{"report_id":"bd3aa005-9770-4756-a372-94139dd7d160","version":6,"status":"done","tags":[],"date":"2026-03-14T12:50:28Z","url":{"schema":"http","addr":"wap.fbaddadsbook.com","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":0,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/#/login","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"title":"Log In","dom":{"size":4211,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3875)","md5":"9b8c522ce84c4f7584b98690792651f7","sha1":"c94c99c79b5ae17af0d56de1e9f1092cda4e656c","sha256":"4786ead5e3eab18545a55ccbe561f4bdc491dc537777f2f93f5cda0ed6de7561","sha512":"b21318f9cf776da8753b5b67991b09cf2256b709e81bf12514237a2609870d38bcb80247988230f01f77061bc8518265a504e998ca0d8c6cac04d1ec49032fbc","ssdeep":"96:xw09NZNBZ2tAB5Lhomdod158pjViexhm07DaPt:xL9NZNB+onpBhu","tlshash":"6b91ff71a441f22f527386c0a525bffd71c2f24ec90a5640776943a60febd736d082b2","dom_hash":"domhashe64b2709934f2cc313ed2ba28f0d7a91","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wap.fbaddadsbook.com","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":0,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-18T12:50:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"wap.fbaddadsbook.com","ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"domain_registered":"2026-03-13","domain_rank":0,"first_seen":"2026-03-14T12:50:29.163399Z","last_seen":"2026-03-14T12:50:29.1634Z","alert_count":48,"request_count":8,"received_data":1045922,"sent_data":3644,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/js/app.ead6c432.js","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2ab102760bc5e746373b96f207abba2","sha1":"d636470474855166cc53519ae8f9471298f815fd","sha256":"9511181844bf0705b6b7eb39804c96ddacf4f153177738649d6719b9207914f3","sha512":"378bc18f0313d379a10dafb9c635eb8739f94edd2d16658f69ca65e21d189af2d482a4b9235c5ddde0a70d20c70519233ddbb1fcad2705754fbc92a5010027b9","ssdeep":"768:+RSvLu/27By6DlqcpLWQ6s+/iphggWRLxUvFASAu/WkZhHxG11IBgPAhZ8Bfc1rp:ip++GggWT2Fyu/DhHxG11uBmHs","tlshash":"b7237fd432c46af6219f02b0e05f2464203726c2e53e5d66f574b59d3bf878e43b3a9a","size":47549,"data":"","first_seen":"2026-03-14T11:32:02.262298Z","last_seen":"2026-03-14T23:59:40.652267Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/js/chunk-vendors.e82c533e.js","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"041f8410023d705d796b46249ca56fef","sha1":"26b7a4924d78af669b869c0d91a79e2e487ba68e","sha256":"911735ab5ad2b61d6e811d4b026c1cb61af55d53dda317768c2d0d656386e35d","sha512":"57ee5c13c19e5dbfba970f341955652a371cc40ccf0f5eb69de419b5ef13bb59d6c31f80af535dfbaa19ead393b6b4595c925dc461c1ebf3f39f0b8434169bcf","ssdeep":"12288:MAAayryRjMAeGb9Azzlfwd8V/Kzm7TDNI5pb:MAWyRjM/Gb9q5w+KzkTDNU","tlshash":"a3f42bce7186f522479720b1403f290ab23e2f58680e8458faa5e4d67d78d6c527bf7c","size":755712,"data":"","first_seen":"2025-06-24T18:05:37.868492Z","last_seen":"2026-03-22T05:05:11.089653Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/js/293.ec2deeea.js","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"77f61d92d8e3ed411731af15daa22795","sha1":"f8902003f215e168145de915534cdc4757802e0f","sha256":"25b0a739f3114102063ad0c49891047ba32aef971f7c411d1ca4297c5821fa4d","sha512":"053d9d2b54e538c7ecb245f591517aecd4571133f34550899574f2d30244c3d08867bef6142e29af8aaeefcd58fca161a5e7e268f3a7947b3b0fbf3f08b4f653","ssdeep":"96:pt+pEM5l/Ky5i5M+cepw54j+n5+4+w+5dEdH26SmW3jwxmo0zMwf1w6Cm0KmamqK:ptnE+9vL4DDHMcxUYw9w6ZkQNusi","tlshash":"66b1958eb0c7f1891a5791b0803f2175b1392ce4220b8191b375cdc9b978a78877abdd","size":5402,"data":"","first_seen":"2026-03-14T11:32:02.259889Z","last_seen":"2026-03-22T05:05:11.09204Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/favicon.ico","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:09.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:09 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\netag: \"69b368e7-10be\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"763a26ac1b333a2a3e4d3aaa7188b83f","sha1":"dab8d87df371792f84be587bc904781f1754b785","sha256":"cf2caf811a3e92e7913dfe4be696bb36c155ebff32ac0b62547c6b8233cbaab4","sha512":"95c59e667b4e1ccfde2ae3394ed16d757e90b0ca15cafa338ec79fb61acc9e8d73ce179a98660df242144da63e5793335a1f6b39b26f03117f8040e0413c80c9","ssdeep":"48:AcNTmQ9vq996VypcXlEnPgsUXhbJ7LI70JQucb0mMQksk13b+qYyCkWN4/:AcNTh1q996Vb2gsUpZRuWELkpmNc","tlshash":"c391dcc28d89416bc90aab7481862fc117370d9cb0ee5de559fc751a3bb3c8e51bf066","first_seen":"2024-10-29T06:16:42.130564Z","last_seen":"2026-05-23T05:40:18.035429Z","times_seen":44,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":237,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/js/chunk-vendors.e82c533e.js","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:07.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /static/js/chunk-vendors.e82c533e.js HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b368e7-b8947\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":756039,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30581)","md5":"041f8410023d705d796b46249ca56fef","sha1":"26b7a4924d78af669b869c0d91a79e2e487ba68e","sha256":"911735ab5ad2b61d6e811d4b026c1cb61af55d53dda317768c2d0d656386e35d","sha512":"57ee5c13c19e5dbfba970f341955652a371cc40ccf0f5eb69de419b5ef13bb59d6c31f80af535dfbaa19ead393b6b4595c925dc461c1ebf3f39f0b8434169bcf","ssdeep":"12288:MAAayryRjMAeGb9Azzlfwd8V/Kzm7TDNI5pb:MAWyRjM/Gb9q5w+KzkTDNU","tlshash":"a3f42bce7186f522479720b1403f290ab23e2f58680e8458faa5e4d67d78d6c527bf7c","first_seen":"2025-06-24T18:05:37.868492Z","last_seen":"2026-03-22T05:05:11.089653Z","times_seen":15,"resource_available":true,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/css/chunk-vendors.0d6e9997.css","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:07.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /static/css/chunk-vendors.0d6e9997.css HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b368e7-36e2c\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":224812,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (64226)","md5":"3f2d238f567878fc882262d15c0246e9","sha1":"afd22aa560041acb3ee50f1e8d102f84f598215b","sha256":"75724902161178f302b800e0a09bbce57cf0adab3ead8deac6722d8ca8ec2581","sha512":"6326237a5a5fc4abe3ae56e55abef9f70fd5ccf497a7235aeb00b239a4e2793d3439b9a2e152da800122f71475a68480b67c8fae00ed6940267ad3a283be1f0e","ssdeep":"6144:7kZUwh1nAukdDO3Xyr5Ir5eR0dTMA9S6fjKlWf:IZUwh1nAukdDO3Xyr5Ir5eR0dTMAEMf","tlshash":"6b24876f85d1135da1178e619fcc9ad8c22cc572a5520dedb242380e8fc7fde239a61b","first_seen":"2025-06-24T18:05:37.862283Z","last_seen":"2026-05-23T05:40:18.044516Z","times_seen":32,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":950,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/css/293.4f8e38e7.css","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:09.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /static/css/293.4f8e38e7.css HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b368e7-aa6\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2726,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2726), with no line terminators","md5":"0f6beddca1f6168badf7b7a400635624","sha1":"bc4ca5b08e152c64c45a83215d2b91318a576c48","sha256":"1aa5b3879e8ece7a0407b4b4e13708ca6961b308b26fbeeb8b827432ad21d5aa","sha512":"91aae1981122e44c40597f40e7c254f568e05e5cfd66258f5b89fe2560386969874f338c6060d536a13290a47ea4b75afb5dad15f8f69f0968d37af1b36e75d2","ssdeep":"","tlshash":"3051ba3832debd38a077c15134a19dec9149b763c201475a59b720778fab2f22f6927e","first_seen":"2026-03-14T11:32:02.253645Z","last_seen":"2026-03-22T05:05:11.090784Z","times_seen":12,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/js/293.ec2deeea.js","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:09.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /static/js/293.ec2deeea.js HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b368e7-151a\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5402,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5268), with no line terminators","md5":"77f61d92d8e3ed411731af15daa22795","sha1":"f8902003f215e168145de915534cdc4757802e0f","sha256":"25b0a739f3114102063ad0c49891047ba32aef971f7c411d1ca4297c5821fa4d","sha512":"053d9d2b54e538c7ecb245f591517aecd4571133f34550899574f2d30244c3d08867bef6142e29af8aaeefcd58fca161a5e7e268f3a7947b3b0fbf3f08b4f653","ssdeep":"96:pt+pEM5l/Ky5i5M+cepw54j+n5+4+w+5dEdH26SmW3jwxmo0zMwf1w6Cm0KmamqK:ptnE+9vL4DDHMcxUYw9w6ZkQNusi","tlshash":"66b1958eb0c7f1891a5791b0803f2175b1392ce4220b8191b375cdc9b978a78877abdd","first_seen":"2026-03-14T11:32:02.259889Z","last_seen":"2026-03-22T05:05:11.09204Z","times_seen":12,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-14T12:50:06.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:07 GMT\r\ncontent-type: text/html\r\ncontent-length: 783\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\netag: \"69b368e7-30f\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":783,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (466)","md5":"e292d9e03c1fd780f5d2c3474bc2a76b","sha1":"505afeb5e9a5af6cb2f2acb5e13be11bfbe25fbf","sha256":"87b113edf68e68d41a4689810965025ca5b9154f735fca91adf6b66ac31186c3","sha512":"76b17cda1c1564f1f84706a1d1edfa6e0c0820ec28d12bd7b924014701eadef1b6bf0a41b6e1f7b142127ca3a435f58169e2ac7b5b9cb4daf38399156acba557","ssdeep":"","tlshash":"24012585dc20e00d57708a54aa70f22f8dc69c2f4b72dcd0bcac41bc8f98f84867a840","first_seen":"2026-03-14T11:32:02.261104Z","last_seen":"2026-03-14T23:59:40.651216Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1299,"timings":{"blocked":531,"dns":49,"connect":237,"send":0,"wait":237,"receive":0,"ssl":243},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/js/app.ead6c432.js","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:07.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /static/js/app.ead6c432.js HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b368e7-b9bd\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":47549,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37629), with no line terminators","md5":"f2ab102760bc5e746373b96f207abba2","sha1":"d636470474855166cc53519ae8f9471298f815fd","sha256":"9511181844bf0705b6b7eb39804c96ddacf4f153177738649d6719b9207914f3","sha512":"378bc18f0313d379a10dafb9c635eb8739f94edd2d16658f69ca65e21d189af2d482a4b9235c5ddde0a70d20c70519233ddbb1fcad2705754fbc92a5010027b9","ssdeep":"768:+RSvLu/27By6DlqcpLWQ6s+/iphggWRLxUvFASAu/WkZhHxG11IBgPAhZ8Bfc1rp:ip++GggWT2Fyu/DhHxG11uBmHs","tlshash":"b7237fd432c46af6219f02b0e05f2464203726c2e53e5d66f574b59d3bf878e43b3a9a","first_seen":"2026-03-14T11:32:02.262298Z","last_seen":"2026-03-14T23:59:40.652267Z","times_seen":4,"resource_available":true,"data":null}},"time_used":951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":951,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wap.fbaddadsbook.com/static/css/app.4bf22517.css","fqdn":"wap.fbaddadsbook.com","domain":"fbaddadsbook.com","tld":"com"},"ip":{"addr":"107.149.129.49","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wap.fbaddadsbook.com/","date":"2026-03-14T12:50:07.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fbaddadsbook.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 07:21:33 GMT","end":"Thu, 11 Jun 2026 07:21:32 GMT"},"fingerprint":{"sha1":"FC:12:B7:13:32:59:8B:BD:87:27:3B:DE:4D:52:6D:94:0C:36:88:32","sha256":"82:97:4B:2E:8F:D6:1D:00:D2:52:17:65:BD:3C:BB:2D:9A:AA:61:35:B6:A7:A5:8E:B2:D1:50:84:49:BE:D2:8E"}}},"request":{"raw":"GET /static/css/app.4bf22517.css HTTP/1.1\r\nHost: wap.fbaddadsbook.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wap.fbaddadsbook.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Mar 2026 12:50:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 13 Mar 2026 01:31:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b368e7-822\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2082,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2082), with no line terminators","md5":"7ded19ece1125d28165c7016e43a873c","sha1":"8b12d184d2fa2d4eb9309fe8aaa0a4a7ea8d4cdd","sha256":"3a71aa89e5bf0892215ab8e566d32100a0edf093c3e97fc1890e72c03049c04d","sha512":"1c56aef7917ac409760441a8302377ca814d2e8a9caf1a09f85d365f09e3c4106e9b24f8da2495ed5940c2e6d14b85468f500bf54cc47055ee271173714ffdae","ssdeep":"","tlshash":"22419a2ef1c0d23b6077417eeb8dfd5884284e5696304f6bf14da243ae8b78716b0627","first_seen":"2025-06-24T18:05:37.861482Z","last_seen":"2026-05-23T05:40:18.026506Z","times_seen":19,"resource_available":false,"data":null}},"time_used":948,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":948,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wap.fbaddadsbook.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wap.fbaddadsbook.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}