty-shades-of-grey-2015-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/\u0026kw=[%22%D9%81%D9%8A%D9%84%D9%85%22,%22fifty%22,%22shades%22,%22of%22,%22grey%22,%222015%22,%22%D9%85%D8%AA%D8%B1%D8%AC%D9%85%22,%22-%22,%22%D8%B9%D8%B1%D8%A8%22,%22%D8%B3%D9%8A%D8%AF%22]\u0026key=6710543788e9f02584f3584d5416d1e3\u0026scrWidth=1920\u0026scrHeight=1080\u0026tz=1\u0026ship=1\u0026v=25.9.7989\u0026sub3=invoke_layer\u0026res=14.1055\u0026dev=e\u0026uuid=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1\u0026adb=n","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-22T11:57:28.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /wdiwppatc?jaslq=72\u0026refer=https://a.asd.homes/%D9%81%D9%8A%D9%84%D9%85-fifty-shades-of-grey-2015-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/\u0026kw=[%22%D9%81%D9%8A%D9%84%D9%85%22,%22fifty%22,%22shades%22,%22of%22,%22grey%22,%222015%22,%22%D9%85%D8%AA%D8%B1%D8%AC%D9%85%22,%22-%22,%22%D8%B9%D8%B1%D8%A8%22,%22%D8%B3%D9%8A%D8%AF%22]\u0026key=6710543788e9f02584f3584d5416d1e3\u0026scrWidth=1920\u0026scrHeight=1080\u0026tz=1\u0026ship=1\u0026v=25.9.7989\u0026sub3=invoke_layer\u0026res=14.1055\u0026dev=e\u0026uuid=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1\u0026adb=n HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 22 Oct 2025 11:57:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 2618\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=26bbfa6f-61a1-41d7-9780-1f6a2026b912:2:1; expires=Wed, 29 Oct 2025 11:57:29 GMT; path=/\nain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMTYxMDk3MywiayI6IjY3MTA1NDM3ODhlOWYwMjU4NGYzNTg0ZDU0MTZkMWUzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDIzOTg0LCJwaWQiOjQ3OTI1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjgsInB0Ijo1LCJwayI6IndkaXdwcGF0YyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hLmFzZC5ob21lcy_ZgdmK2YTZhS1maWZ0eS1zaGFkZXMtb2YtZ3JleS0yMDE1LdmF2KrYsdis2YUvIiwiYXIiOltdfX0.4x8VMPfMWnCPMLUTKJjwK69Tyx7z0QVN08pG__jVC9Y; expires=Wed, 22 Oct 2025 11:58:29 GMT; path=/\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 24d25d87d5809582c17e9c6b59af50a3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5229,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (5228)","md5":"a88b83da13e9bbeb54d60710719603cc","sha1":"0104828c5074e0abfb14539e1460f761c6d4e194","sha256":"27cf930e051a773a02fd506b5d3eaea3bd5e9bf9c3ecd9e74210783cd9a71b8c","sha512":"5596d240c7e30ad38cd1acf7ff0ca18f57e62643b1e4cd2dbb022d780649301a7d5982a6c40ef46a9f8b736663a06cd088ca66ffcf2900034be9809fa87fd88f","ssdeep":"96:z922YfIuzVcmCmPIHIboIgpwdq38MnmeSa+A0O7/6RoQDydnZPAP4m:Q2YfTzSjkc6ozwd6tnya30O7q0dWP4m","tlshash":"7bb1a4d26434b82040792417d5af735936334a1b7a027470a19d4aa93e3decb6222fef","first_seen":"2025-10-22T11:57:52.852219Z","last_seen":"2025-10-22T11:57:52.852219Z","times_seen":1,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":293,"dns":15,"connect":91,"send":0,"wait":94,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-22","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/favicon.ico","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iZ3eHbYSnG1JJBzFI7LQQ%2FgUIL82RbiLa%2BcLY2Q9YldxfZ4rjaYcm9nehOrifKzIKXy%2BuX4JFMDeSjDHyLVyWcI6hReAHxURWOPy1rvQ\"}]}\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\ncf-ray: 9928d14b4ceb5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":564,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5da4c1420f84ec727d1b6bdd0d46e62e","sha1":"280d08d142f7386283f420444ec48e1cdbfd61bb","sha256":"3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f","sha512":"7c51a628831d0236e8d314c71732b8a62e06334431d10f7c293c49b23665b2a6a1ddbc4772009010955b5228ea4a5cd97fb93581ce391ee1792e8a198b76111a","ssdeep":"","tlshash":"f4f0cd9f1f12387f2e238171f0c36068cf680a56fb9925e28748001f3aca04549f6fad","first_seen":"2023-05-01T23:14:01Z","last_seen":"2026-05-06T11:17:17.272523Z","times_seen":1459,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pushtorm.net/subscription.js","fqdn":"pushtorm.net","domain":"pushtorm.net","tld":"net"},"ip":{"addr":"142.132.255.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:45.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pushtorm.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:01:11 GMT","end":"Sat, 03 Jan 2026 11:01:10 GMT"},"fingerprint":{"sha1":"6D:6F:C1:40:F8:00:84:19:C4:A6:CE:11:F8:26:30:5C:D4:92:10:E9","sha256":"2D:2D:DE:DF:23:E2:F1:CF:DE:39:08:3E:28:3B:7D:62:99:11:F6:37:F7:D0:33:97:DE:A6:8C:97:5D:6B:76:C6"}}},"request":{"raw":"GET /subscription.js HTTP/1.1\r\nHost: pushtorm.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Wed, 22 Oct 2025 11:57:45 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: br\r\nLast-Modified: Thu, 03 Oct 2024 16:16:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1db15af929133bf\"\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15295,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4ed509cc4dfda85c155722fee5df972d","sha1":"e3be86f68f71d1f97a7d30998c527a131ebbd678","sha256":"3a4c430db4bb2260d2f2156228f7cab59f4c51b711e299c940b8fa3c4bb187cd","sha512":"3e85daaabcd105c1b466c831c965e4ba5f5b1ffc42be4b18a40726b281445442b12d839fb5d2c4f180a7b0356f5b70f70ec7bb3b949771deb72f6a6bb83feca6","ssdeep":"192:RbZIALarkmH08Xh2mVVmSzynz9ZJsLJi6bKYf4yCD6k6g9eBpRPqzC4aRRNRaiSq:9ZIi0SCkhSqzxQNRUYh5","tlshash":"b9622f099cf710a2253771384fef552521b6485324c6dd047fccaa44af8ce3d5aabaec","first_seen":"2024-10-22T13:31:12.897283Z","last_seen":"2026-05-04T11:21:57.819422Z","times_seen":123,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/initpc.js?1761134265937","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:45.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/initpc.js?1761134265937 HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 22 Oct 2025 11:57:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 21 Feb 2025 18:19:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nfEziVuZrx7tUG1nBZdLMKgqQlMr0eik%2FNM%2FZjAwlJkZ2l8inHOLnvD%2Beb46EgzYffhANyOnI4hqZSgfxzfe6YfWCL8jUrJcd73fDSfe\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"67b8c398-72e\"\r\nexpires: Wed, 29 Oct 2025 11:57:45 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncf-ray: 9928d1aa1c405fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1838,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1838), with no line terminators","md5":"2d48748df4a3617ec66b418e213545dd","sha1":"2bdd1b49ad07842dfe8cf6d7762bbd5767c544ec","sha256":"b70dad450aeed0e2fc85094d226369d566ba19c552dfcbf06ba09932d4773e5d","sha512":"4b1f7114fee23a83b95765134b96e6af367a0099b649cba4b0404a0c037a5c8a7ae9f963eeb7a049a69d8777c0b6889579efba999bb23e980c162563bb5ff6d5","ssdeep":"","tlshash":"d131129e9fdc25c2c7471da73a16198b8019dc7a385dc630f511e0cd665ab44502f6b9","first_seen":"2025-09-26T21:50:50.298185Z","last_seen":"2025-10-22T11:57:52.849498Z","times_seen":4,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/index.css","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/index.css HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Feb 2025 18:19:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"67b8c39b-b71\"\r\nexpires: Wed, 22 Oct 2025 17:46:20 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nage: 239397\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NCqqFBa2ohuGJ29BTHjiqao7MaTH7EN1HPgJ0dE1nXP0Nm8mw%2FdimtEoiB63loSH%2BibLDTDwX4Q8ImX%2BuaE0lLqA68pS64eKc9Xf%2BA%3D%3D\"}]}\r\ncf-ray: 9928d1497d1956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2929,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"274af055b611da24310bc0d48bade003","sha1":"4bc782b260606f30f01e8051397007201e583e73","sha256":"850e209b45b9624d588ddf56e3496de39a4532dcc6bbb72373ed44aa619e5c85","sha512":"c18b62b82fc5ab03e363803e8ff6d4f9186132c0506abcb300ecc428f1e0a30b94c3d91a2bdd0f3222bf5d6395975a160bd0e35254f6241258421dbc5d6be97b","ssdeep":"","tlshash":"1e5131910af52518f106e1ba29fb6128a3a944c2a34fdd57f6d1351cff9c3b10873a91","first_seen":"2025-04-14T08:55:06.856404Z","last_seen":"2026-02-19T19:48:45.99283Z","times_seen":339,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"novalinksy.com/lander-1/index.js","fqdn":"novalinksy.com","domain":"novalinksy.com","tld":"com"},"ip":{"addr":"104.21.70.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com","date":"2025-10-22T11:57:30.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novalinksy.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 15:43:35 GMT","end":"Tue, 25 Nov 2025 16:41:56 GMT"},"fingerprint":{"sha1":"1B:27:49:F5:AE:84:BD:40:82:91:79:B6:B3:A3:56:A0:6A:46:7F:D8","sha256":"72:1F:F6:FD:B3:A9:58:F3:32:9D:87:F9:BF:8A:A8:D2:3F:B6:F2:6A:F4:DD:AA:FC:D3:7F:40:2B:83:88:A8:ED"}}},"request":{"raw":"GET /lander-1/index.js HTTP/1.1\r\nHost: novalinksy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://novalinksy.com/lander-1/?clickid=d3scdae071bc73ftqit0\u0026domain=traffichubcontrol.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Oct 2025 11:57:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Feb 2025 18:19:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"67b8c398-16081\"\r\nexpires: Wed, 22 Oct 2025 17:46:20 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nage: 239397\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NnI399CivP30KvP34XlW8%2B5y%2B04gcrRxzi0JYBKqR4H0Zs5YkrQdy%2FMXxN6v7bpF6KvEgvuzHIz3r9wpw%2Fntg2BuNd5EUkcQleag7Q%3D%3D\"}]}\r\ncf-ray: 9928d1498d2856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90241,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"c9e87b5f390102de64af97e901c80695","sha1":"b48b78b831fed9527b9d75b9cdb232ece9519e29","sha256":"e7a50d337bdbe4299068de034e4564cfe5fd45ca9257ded37b6ada9330cedf0f","sha512":"6d0bd18d87118dfccad92d1422ace65494c97eefdaa93d57df281e1f7f05eca71b9f3d590558efe97a0407b46894569a00dbbb13d302f0cfa1a8abf57af5e576","ssdeep":"1536:AMzKLhzq8yxihbjw9xs/7FENdZTvzGXlE47ZEJQu:AMzKLhzq8yt9M7FAdZTv4lE47ZmQu","tlshash":"5c93641e57ea1a31d41634299f4f62c8d621911f2d0ad9ac3c6cb7e81f9de3902a4ff4","first_seen":"2025-03-09T00:15:37.485068Z","last_seen":"2026-02-08T05:48:01.469842Z","times_seen":362,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}