{"report_id":"c2a9ddb3-8d22-454e-8b8d-50cd973ef527","version":6,"status":"done","tags":[],"date":"2025-10-15T19:36:59Z","url":{"schema":"http","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"142.250.74.51","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"title":"(1) New Message!"},"submit":{"url":{"schema":"http","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"142.250.74.51","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-19T19:36:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":47}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wivesvacancycraft.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wivesvacancycraft.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"gavedeliverknee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"gavedeliverknee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-12T22:12:24.910527Z","alert_count":0,"request_count":4,"received_data":112898,"sent_data":1837,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2025-10-12T22:22:05.071412Z","alert_count":0,"request_count":2,"received_data":95977,"sent_data":1043,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-15T01:24:42.348327Z","alert_count":4,"request_count":2,"received_data":1060,"sent_data":1548,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-10-12T22:17:47.775352Z","alert_count":0,"request_count":1,"received_data":97367,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-13T03:57:20.808603Z","alert_count":3,"request_count":3,"received_data":6860,"sent_data":1530,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-10-13T03:04:24.143059Z","alert_count":81,"request_count":27,"received_data":126335,"sent_data":58381,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"blogger.googleusercontent.com","ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":4332,"first_seen":"2012-05-25T17:41:01Z","last_seen":"2025-10-12T23:18:14.761957Z","alert_count":0,"request_count":7,"received_data":72599,"sent_data":5002,"comment":"","tags":null,"fingerprints":null},{"fqdn":"throbcrunchsurely.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-10-02","domain_rank":0,"first_seen":"2025-10-15T16:32:29.781475Z","last_seen":"2025-10-15T16:32:29.781475Z","alert_count":10,"request_count":5,"received_data":21400,"sent_data":8069,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-10-13T03:06:18.160605Z","alert_count":74,"request_count":37,"received_data":139771,"sent_data":81176,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.omniklusive.com.ng","ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-10-18","domain_rank":0,"first_seen":"2025-10-15T19:37:05.635422Z","last_seen":"2025-10-15T19:37:05.635422Z","alert_count":0,"request_count":11,"received_data":988534,"sent_data":8910,"comment":"","tags":null,"fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Blogger","description":"Blogger is a blog-publishing service that allows multi-user blogs with time-stamped entries.","website":"https://www.blogger.com","common_platform_enumeration":"","icon":"Blogger.png","categories":["Blogs"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.11.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-15T05:47:09.33032Z","alert_count":12,"request_count":4,"received_data":343852,"sent_data":1680,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pl24012289.highratecpm.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-07-26","domain_rank":0,"first_seen":"2025-10-15T19:37:05.650446Z","last_seen":"2025-10-15T19:37:05.650446Z","alert_count":12,"request_count":3,"received_data":132344,"sent_data":1392,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-12T22:12:25.402635Z","alert_count":0,"request_count":16,"received_data":586201,"sent_data":8874,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.highperformanceformat.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-10-15","domain_rank":366864,"first_seen":"2024-10-23T18:32:34.138968Z","last_seen":"2025-10-13T09:17:07.391843Z","alert_count":81,"request_count":27,"received_data":1270976,"sent_data":12609,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pl24184826.cpmrevenuegate.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-08-21","domain_rank":0,"first_seen":"2025-10-15T19:37:05.630976Z","last_seen":"2025-10-15T19:37:05.630976Z","alert_count":6,"request_count":2,"received_data":215006,"sent_data":938,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.198.152.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-12T22:34:05.876953Z","alert_count":0,"request_count":2,"received_data":738,"sent_data":992,"comment":"","tags":null,"fingerprints":null},{"fqdn":"landings-cdn.adsterratech.com","ip":{"addr":"172.240.127.240","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2015-03-02","domain_rank":0,"first_seen":"2022-07-07T14:56:30Z","last_seen":"2025-10-13T01:18:04.596495Z","alert_count":0,"request_count":1,"received_data":37697,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.topcreativeformat.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2023-11-21","domain_rank":1938842,"first_seen":"2023-11-22T19:49:06Z","last_seen":"2025-10-15T08:01:01.418369Z","alert_count":24,"request_count":8,"received_data":376765,"sent_data":3704,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-13T03:05:29.919249Z","alert_count":30,"request_count":15,"received_data":533555,"sent_data":7062,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-10-12T22:34:06.069164Z","alert_count":0,"request_count":43,"received_data":2848410,"sent_data":20174,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-10-13T03:57:20.763365Z","alert_count":51,"request_count":17,"received_data":67673,"sent_data":36601,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-10-12T22:55:24.916727Z","alert_count":75,"request_count":25,"received_data":109622,"sent_data":55574,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-15T11:24:47.291649Z","alert_count":2,"request_count":1,"received_data":377,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pl23924524.highratecpm.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-07-26","domain_rank":0,"first_seen":"2025-10-15T19:37:05.692258Z","last_seen":"2025-10-15T19:37:05.692258Z","alert_count":12,"request_count":3,"received_data":255176,"sent_data":1398,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"gavedeliverknee.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-10-02","domain_rank":0,"first_seen":"2025-10-15T12:08:01.819427Z","last_seen":"2025-10-15T12:08:01.819427Z","alert_count":2,"request_count":1,"received_data":518,"sent_data":485,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"wivesvacancycraft.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-10-02","domain_rank":0,"first_seen":"2025-10-15T11:24:46.695561Z","last_seen":"2025-10-15T11:24:46.695561Z","alert_count":2,"request_count":1,"received_data":520,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-10-13T01:19:48.704284Z","alert_count":36,"request_count":12,"received_data":56330,"sent_data":25201,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.blogger.com","ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1999-06-22","domain_rank":9514,"first_seen":"2012-05-22T07:35:03Z","last_seen":"2025-10-12T22:34:58.819493Z","alert_count":0,"request_count":5,"received_data":611630,"sent_data":2356,"comment":"","tags":null,"fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"32263aaf0c2e345f7dc4018e4332cd0e","sha1":"4fbfc90466d7b6d782b129be6cf5d12d4b0e6adf","sha256":"3dd6cf4e9efa71a107413b382912bc8cc1896042aecc43ba15089dfd5dcdc597","sha512":"19f7d3ee936e830e1e71de6dc4a7044d9ffe40c17f2e3a8b2d5f2e09e2a617f19ddee36b166d26cd5b79741ebfcc1254f897850fbf90937176daf80fb880dca4","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsj95G:36rxKbk0CrQ+fdwNDba1lIlcPEP5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.68541Z","last_seen":"2025-10-15T19:37:20.68541Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b2240e604ebef1badbe17b48a5685995","sha1":"a118810dbd99af53607183aab1e5838e4fd58efc","sha256":"ea10a8231d69ef4165f74cb707f8b92447ff09c0a30f1072081d91941419209e","sha512":"bfd7a60304eb2ee97e7973234e30fbd1befb6729f75c18345d69f955ed19544614492c058d11d58dbbebd0f7fcfb2eba91c4aec19e2899aeb23f624e91b40cb0","ssdeep":"","tlshash":"0c310b3271dc308ac7bfb867039f725e1da94a850a0191e9c0118bc723a88d6707bc4b","size":1808,"data":"","first_seen":"2025-10-15T19:37:20.826463Z","last_seen":"2025-10-15T19:37:20.826463Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14e5a6b6347f71ecbe2f2917cca4874d","sha1":"8ed396050edb86835eaf09ae9dd6e4e2b4435503","sha256":"56547b3ec4b7999d7324f3ba6801b37caa5b68631aa9fbc7f9e18799eb312d07","sha512":"ee94527605916cad3cae00da42da881ef6d4bd3c40a413ca752a3fee4151a95d3359df1f23c5aea01b93a3a22f20ac9dc088d3da327498130ec55b373507d487","ssdeep":"","tlshash":"46c08c78ab000a727b223a0d9b032bc09cc90b3be2b34c02a030601064a00374149008","size":145,"data":"","first_seen":"2025-10-15T19:37:20.829992Z","last_seen":"2025-10-15T19:37:20.829992Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57c3e77ba68ad4dc863dc882a9f725bf","sha1":"35ad996179ba92f685a8d2ffdc07cde555a685fc","sha256":"2f4a32434f3aa8cdaff797e0196bd01fae083e90fb17533fb73e4f1b3f67823b","sha512":"a4d8d2a759effbc51d2a0470b64cbd16b9a2c53e7494c56236f64df57eec842cbf0160dcdfe8a3e59f8418db4051a22c5eeefaf0e17057982eaf41fa3c0fe7a7","ssdeep":"","tlshash":"6cc02bf4d300f24840d1dc150c7ce24487208d202498003f21e108220340d8681f936d","size":140,"data":"","first_seen":"2025-10-15T19:37:20.8414Z","last_seen":"2025-10-15T19:37:20.8414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"670bd1d37d7dc82ecc6b61ad9ed1b430","sha1":"c71749349d6956e33e7142dc8df8256da4b03da1","sha256":"919f9618d9556e518987d8e3a1ad4182d9bee11692e9256f7212dc4a96c260f1","sha512":"3615f5350e5d9a22cc2bfd75b1ce7d953039bbccb6c01c4a00fd6803dc99516e28161285fb373c8970a57419c9b4f83eec9842a6db9b3b59d0a9df531d27e302","ssdeep":"","tlshash":"1b31e954b9d91f15998b723300bb61ae3faad2090a1697c38c0ccec02e341ee05b4c75","size":1806,"data":"","first_seen":"2025-10-15T19:37:20.846824Z","last_seen":"2025-10-15T19:37:20.846824Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"5b469d9ecafe2727d38fbf430baeae1d","sha1":"52d192febfee26070ec262008686353f540c35b2","sha256":"fb3388b302465b18a107c88bbad2d059efb50f1bc5b3928762350f0762b03d0b","sha512":"7f572170365b5e55f847afe120f722aaabc11f7973a02f53bbbb442deff4a046af98a3eea608178a7b44b1e2a2e6791cf4bdc9a6d006e4babc90375ed1892ad2","ssdeep":"","tlshash":"23411b32f46d3aa05dfeb631414e91ed3e13e4663539b3c94d6787d51a300fd226c542","size":1905,"data":"","first_seen":"2025-10-15T19:37:20.861337Z","last_seen":"2025-10-15T19:37:20.861337Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"0ebcdf2fb4d19db5b4d1c24114c924eb","sha1":"bea414371d6e13e6e52ac10862750f282fb3e049","sha256":"b4caea1c418cd072eae509b65f0a6ea4e961cbaf70f71b777c3171348b7adbda","sha512":"90861a263baa738067a4fa7c078ae5547651952b5a20588457002d4476a642dc41e9518582a219c0faad5ce3f66e3f015ac731ac8b412e473c87bd19022b432d","ssdeep":"","tlshash":"29310b3ffc3a1c58c0cad07d24aea1c05e14413b647146c85d024f6969bd6e5652fc47","size":1806,"data":"","first_seen":"2025-10-15T19:37:20.871343Z","last_seen":"2025-10-15T19:37:20.871343Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"1fa85419ba9ca1fec9a994d9dca21580","sha1":"2e75538723a2d9211fd0767fdc50ef6a773156a1","sha256":"8805d2109aa904b10d759e0a73f7aff13f433bd63711b46bb650aad69222b6ea","sha512":"c546784be750a2a523e4a5a1a3670051317ff71f02ba61425f6ad07ad17297e968e1a1e7a4e375633ef2e0e7c8989051043ea64af37437f29c38b394b1f583f3","ssdeep":"","tlshash":"4231e97e92ec2b54f84fb13214db73a46fc7a12b5550b6c84811da50371895d923fc99","size":1806,"data":"","first_seen":"2025-10-15T19:37:20.876614Z","last_seen":"2025-10-15T19:37:20.876614Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"4a8bd3fe8495adbcfbb1ad41201df958","sha1":"2b7816a166ec23ec86997d746beb85397014ba1b","sha256":"25a12de588b020bc621edfe9db65a34743951dec7bd56acbb9a0f8819e222bb9","sha512":"19d3b0fabbd6505ae39c6fa4ad70926c0ad1dacc66777f39ed5118815e6d6c843c1c30dfae2893906969bd7f78955e61a4a52606c6f62df88753c24491e7dd35","ssdeep":"","tlshash":"4241f93b823d3923c873fab51e3b63683bfd14801a4d5a814124d2518533849267cd8b","size":1880,"data":"","first_seen":"2025-10-15T19:37:20.886955Z","last_seen":"2025-10-15T19:37:20.886955Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"a72b6a2f517adebdb222220764c80668","sha1":"b0da08d97746e1815ea5f1717576f1f3eec5a1f1","sha256":"a47d8d57a4bdb31461739fb2da791ec8bc85c6ef95c51872349f6accbcba1425","sha512":"daea890e3aabb07e1f8158b4081ce210921842768d2422ebf70ab8b4087e02655593140f92a0501c1fbc594183d9d28a980712be7d3bf6925833a59c09bd6983","ssdeep":"","tlshash":"ce31eaaff739065c6c85c00c4c6b5426bfb355ae01151afec659d2901b461eb7a089fd","size":1594,"data":"","first_seen":"2025-10-15T19:37:20.894987Z","last_seen":"2025-10-15T19:37:20.894987Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"31ddbd5edb010389e7c408b3ec5abcee","sha1":"c2afba0621d4949b5b1771d364e873ffdfc07333","sha256":"34aa51af8c63b41214e94c787f86549f558f395ea786f13f087dba26975c7e88","sha512":"3249bd0d91cb48faa46e1741fd8befb017deb463ca4ac14afd27a878a10d40f445c2874dfd2cf6f7cde37f47ae3d02dc977a68ee74f1e7aef74004eace5f256f","ssdeep":"","tlshash":"6241f93bb3cb5b5385ebf0f2856f6f70bd3a9203040ee545084c618019b89cc95bcd46","size":1884,"data":"","first_seen":"2025-10-15T19:37:20.901714Z","last_seen":"2025-10-15T19:37:20.901714Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b693df750500c1c31d6112a4ce61a62","sha1":"3ec2ab08164d3bf868cb91cc93e8f0223818bedc","sha256":"4d05a4b96b5c6030b831695f0d38ab137b30f4388612de99c3dea8c3a4c078ea","sha512":"ae56dda15902ac9c90a8f98a2f013b9bd845ec6d1f59c75d11cfb22941c8c591d57824555df77259cb11da0a20f68e32afd1d5b90ec1eb453d068b2bc865a0a7","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsjy2X:36rxKbk0CrQ+fdwNDba1lIlcPE02X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.460727Z","last_seen":"2025-10-15T19:37:20.460727Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d05031fcb2fdfdd6b0092a3bccd25d4","sha1":"9eeae820d8447947c0378fc8f2a055567eaa0f41","sha256":"82f8ca5f33044bb1d41f28a29d65486ec1073814065340c4a3c9ca4d8defd6cb","sha512":"39511c599b8fc431901da11aa633b0611452ace3b2db214185b1bab4ad5df920589f028262c3d081ab745609c4a4ce3820ddfa6d93f4d25f57cbb3d7fb1f8f3b","ssdeep":"96:xozE0oXryY8WyVkk/h9OgWBDN5QPoZmZhBbeG1ZDWCfMEDaH:uzUXZ8WyVkk59NsgPokDtVWCkCaH","tlshash":"6aa10a74ad8560b95492b46b5e3f365c1e72800f0918f90bb5dcea492f30a586d7dcdc","size":4757,"data":"","first_seen":"2025-10-15T19:37:20.906747Z","last_seen":"2025-10-15T19:37:20.906747Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"47db1356ec70bb184ea19b076fa12048","sha1":"751e61599f98240f4f3c4197e9760c548a481e97","sha256":"155b89df15ecbd95c88c7be26740759b65396a53f24f40885553d1baeb2ba47e","sha512":"9f184e0ac55a169ff9d69a860ff11e2e1dbea12bc6dca65b44558283ecd3d7bab773a6147ce9d1375b1bdc7f64e6a907db4b531854337c2ff9aefdc2dfa320a4","ssdeep":"","tlshash":"72e0720e28d070282ff8107b0a254aec31ac5a081a00cc898d8ec16d7b60fe00afcaec","size":315,"data":"","first_seen":"2023-03-07T12:10:48Z","last_seen":"2026-03-29T20:49:36.939571Z","times_seen":304,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bbaea49bcab541ed65e945878fba32a","sha1":"a93b54f1a7cbd214b463ba752c22448846f78cfd","sha256":"a8da23200af4124556d547582e27e847c45f4cb62d6095db33de5216acc348fc","sha512":"fa897c69e29ade178365f095de9f6950b695707915aabb0850a51cd4f9ee2de8a36a86e0aeef9ce25a574c4739eaa905c7cad4fca00586b0e895e2edc7217caa","ssdeep":"96:xoz/s03Vs6/HfVIpdsowRoWJGouk/os6/HfVIpdsowRoWJGoH451ZDWCfMEDaH:uz/DVs+H9SVtkws+H9SVDTVWCkCaH","tlshash":"e4911baa7ec1612474cd757f2162f36c2fb0910a1a098e49785cfbc08f34f9899bda95","size":4597,"data":"","first_seen":"2025-10-15T19:37:20.916553Z","last_seen":"2025-10-15T19:37:20.916553Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"929573cba6a34a4809c6cc55649d1686","sha1":"872d963d644bad94a4cebc15eeeb14096f16ba65","sha256":"0b29b6be0275b90871dff067520e649886d70ba15981af3f2b6266ad9428bc11","sha512":"4c06e0b05ddc862cb6a19934642da4f140187f683aa8a21ce74e4a277ee789ee5449dad2bec8bcdb833fabc4b1cd56c2c4c0179ce2c224dec1efff1821c4b7b3","ssdeep":"","tlshash":"a241f9ec24193471c8af6a3b053f7466be344acf8938f28f541c42653628f5d15adcca","size":1884,"data":"","first_seen":"2025-10-15T19:37:20.922352Z","last_seen":"2025-10-15T19:37:20.922352Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"5a2bcf9abbe6351c0ff2f261e1853683","sha1":"f4641f2f15372c0466430d1e7acba9f794e7287d","sha256":"2a08da8993452d5d63040d61157362a52dc1d61a7b7a888065819be627b79c98","sha512":"49fd17ed11153d02386239c1a12bd0f912182fa514625f220a15a73aa982c9d1bb67a8e08a3ca6d537b6578370d4a9b912b75c80aaffa6f48985cc56ddd557b1","ssdeep":"","tlshash":"0b413b76b46abf815a9ee0f3351f3f506f40a881c9823283805cf4c4a9316f6a72ec43","size":1890,"data":"","first_seen":"2025-10-15T19:37:20.928219Z","last_seen":"2025-10-15T19:37:20.928219Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"1217c3e03d535f4bbfe23a048833f50a","sha1":"975fbc0bc9b1a306637ab19be63660cfb08eed69","sha256":"5b988ad678c8befa8c031e0c7621fe895e8d698499346ae4a097665bea2d0229","sha512":"a639cf7b5e4f39fc06e8905a2ff23f4cfe623663bcddc08ab9d09d3cec6cc8631eeba30d713c17ad58c760dfc72b85847276915591020fa7fd714696618a7c64","ssdeep":"96:xoz3t0X4bY0EV20aZGTk/WebLiU7T5a4k8/1ZDWCfMEDaH:uz04b/EVgZGTkueb+A5aB8dVWCkCaH","tlshash":"96912b395fdc206dc597745f1a7b610c2e62420b0a00c99dfc5cd6863f20ea0667ed9e","size":4585,"data":"","first_seen":"2025-10-15T19:37:20.933098Z","last_seen":"2025-10-15T19:37:20.933098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"619ecc62343c751448bd8be92bfdf3ff","sha1":"8dbe18c92a72b7d1b4c2a94efb0497273d1fd77d","sha256":"6381e97dfcb0b981331d53b3f1d1e3ce349073aceaff9aeb2377af72dad17ec5","sha512":"de1e5660f5cf942bfe9300410f0e08f0f0eb046312cf9eb14b2f5380cef4dbaff2e6923ca2e6b01a62022405c51fd7f3ee6c14c608bf08fb5a03cf0ccf3f10e3","ssdeep":"192:wBf9ZCNcV/H5jmu57wpTqcKd7eIc1kUNAckPHRHjdEjE3VEFDsv62d+Kp1Oi:wBffSKcAsKx3Nx","tlshash":"09624df57157c34beabd0843ae847aa942fab55392c4b143d1f8ba0f059a58fc4bc8d4","size":15719,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.365453Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"moz-extension","addr":"moz-extension://3ba3b924-c3c3-40ae-8321-2cdcec04f90a/lib/shim_messaging_helper.js","fqdn":"moz-extension","domain":"moz-extension","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"865f01cbb34eb505834e826380d7dc2e","sha1":"c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e","sha256":"30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17","sha512":"9e37cd2e9fb9e4e926e2d1e1232c4c4ba3531d89b1d165293708849e0f88df6a40711d87c2b267ced9b6c4a27ac13079b5cb907334e2e297b588318df629b9ee","ssdeep":"","tlshash":"9e31ba1959fa0d1c0063b4a977673403722a90271149fe92bedcc3536f9652bc6f2bc8","size":1684,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-04-04T11:47:34.707599Z","times_seen":152032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e22177bf091efb4a680e1f99b2ab3c0","sha1":"aea4d2fb3382791a9c7cc9f22a7847e4742a6b89","sha256":"79ad7e4d3af321cc6f8dd52eb530e0071b3b3b97fe0e499d0c3a836dbc528abc","sha512":"ac9f13d1d93695b9fd643ee570b5796c5385d8843b4b71049f24f23fb69d875e90cd9935ee0ff46026595cde7433d06346661876bc306c8a92c67b152c4d7768","ssdeep":"96:xozN06+5ZJ3Iw8xyxcQhFFT+dQSdzspk/Ehk/V5meftO1ZDWCfMEDaH:uz1OZI5cxccFFUIpk2lrVWCkCaH","tlshash":"a3a12ca16ecba02c9867746f503721153e30a20f6848d980b69de9c62f347e85fbcdd5","size":4745,"data":"","first_seen":"2025-10-15T19:37:20.945412Z","last_seen":"2025-10-15T19:37:20.945412Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"0f50a54645dcb623a4635813e0bc9add","sha1":"74c0916b7cc1b2e45ee3b4d7b679494d9ec22b55","sha256":"7c998e2925439eebecad750989a913975b96c58bc240a27fbe8083df49b43e3e","sha512":"a581df1acddfe9ad128ebcaef1088405cce8f18bd676df86b936e74def6304704728269d363b64f5d8d596964a684f98ad38ba79fa05da33cdf31a77a8fba35a","ssdeep":"","tlshash":"9b413b20660eb214cddfc5331807320d3c3a80560fb95381444543ee7975d9721afdd3","size":1884,"data":"","first_seen":"2025-10-15T19:37:20.950288Z","last_seen":"2025-10-15T19:37:20.950288Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"852b305d2baaedcb101d9b3112fee1ed","sha1":"f1ccd890fd4cdd9d432b8e8bdde779a085f14a7a","sha256":"1919ff6fbb53a4983d6047c9d34e847c8a4b0ea1b2b1e8c28086ccc330aacbcf","sha512":"f5310015ef7390e43b8610c64bc459b4adb936dcec4ef0a343841fc02981c93709b9964066597c1ffe4170fe0730e61222a64849753150e174a446bcd7a3b4c9","ssdeep":"","tlshash":"48312af8fd1deeec87c490913804f871812b0409bbc452a600e91b51b2f83203904cf7","size":1620,"data":"","first_seen":"2025-10-15T19:37:20.953939Z","last_seen":"2025-10-15T19:37:20.953939Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f1ed54ad134212dfd9272172e825d3c","sha1":"bda4b3a92a5c62fcf4526b2b6435dc5474e59556","sha256":"db9e7a8694e9a78efa39fa1547b719d0dc5fb6a1f6653c2bb330053d10e4d029","sha512":"a19dc2191aeb4db2cb763c508bd31aff056ad0c748ae19d1e32da177caeb1d16d7d09c0c261a97370826fdc438546da8d4e5187a08bb73f95585d9f82e6bb402","ssdeep":"96:xozvY0b+6ZbaBTDlLk/qz2LAcU1/9bFl1ZDWCfMEDaH:uzvD7UTJLkM2EVfb5VWCkCaH","tlshash":"aea14bb59fa7b5b85487a0eb3a3f33056f5091066841e903b44cf6c09f30be59b6dc91","size":4749,"data":"","first_seen":"2025-10-15T19:37:20.958392Z","last_seen":"2025-10-15T19:37:20.958392Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"f9677b1e747ef2384f896f8eeb279313","sha1":"80872517dcd94fafa46795056721db6bcec86d93","sha256":"7624934e56637fcf0c306e64660ecf3c3299ad2d2dfaf5381c99c9f5d6347a25","sha512":"906c51b250d5bf7e4e87de961668c91246fee4770cb9169ba17cf4249fedec71c7c9163033d4016845a465247e1e6b8563f2b17329d021a7997c2b84a168e36a","ssdeep":"","tlshash":"85310aef72059ba85b9df94398a30b366fa5d4bd5b428550d22ec100af06451fbc2cb1","size":1540,"data":"","first_seen":"2025-10-15T19:37:20.96232Z","last_seen":"2025-10-15T19:37:20.96232Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"c540d633af7f06c7d1925d59e6cf98ed","sha1":"7906d9d88fd0e821b2c7a7e28628ac2a3f1b6960","sha256":"a530e74a42ffabfee91fbfe408ff9b002412a33df8aa7e4bbf2e17588e0f97c6","sha512":"533d8de40d806c15e52e0b5a5b14c685071e12b5807ce07b54f7f91bb9ac7b2bb8a29a3c9ec2b9d12f947fa54e269333614a430ee9ed9d3dfd86c4af46b9d425","ssdeep":"","tlshash":"d031e9e567f52a958acef437653bb31ebefeec060c04528ac475f8022a314c582f594d","size":1805,"data":"","first_seen":"2025-10-15T19:37:20.967414Z","last_seen":"2025-10-15T19:37:20.967414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0848755e5fb7fb83ad8e6b978e28f816","sha1":"ca3c871d2312de3c157e1e2f91398c5ea8133284","sha256":"8d4fad81500d5b151c86ba7c3bd5ecf4389081fd66fe9fbe2c972d6a2cdb1f08","sha512":"1293d56e60d2b7babfe44172a13a4dfcecd31fcb2d0ba98467e2f98429ba9e5e32da2349bf5bc6241ffa43d89e2f04995f594a334685b757642df72a5316baaf","ssdeep":"96:xoz3t069Ibt1IPXdqZd5yET7RnKk/y8B2ifg2KllTKWa1eAa1ZDWCfMEDaH:uzLmGMdcEvRnKkRIygt3AuVWCkCaH","tlshash":"87a15cb02f8977b42c95f43e453b61692f6252073920e6467e9de7402f202fc263c5a5","size":4779,"data":"","first_seen":"2025-10-15T19:37:20.971348Z","last_seen":"2025-10-15T19:37:20.971348Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9de10457b90d76183bf8ee847afa177b","sha1":"1880860999db0424059957d1fb4a733a8e0e0626","sha256":"c5b29be7aa3ed02d521adb97bf5871e7eaf9e76c15205d66c2935d75c6add080","sha512":"ed876b0ec720dc3a4176d203d8320500b3f9686a0f39e44bf18fd500e8de24992d053dc212e629d0563680a299c8d4a1dae011bd059aebce4d8bfc6df48f42dd","ssdeep":"","tlshash":"c6310befb545361265cdb6b32040f3bc2ff891450e0906c904287fc08738b9e517ae46","size":1814,"data":"","first_seen":"2025-10-15T19:37:20.975271Z","last_seen":"2025-10-15T19:37:20.975271Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"be85096a954b81538e23f469651b9ebd","sha1":"cc3b51528669428b254a1705bb6e287096a494b8","sha256":"bca09b7a3350c0762f065bab4396c6a1e11c20828f67a7e34d9ee004b15736e8","sha512":"57e108d18aafb537e699b20dff359ccd6194d1f5086fc3d1958c0145111b4a63b2e613ffda268bc125a1c518beec1a80bc77ed87774dee279b643c60951bfa07","ssdeep":"","tlshash":"f1311b77f32a7549cf4ff0b11569e3f47f52d96f2c02328526080bc4665029d681fb81","size":1860,"data":"","first_seen":"2025-10-15T19:37:20.978997Z","last_seen":"2025-10-15T19:37:20.978997Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f28a1198c98b94df67a70edb79176a48/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b6f63485a13de76db800d7d0ed6ed47","sha1":"8110d51a96beeae63596712c53df0a45b5f95d22","sha256":"a102811c1c6873636fdb6b660487b3e75803287c8541812e38a6a476f057ce9f","sha512":"0c41518a97277358e27e2d01f1fcaabde821a1b5ae339b2a6760339e6b7eb0a919a378007efb8d8203a3226dfdb5e136cb6fdf9e10d211e05fc4c8b53abd0afd","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yyb4j7NT:36rxKbk0CrQ+fdwNDba1lIlcPEVNT","tlshash":"3623c48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46240,"data":"","first_seen":"2025-10-15T19:37:20.506616Z","last_seen":"2025-10-15T19:37:20.506616Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0bbbd71574ab2f9268f434c072d061c1","sha1":"ee57e3ef13c89986506f831f98fcac74652f6a9a","sha256":"ce4978a722026b6c15580bab816623862ff96a7fab276f64d5fbbefb4c38f227","sha512":"1c84cf8579418daaae9fdc8b7030deec0debdffb929bfd05dfe42b82ceb862fedebadaa41e1aa7721a5fbc92b92b57b48563d7a58c2025af9edaf482ce6fab3a","ssdeep":"96:xoz/s0oxDnIAMf9EPqk/YnIAMf9EPj1ZDWCfMEDaH:uz/cxDIA46SkAIA46ZVWCkCaH","tlshash":"9a91f894aed55a286847303f51bb505e3f66920e1a05cb83fd4cda852f307e94df48b8","size":4581,"data":"","first_seen":"2025-10-15T19:37:20.984024Z","last_seen":"2025-10-15T19:37:20.984024Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"4dc1dc7bf318cf721fe36e29bdca212e","sha1":"254d7fab7d7e19ca0308b7b7891df4ad68e8c757","sha256":"e15c2c622ad8ced5fdf835ac9a766869552ee005f022d11d2f9a0d781f369973","sha512":"9e21375634379fe9722c447fdfa6e87cfca8f21d41e1f5c8fce69e1c60721d0a0537960383cfd7d2622d2fd8b036fcd0c86b990ba316e1179383f45afc598aee","ssdeep":"","tlshash":"6241f766338f7905ccbbe4fb610b33603e3a8a4b548c26c046352ede16281d822799ce","size":1886,"data":"","first_seen":"2025-10-15T19:37:20.988365Z","last_seen":"2025-10-15T19:37:20.988365Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"091a0aaeefafe3593b356879e08beb90","sha1":"d8c08edff6df01ab1139ca5e98067fbdf740a00e","sha256":"4d07cdd748d6ded50eda11b88e6b0b4ae0170c4e140760cb2eb83cc2d8243c3f","sha512":"a688bbdfe1ec502ffc0be5e2eafa742a9ae1a73d7d423ffa30ed94beb5dc5636bc3c2c22826099bb4cd950f8c54276f1ab3620347981892fd1fb1bbf41e05120","ssdeep":"","tlshash":"9a314d7f9944352fcceefbeed6d832862f70e5610b0454826c44832030409c90b38c66","size":1808,"data":"","first_seen":"2025-10-15T19:37:20.993609Z","last_seen":"2025-10-15T19:37:20.993609Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec7891948d636c1914af602be2509300","sha1":"917c35863ba97fbf62c19e3845e60f145b20d11a","sha256":"c62650b54718d4ab496a016d293589f8b0b2d8a17382930cd75a7ce16232548a","sha512":"d9fdf40f9a6188105bcfdd0af988538334cec814a68002347323ab793982f35490be801bf46070498d448973e333bd4b7f7cd7002fa15c610d5dd675b73d6c4d","ssdeep":"96:xoz+0agi6ubeNqeX0onVNZD+k/Xm6uMNv1ZDWCfMEDaH:uz8gg80oVNZCkf5/VWCkCaH","tlshash":"e8a11a358e78617a58b7f87f5e3b71063ab0410a1949de01b91ce3009f32a941bb8dcc","size":4729,"data":"","first_seen":"2025-10-15T19:37:20.997556Z","last_seen":"2025-10-15T19:37:20.997556Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"1bc5cf45be827900f6e2939b08d742a5","sha1":"36f460fc26cecc3f1afd94acde4b45df5436b824","sha256":"b47bf737b68db6d9c56e9a06a01d0a1d5498ef921f7d2c758c4ee8cd5dcd39a3","sha512":"0748601b59886e663021e5a9a1994e66205bd5dac0d57b029dcdb8d4549e24f9b14c508aa10330a74f76b945447a4429c0b01bbe8f07b4a9ed2bb5dba0494eb2","ssdeep":"","tlshash":"1e31f936f0580102dbbc76e1056fb3579d9e3f15182acb5a0666cf8438f58ba232d947","size":1858,"data":"","first_seen":"2025-10-15T19:37:21.00173Z","last_seen":"2025-10-15T19:37:21.00173Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"24f95cc13764695b3a50482950c3d58f","sha1":"fc0050d0d6572df1dbcbcda1231f68200ed2e5ab","sha256":"63e3458dfaa03ed881c2af214e966db5f749aea66970680624813ee816e58f72","sha512":"d791c79473b17e8ef79325d8cc895186190cb09a444ee234a0387e101b341414052e0aee20b40c66ee882b1f2191acac39a77c39c54bb40a641c8a198d4fb70f","ssdeep":"","tlshash":"ac312ab313253bdea736d1b094148f683683098fcd62b290377c8849cd600b68698cc2","size":1617,"data":"","first_seen":"2025-10-15T19:37:21.005497Z","last_seen":"2025-10-15T19:37:21.005497Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"e97b5b5550ce21e189d236e18d89b3d9","sha1":"c30fc383dd1869614aaabe547c35a636405d0174","sha256":"ad37fa5692829982eb82e4f7c6ba8ceb8c28a33a5bd2eb4694c096f0e3b3f123","sha512":"07cac204e20d07aeb13b279953e16ae83118e6754ec64a9ff4f045a3d5eb91ca648285a265307246d7a593dd21125013b77fcf312138fce8dfe7f3bdc05dc06d","ssdeep":"","tlshash":"2f31b53e87dc218e8682b48dac5220182ea7136a5e06c1accd2415ce7360960b32ad7e","size":1544,"data":"","first_seen":"2025-10-15T19:37:21.010502Z","last_seen":"2025-10-15T19:37:21.010502Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"318fcc415b32d78008fccf3ff7098dc1","sha1":"640687858b760ec9365b0cb537fbf7825a78420f","sha256":"d7fa005f07b9beab0753edd144c82c6601dbd33067526a8ca25c2a026edbcfdc","sha512":"76d535a1154761306cb86f996d6bf590d9727906db316bcdc529d2835dfb509d046934937973637edd56cbff01742f833f4236c67fdb63c2957bd34d3f0d580e","ssdeep":"","tlshash":"82310abc492b4e6c2480c46a8bf4042a5265261d822f21050b1b7b58a05f3b75b061fa","size":1598,"data":"","first_seen":"2025-10-15T19:37:21.014604Z","last_seen":"2025-10-15T19:37:21.014604Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"208ca47098e1dfe36ac299cb52ae8e45","sha1":"a3df2a658ca503f3a3260feabb8588b5830c3a0a","sha256":"f2cb2a9fcecb88428a2b4f8fabd6347b94ca7a1fc44b9ee62e8fd9652aecefda","sha512":"c7508875a53704c2f9834c008aa689bbb1d70edce0c498cc0181cdf84d72b738bc82baec4590fc4b3454595e5ae172c15bfa76d94b42c64b8552ed7e2bbb58cf","ssdeep":"","tlshash":"da41f9b6906eb2f085cb7e73471fa3251fad8997e205d48c0424ab862c5c0c982f894d","size":1898,"data":"","first_seen":"2025-10-15T19:37:21.018684Z","last_seen":"2025-10-15T19:37:21.018684Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"bd5dc276f270f62ad8088f465a8835ca","sha1":"f31abfdfeb09621f0331d8583c87b176774ad7ed","sha256":"7789d9d35dfc03698076e3b7057f588029438068139aa2bf1ff02c8697f79fb1","sha512":"913e7aa87bc693fd8f6ffdbd507898287dcbe386ecbf1257829410dcbb1079c7a025485e3e5e6dbaead232e30c58bb1e882f5beb121296c2944c1d8880519e86","ssdeep":"","tlshash":"e8310a39e058064ed32476c40d7f2553de8e3e19786fca6956a9866839e2431630c5a2","size":1594,"data":"","first_seen":"2025-10-15T19:37:21.02291Z","last_seen":"2025-10-15T19:37:21.02291Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ecbf5ed469707a60d1e8f6ce66abb4ce","sha1":"75fa68b1a479aa29119bef8f5db6e44fdce0341e","sha256":"708dbc28bba6cccede8ea9d3688f55d07cc9a854746cea24495890cc0e2b923a","sha512":"8abbe9e7888b7d6cc025930fb256b5bf94f2a4be527338c0445e4c649a8580ab87632975aba69ac3b1374b002418a0afbd00a84536afdbb9b0c3040f64cd8baf","ssdeep":"","tlshash":"450183a761e13b33c80ad8da3488b15eb9d3075c8129c91f85c9e3144befc8190e9268","size":704,"data":"","first_seen":"2025-10-15T19:37:21.026995Z","last_seen":"2025-10-15T19:37:21.026995Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"399c7b7427fedea3a1a9e215b27aa0f4","sha1":"83e890c7a05397fc321ee64fbf6c78fc37907219","sha256":"38b5d4a070b18318b22cbf36903f0a12e16c5fe79053c5ff091cc99e407ca730","sha512":"d8b1af74277c6cc3a19847260d6725cc2e483265b62b6cc0e24672d579f4331bad4ec4495e1e16f4272a02dea571285d1de682e4bfd61689635ecdc1748f838c","ssdeep":"96:HsoVQj00rKQ3YKXAVjbDoH77YMTdvKqLSQ4miuBIEFhIoE5p+3R5DYKAG:Hso20YKTKXAV0A6yPkFKov3R58KAG","tlshash":"1c4250f3b384e93546434a58ccb1fb9da4a4e853075ce8b98cbf4d2ec18c565225a37e","size":12765,"data":"","first_seen":"2025-10-15T19:37:20.822788Z","last_seen":"2025-10-15T19:37:20.822788Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"7aa228a8769e0fa80849fe622d6e1b4a","sha1":"f9294e8a3ddc5c54c9a7df2246b4dd84fdbb3731","sha256":"f75eb6fe77a81f068998e999077b6f83d3d380377c3aa92bd9f9ea9c5ee7db63","sha512":"a161fc7b03b211637e9bb629a2410c2c249171f0beffc7e1bcc2c6a071f37417438e7566255f9a61d6e30dc0960965f789d231de6b985700b62f0315e036b79d","ssdeep":"","tlshash":"1131f9bb612b751c54bde3ae16106d1dafabb05b6bfa138107b51cc4e5070546aca8b0","size":1542,"data":"","first_seen":"2025-10-15T19:37:21.030766Z","last_seen":"2025-10-15T19:37:21.030766Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b3bb7a00c58b908f72353bdcd3613d4e","sha1":"b989fa17a7202a176189a87e5157cdb79860b237","sha256":"04dd2c7d016ddf5442c5457f6ef682b8754b297ad467deb30ad289d3a9e9291b","sha512":"74c742dbf9b881c5092147e02021203471b8b07e47cdadd2267f6be5117f614e80ef97f8982247012ebd19773fb2e0b71817e80be7d7e3bc1317fa98cacee24d","ssdeep":"","tlshash":"a531e527187aa4f440694c33046b176deeb7a83af923453c132f82a3874c466a34a218","size":1594,"data":"","first_seen":"2025-10-15T19:37:21.034838Z","last_seen":"2025-10-15T19:37:21.034838Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"38ee2f6ddbe8a478e5795030e72ba35d","sha1":"d332319b04b273e3b9a93ffa22ba9036d59b8e99","sha256":"97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319","sha512":"15610a3ce0ff69817776e355c350aebc006a7744a941c1258fe16a2e73445d964fd94885bd4b50bb2e9ea773a5f95bf1aa124fd90a3252ab2769d2870e5fbb95","ssdeep":"","tlshash":"20d02ef7f4d5ac218809a3200865e9083032e6feb3a08de094c0063a488a8ba9306fa0","size":275,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-04T11:01:34.904799Z","times_seen":96697,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b693df750500c1c31d6112a4ce61a62","sha1":"3ec2ab08164d3bf868cb91cc93e8f0223818bedc","sha256":"4d05a4b96b5c6030b831695f0d38ab137b30f4388612de99c3dea8c3a4c078ea","sha512":"ae56dda15902ac9c90a8f98a2f013b9bd845ec6d1f59c75d11cfb22941c8c591d57824555df77259cb11da0a20f68e32afd1d5b90ec1eb453d068b2bc865a0a7","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsjy2X:36rxKbk0CrQ+fdwNDba1lIlcPE02X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.460727Z","last_seen":"2025-10-15T19:37:20.460727Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"ce15380118d208d2c84254d46a812cff","sha1":"f1c99cd4a4eb8ddd5661ec4d9a4250600e3cc513","sha256":"01b13114694096446b089284c20ee080b178ce32743da0c86d173f6f354db09e","sha512":"9d066558dc2b7bb27bd60102beb1fc0ea694c206999667836af6bfe44811c774eb0be3f35c53beaf3caf203fe5071807bb4e2ae081188d009b5f7d8b7a693580","ssdeep":"768:ZGcNENT9g9z1VFEffDf8fW+jCQ3LnH/lqb5X3YUfqLoyNg1vyJYl1DnyqAZVpHLt:z4i9z1VFu+jCQ3Lnflqb5X3hqLoyv","tlshash":"1de26acc6385e88b2fcd5d03fd60aab66d6951a74b9133c7833cf9c815a995ec248873","size":31749,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.451542Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"af8738f180df007d7bde1bfabc92d528","sha1":"df052fb19ecb0762b66929689f2b1961093566ea","sha256":"94ae3ed83a44f0f6d6aabeb7546f1b439180a070d1ac13cd9b9a8d036281102e","sha512":"92c5402b55bbfce81b669c7f5c01fbf642d26ec2e3fbac1da7792dcc62b6b1f4efb31b89027ee30ef6a03c80165fd349a9d1c106fef470d4aba81bc01045d6e7","ssdeep":"96:xozE0o6SGxoeWfBKSGxl3v2xBbck/ND1uPjbDNHnLr1ZDWCfMEDaH:uzU6SleWfBZG33v2xik8vVWCkCaH","tlshash":"57913bb53f47b13848a7b1be26717a0c3f91600b0a24ab41b99dea419f247e84dedcd4","size":4581,"data":"","first_seen":"2025-10-15T19:37:21.04524Z","last_seen":"2025-10-15T19:37:21.04524Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b3baa834e170a82ccde1214558e68949","sha1":"41eacc3ec84959f76a1145feae5720c6b9be7cc7","sha256":"c8efacff2ceeb2150810045591c6ec468ccf08eb866a15bf946c2f45a6d501ed","sha512":"b70f6db99aaa70e4883cf7a23c0c624ce14ec8e18a5a140fd412edcccd5c68c1caca0d8e09832f3a6b3e02d7f4c1f7e08db7d8ba953f6288237dba8891486b0b","ssdeep":"","tlshash":"5531dabd06370dadc75b64f3e65c4a0d9fc3653ad431b1a14a65d4342a47a30fe1417e","size":1542,"data":"","first_seen":"2025-10-15T19:37:21.049121Z","last_seen":"2025-10-15T19:37:21.049121Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b1937d071f27ac11143d4dcbd1efe1fc","sha1":"703759e1621836b20e32dacf99b1b0e8ecfdd2ad","sha256":"880fc2d00dbfbd4c7955c38d68d01dc3cd31ef36da8314428cdc8138420f5401","sha512":"92842099e2896da38f49416d51075b4750d709490ebcae7a6725da789a57186c672bfb718e8998b50c9b8b85136ca0e8f95223264b16944c864d947ee5013977","ssdeep":"","tlshash":"43411961a145629580b2e0b37e6a3bdd1e62de5f0c18b60a80fdeb093020c9d757dc8e","size":1894,"data":"","first_seen":"2025-10-15T19:37:21.052563Z","last_seen":"2025-10-15T19:37:21.052563Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d3890f0e7d42ed4fa87083a56f8435c","sha1":"21d35deb17e45a1efff37266d62c92733c782660","sha256":"a5e8ba5b52df65fd9314da5d52e0e8f1f6b785463b359555e8579f1e6cb20161","sha512":"e8fe229df0fc01cfd2480ef321930e38528b01502a4c281beaabef14c59621ba09dd49adc28a41ec57e1f97aee528311dc2b144b85fa650c330b878a549abfd1","ssdeep":"96:xozE0qG3kE3/pMFbJQ4k/EwzXYtHDaKtGw1ZDWCfMEDaH:uz2YF3/GB64knotmKtGoVWCkCaH","tlshash":"6ea14b30bd987924e44ab06e053e6208afa1822f1640d649f66de7c60f30fa91e7e5dd","size":4737,"data":"","first_seen":"2025-10-15T19:37:21.056265Z","last_seen":"2025-10-15T19:37:21.056265Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2008cc3642c3a2049598e68b7bcb8746","sha1":"f08f279fcbcde21ec2e71d8ba3dafcd599436ccd","sha256":"e37153e8fc70e4efb7f1e236d5e41b44b26a39d5abc88475c963f0ce55506cfa","sha512":"0142c4b91ef8f08e25cf14e3721be1a15e490d786c5eb3e9200a22c46bf461cc25d8a429da5a3f657019b722c743b9f28c8e60c4d0ba8a25731f65f621794bb3","ssdeep":"","tlshash":"06b0041ccc5511c45c511137575d7010dcc3010f4134c5403d0fd7555fdd150475f5d1","size":90,"data":"","first_seen":"2023-03-07T12:10:48Z","last_seen":"2026-03-28T12:43:13.483477Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6019345868231bf2ac87f6b89690c75b","sha1":"a506a2971f4733711e41326ab9df023549d129f5","sha256":"7cacfcc0fc17d007cd7c51e522c892bf35eb7cd87793e794daa497bd28088ee7","sha512":"9452a39ed328e52c267c1010c3c2e418fd66c32a0a9fcf8a29bcc3a06925c396aa908cdc2a1022fcc12100c5fb1d19f1d488d0148fca12d717bdc2f26a1342ba","ssdeep":"96:xozN0ooVeQmVKKK1CpdMJPk/u0e6pgydL2yKMERfsr11ZDWCfMEDaH:uzBootVKKACpdYPkW08yZIV5srvVWCkL","tlshash":"2aa12ab61e7ab07455aa303a043b271e6fa0e01ba4018d0d795edf035f28bf15bbda4c","size":4685,"data":"","first_seen":"2025-10-15T19:37:21.062992Z","last_seen":"2025-10-15T19:37:21.062992Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"a2ee9db9152ef707a9537c05cfcb07c4","sha1":"58964998133d5402b2e63fffddb5ea8ed7628fc0","sha256":"133be68d6e25dcc120e79fef3aa35f94be31e4f61ca8e3b4ce210d0e74b48e08","sha512":"85fad72c80d41426dacffce208094082fabe47ca21a529bfdb6e4f5a626ccc1bc0dd3a6d74d30d6edb3a2d31df38bfad8ca1171659e166d3e29fd0fc5b1ae122","ssdeep":"","tlshash":"e9310abc765cf25e846cdcd52a363d3c871a1149c057662a8c274d3c632a9105cf8d24","size":1594,"data":"","first_seen":"2025-10-15T19:37:21.066941Z","last_seen":"2025-10-15T19:37:21.066941Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24012289.highratecpm.com/359ffd8d92c6d81781d68ca2cfcb4022/invoke.js","fqdn":"pl24012289.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"75b22bbeb727f9dd45082ddfc7dee9e6","sha1":"05ac73755a2878400c6e532e48d9c5fcfcb1632c","sha256":"bf2db14c96ff1b7a8fd68c87d02f8ebbed1789093cd36d3a919e93d5dee76d0f","sha512":"70775909f10d61bc220a662e070b0d9a8a0429bd4ae391972d425806a7ad6fa7d8a7caf09de1865ffcf355f18c8e5e823530bd273eb958e9e6ab2e2a3fde66f5","ssdeep":"768:McMESno4Q0ygG0I9lwTd+v8I6FtfKAJEOlhP4D5YStbpoX:YnkATdlqVVloX","tlshash":"b213b8ec7f45b2ad028b6823113f660af1399b1275cdd5acf192f0e8279c759c93ae14","size":43288,"data":"","first_seen":"2025-10-15T19:37:20.668345Z","last_seen":"2025-10-15T19:37:20.668345Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"2ffd558b51bc304e3e467f085ee724d0","sha1":"ade69bbaa27518006ecb253d7f14099d23c5db8f","sha256":"12fbc237fb2f6e076ac98e5bfea3c175023d06d4cef7e740af5dea373de1070e","sha512":"75cdc76e8003adf27786f3a7eacd439d43ac5cfa8116c66201a3dd0c7d0eca91b08a003feb187cf3724add3137c79176ca82a3c5d6f8c33f77c4430aa7f07553","ssdeep":"","tlshash":"3431c8f92b0927ee2f90de794c2552764ff313106ae290814775a514a79214c7a3a1ba","size":1641,"data":"","first_seen":"2025-10-15T19:37:21.070207Z","last_seen":"2025-10-15T19:37:21.070207Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"686dcfaaf079f4682bc9702ba2e05876","sha1":"fa6de55b687d51f031f31f1c28c7add468c272c2","sha256":"a6e53c5ecf5814cb4f0c23b19e026a47e5f8ced5dcacde80d98dadb23227196a","sha512":"7a9108fe3ab413c279fe1893cc8386420537a7603e17500a5f21126ae511618eabec98eb1267d5e3bb1da735971da80934471dec9b43281a6694cfb3277fdd33","ssdeep":"","tlshash":"73b00218d46541841d640176c76ab0118496054f8175c5443e0f77446f6700c139c4d0","size":96,"data":"","first_seen":"2023-03-07T12:10:48Z","last_seen":"2026-03-07T15:26:54.070885Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"179a584d010e88c796007ab1a7b18a15","sha1":"e6e0c99f27ab3f520d43955baa209ed4664b22b4","sha256":"c12e3424de6f925b4f477b0ee67b93345dfabad92f1b46da7c294ed88d0aa784","sha512":"bbb03bdff08f8c3a5ff25abd041015071c35264469bccc0107ffdac51204b201703688e8201bd2dd52501cf685b54f7a6facbfc934ea7df3fde4380c1074fb38","ssdeep":"","tlshash":"aa41f7b9784b2664cd2eb4f983867b202f14bfc8af125bca0922dac4bd145b14129d14","size":1880,"data":"","first_seen":"2025-10-15T19:37:21.079196Z","last_seen":"2025-10-15T19:37:21.079196Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"325f2e3634e93d9ff8368ec2f5729e19","sha1":"a2711f13cbbf9336aba76d33ab2a4d733a83ad8f","sha256":"ecfcd0bf5a3bcfba0a7129e2721acb619f6ce21cfdd7a1dfdff2372278b31722","sha512":"e31a51eb07b91a49a310c1329ceeb95fee30177b454db91ae763f7751b9bb0efeabd4768761d3f2719fbaf898f2f4eb4f3645b61b51e324aaf2450386b78bbe0","ssdeep":"","tlshash":"dac02bfdc100f3e80023cc140c2ce880c6888d3179aa041320f010340260d16c54a35d","size":139,"data":"","first_seen":"2025-10-15T19:37:21.083083Z","last_seen":"2025-10-15T19:37:21.083083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cd496da2d74b0c6313844bb07ba8693","sha1":"14df6c243078a07224b22a5ec546763746b13688","sha256":"2cacf829034f6cf4e40dcdbd2ff2d9ee817e7789476e0e38b11680a6d3224a9c","sha512":"462f46cae1258e6f6d22ca82578561f7c63c27aeac9e76e6bf86389cbf1d457f96199279c10fa0ee7ce9ffa20ba954c1ffe151cee5538d5b4c72a09f4b1464a6","ssdeep":"96:xozE0oFVhXU9ZG9I9IwOk/ISbDDu8+ar2N3AOakXZ1ZDWCfMEDaH:uzUFjWGdwOkASbDDus23zVWCkCaH","tlshash":"3ea14ab49ad541b928d6e4bf123b2254bfb481095a16ce0ab4acd7011f31fb84e7c9cc","size":4749,"data":"","first_seen":"2025-10-15T19:37:21.089787Z","last_seen":"2025-10-15T19:37:21.089787Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/3878540743-widgets.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"21eece0b7a222dbb78c925531a656c27","sha1":"48d0cc9691ba9b6229b5e4ec20e8a88c43f5af6d","sha256":"7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106","sha512":"197338ee2203a3e54e007d8b5fb5ee330667d86536e7d8f5bf9d150e3f7d1fa0f42fa033abf6f64e20fdbd68c8e7b6aec738fdb046420cbbc1b9608f28878f7a","ssdeep":"1536:ZJVLTvRqRF9UwngQc6MYse/412eRAMwPlH2NrAtSKUnvGYgMBSBWV66dSDXsZAas:oF9USb412eqXsNrPK+gYV8sGJeNNyN","tlshash":"6ee30ad8b79270628373b4b5003f010ff13a74aae84889acb188d9e57e749695677f7c","size":147538,"data":"","first_seen":"2025-09-29T03:21:26.936869Z","last_seen":"2025-10-17T21:16:23.593664Z","times_seen":4190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"7688ca9eb3ca1c878821b1e3fe2c23d7","sha1":"2c41fd7e9f8312d6fed18b21e1a0589413e35553","sha256":"793bae9539499e6e02187febbd2e20fd17dd40260033f5175dbfc2f294440d9a","sha512":"2c8eb7f338f85c2fb760cf69c062669cf5b75609e12799b55dfa6994bc9be6fb16695c8d6ad5fb53ca45ea30285b37ef17beadf62bb41480a61dc0fe5339032a","ssdeep":"","tlshash":"9480002888308020000bc30c0203c8c202320c0f02cc2202ac02800802e03200802c23","size":27,"data":"","first_seen":"2023-04-10T15:53:31Z","last_seen":"2026-04-04T11:01:34.913789Z","times_seen":68718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"1ba2a7ce6cd3f09a6feb598cf080ada9","sha1":"4463b818783a063aaf2d16d8c71ba74e77b4bb53","sha256":"cc7ee05fe5b96f2171f1f7a0ad2568c6cc2c2d833dcd9799999aef11f0465ddf","sha512":"5b46096bd7de678d8642d2f78ca5199cc388c545065b00fc5d4c6bca21c8c1fb39b412e83dc4af04ad4405ffbfb7988802e4b26127c652daa4130b44c5a9a9b4","ssdeep":"","tlshash":"ae817f972014aada202dbd576cd9732f601768dfd5d64306eb0adb806cec8cc6d4cf62","size":3910,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.423411Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"24b67c1f9e110c71a2a6bfc054f7208c","sha1":"fc738d64847ef0da004d74d967e9edad984b5426","sha256":"019fc4fd496f5d52b7ff58b1226a21a3efc1cd1b6ac2a1c8f40ab44e89f31a04","sha512":"6ccbe8acd7bab6a807c1a954b9219af31eb4baf6d0a4f51dab3e4679326d41ec28c838ed0a489a92f653dde707e70221c2d926e731151151bcd4df69b026ed1d","ssdeep":"96:xoz+0LVuoM8coT4tk/jVJzB27Sqyw1ZDWCfMEDaH:uzNCoMtkxJBZoVWCkCaH","tlshash":"e0a11cb87e855138d825b4ae837766003f10a60fba41df8ab5cce6546f40bf04e68da8","size":4733,"data":"","first_seen":"2025-10-15T19:37:21.108708Z","last_seen":"2025-10-15T19:37:21.108708Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"02f234ae000ee75640ceaa41f3cf8b40","sha1":"24f784c6f13a86583cc7a8ffa43bf1cc7d5aac82","sha256":"34e34bd42a1a8325ecfda1e35c92317578ff51df76be93a7ad5424a4efea82be","sha512":"4261a95f5daae091fed39b28a507f2cae1969aa81b51eab43b031bce88bebd41bb27c5ff476f6d9794de69f08ce095140dc5a7e58dc6b9fa279730d4aa08671d","ssdeep":"","tlshash":"3831077e921f1266550c81842ceb3d3c78fa9cdf3aa38540d8fc8026b63a5430f809f1","size":1596,"data":"","first_seen":"2025-10-15T19:37:21.115675Z","last_seen":"2025-10-15T19:37:21.115675Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"8033362213d98b86b6f6d89e53b62b29","sha1":"5618360b4c92d4eb82455ebde1801456416b4f10","sha256":"a6b5b687725c08490e21818c5173756ed1d37ef10a68f6d15cabb56597d9b2e4","sha512":"743285f0600585bad2bc24ca8889654409bf3e814c6c794685b59363e073459d2d15386625f7340f63628b5c6b7f3111b89c2a4a9c17b0379df6ca215614fb9b","ssdeep":"","tlshash":"d33108b3d0ab807e6a8378439057103a1c74b39dfd0a54a083c6d8e2b074ba8db4ddb1","size":1626,"data":"","first_seen":"2025-10-15T19:37:21.12378Z","last_seen":"2025-10-15T19:37:21.12378Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"52f492abbe041759838dee2967fee55f","sha1":"e00e43c6cba830bb7ed7d68a4f9e34aa3c39d143","sha256":"5ddd3366229c90437b2b5c032017f893fa95706777e9df27991014a7cbe5181e","sha512":"b65f016dcbe057d9e50ee05b66754dbe719c933a2491cc427168a4783359ef96c8732af51603e85a9312b5357ff2df8e6e0d93ffd1fb9641fe18c733b76e330a","ssdeep":"","tlshash":"7331196aa4c67050d89af9f314a9bf047f21300fcea477c958464a41b4392db263fe0d","size":1858,"data":"","first_seen":"2025-10-15T19:37:21.128481Z","last_seen":"2025-10-15T19:37:21.128481Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"325f2e3634e93d9ff8368ec2f5729e19","sha1":"a2711f13cbbf9336aba76d33ab2a4d733a83ad8f","sha256":"ecfcd0bf5a3bcfba0a7129e2721acb619f6ce21cfdd7a1dfdff2372278b31722","sha512":"e31a51eb07b91a49a310c1329ceeb95fee30177b454db91ae763f7751b9bb0efeabd4768761d3f2719fbaf898f2f4eb4f3645b61b51e324aaf2450386b78bbe0","ssdeep":"","tlshash":"dac02bfdc100f3e80023cc140c2ce880c6888d3179aa041320f010340260d16c54a35d","size":139,"data":"","first_seen":"2025-10-15T19:37:21.083083Z","last_seen":"2025-10-15T19:37:21.083083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"325f2e3634e93d9ff8368ec2f5729e19","sha1":"a2711f13cbbf9336aba76d33ab2a4d733a83ad8f","sha256":"ecfcd0bf5a3bcfba0a7129e2721acb619f6ce21cfdd7a1dfdff2372278b31722","sha512":"e31a51eb07b91a49a310c1329ceeb95fee30177b454db91ae763f7751b9bb0efeabd4768761d3f2719fbaf898f2f4eb4f3645b61b51e324aaf2450386b78bbe0","ssdeep":"","tlshash":"dac02bfdc100f3e80023cc140c2ce880c6888d3179aa041320f010340260d16c54a35d","size":139,"data":"","first_seen":"2025-10-15T19:37:21.083083Z","last_seen":"2025-10-15T19:37:21.083083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14690486bf9c2b39ecf99e9706ea0ef3","sha1":"91cf95cfe1fad849c70e387e72373ce718087ba2","sha256":"183b4629b1e54c279504d6fe2853ff574bf751582f6d32a42c5cd468846d8be8","sha512":"3c3d53904d07a202443ab87601fffddd0d783e69bdc4b7b5c86a66f8c1e118929cc8574a3e088bdaeabf6927bb67d99a9093fade477d6038aa78db7a0b98727f","ssdeep":"96:nozvJKoE7MmE0a5OBRu2jbk/9WqxF+dIIaxc5VD1ZDYRCfMEDaH:ozvH+HsOG2jbkUqDIaW5VRVWCkCaH","tlshash":"62a17d66bedb5630649b346d087a2a065c21820b2405df42bf4cd7455f147f80fdeeed","size":4745,"data":"","first_seen":"2025-10-15T19:37:21.133077Z","last_seen":"2025-10-15T19:37:21.133077Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"6b5f24e7a5a72ebb1d4fd50364a9253d","sha1":"690c29b905affa844390f07568974bb02c25dd4e","sha256":"258524349f673e5d7c3d631f149ab58425ecbce438485d44ea40bf1df1821010","sha512":"76e79f476a514e24a6d7e13c3105728096943d857070620bd6031da0e2079d0d663e9401599c16154ffc8ad8f0007e7ed658131a1c2a9a64a29d8b99d3352358","ssdeep":"","tlshash":"678004c15044c51140005537c55010411d504d73130c00dd301100705c1d10c1751315","size":31,"data":"","first_seen":"2023-03-07T01:11:33Z","last_seen":"2026-04-01T21:24:55.617288Z","times_seen":430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js#xfbml=1\u0026version=v2.5","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b938e0b835c600209bdaae9d8ccda6d7","sha1":"d5ee79d277057e05f002a18381722b5eb75d3883","sha256":"d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b","sha512":"f519d10ba250add8cdb46a82b3cddc68e01735c6c80b24d4af37aa0ca108340b59a21bd2cc19bcd4753f66ff5a5dc17f6e3500e91be6436fdd90c954a6ed3800","ssdeep":"384:Ps5FfMCDA9SQM/Psw1A9uW1HVMJDXMlS3RpU9JCo4wiLF:kU9SVjoHqXMA3CJCodiLF","tlshash":"1672b51e46f31232456370766b4b72047235d0473a0afe993f9c87542f8aa6e86f27ec","size":16896,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-04-04T11:46:05.513914Z","times_seen":147022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"742632bc886e8b02a52b58b7b90c255f","sha1":"2b8f025f20ccda2643044de6fd17ca364e4ea951","sha256":"dba2095681ef4bce0d8cd26fe42372f0a4dc655d5c504c459f0758159cf4eaef","sha512":"595ca1db37f4d2c761c9a6aa27e9ce4d853e541ef1c92a577c722304b60f951c03332a5def6aa264406d6047da0d616f27d92ca74786c7ebe9b333be63de28c8","ssdeep":"96:xoz3t0ouc4ZrTHZvn6gdsuuk/h4ZrTH6vn6gdsuo1ZDWCfMEDaH:uzxuc+nZvnouukp+n6vnouwVWCkCaH","tlshash":"20a13a25fd944119e62834ed097f72066e553a0b2419cf0a7a9dcb443ff0ab41b7c886","size":4685,"data":"","first_seen":"2025-10-15T19:37:21.147626Z","last_seen":"2025-10-15T19:37:21.147626Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl23924524.highratecpm.com/c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js","fqdn":"pl23924524.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d6e45ebbd4c7e6ddab3f30909ea730b","sha1":"2328134c58dba459e12b4fbfb2bfb7225a42e545","sha256":"55e61f9e5967790438d9cfa1c8c2835d2215fcc8d07b8fd972ff6a894564bdd8","sha512":"e6dfd3ecb747ac984785510286ebdc823a4dd2b97bbde32479432fe3f5419120dab5b3fe0941fc6201305b8f51a7bc6fb68e88c68b76b4bcc4f6ea8f57204abf","ssdeep":"1536:UcJsDEFAkM9IWf3pDTf0zpxftTgA4VEIaUe4Ru37oIXDWeGXMtb4cnSzB:UDxk4+BgA4VEIaUe4McBeGXMtb4/","tlshash":"a683f848bb82b869425620bb332ff01af15a4d421da8d444dc57f8d96fb8b1df637e24","size":84232,"data":"","first_seen":"2025-10-15T19:37:20.37143Z","last_seen":"2025-10-15T19:37:20.37143Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"df0ff3ba37d0ca6a8aae23bda437656f","sha1":"3e4a8916e2c9c2ae37ab0cd6e7d0e1b1c56e14a2","sha256":"a9be9cb9cb5a289fba70791060a8cf1fb569eb9a28492afa013da566e5fef5af","sha512":"8e7c98dcae69b194fb1c6bab0785c929f019520a42cf584fbc7bc798b6c1ed91dd56fec516b8796ceffa0ba828ed42d27a7ca98d4b9cd013a16d1dfc4a20c537","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej7Nk:36rxKbk0CrQ+fdwNDba1lIlcPEzNk","tlshash":"d423c48e3f71f15866867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46239,"data":"","first_seen":"2025-10-15T19:37:20.323673Z","last_seen":"2025-10-15T19:37:20.323673Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"d2da7455dc7fc26619697522b87d67cc","sha1":"a211ea1c0889d566de32eb059d97aacf57819d3b","sha256":"1f8ef4930074825a6e5d7e421cd24431b8b99ab6b5406d82a5cffebd8920a3af","sha512":"3a62bfe5ea91b61dd246a05116f655171970e6cb4135708d8d69d5225ab7c1634416d8879db782c02edd051d19ae96c366786617e3d040ee3846bcb5627a1f99","ssdeep":"","tlshash":"6f312bb97f3d212a8e6f8472018e3b7a7f780a144753e78b0c5407c0e6964e8653d6b6","size":1804,"data":"","first_seen":"2025-10-15T19:37:21.168798Z","last_seen":"2025-10-15T19:37:21.168798Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"df0ff3ba37d0ca6a8aae23bda437656f","sha1":"3e4a8916e2c9c2ae37ab0cd6e7d0e1b1c56e14a2","sha256":"a9be9cb9cb5a289fba70791060a8cf1fb569eb9a28492afa013da566e5fef5af","sha512":"8e7c98dcae69b194fb1c6bab0785c929f019520a42cf584fbc7bc798b6c1ed91dd56fec516b8796ceffa0ba828ed42d27a7ca98d4b9cd013a16d1dfc4a20c537","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej7Nk:36rxKbk0CrQ+fdwNDba1lIlcPEzNk","tlshash":"d423c48e3f71f15866867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46239,"data":"","first_seen":"2025-10-15T19:37:20.323673Z","last_seen":"2025-10-15T19:37:20.323673Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f00a6bb368efbba58e779a8facac3c91","sha1":"d4ed0a2e2892c1bd7afdbc34fe251734d3a407fd","sha256":"f5278f1a642b1052103fed6609901c605e28def9f0755c8d891880735e45ba17","sha512":"269708927fd0ec7de62c1fb101b0bc33c38e20faa4ccc14642ed07045b9377cad32ab55c21719dd53df9bfc97f5ed24f49a7f29720ab657d7647acd4953868dc","ssdeep":"96:xoz3t0EHiqIMmOKtftk/Tvf9nbOL9uk4+1ZDWCfMEDaH:uzvCqqtFkDf9bG4iVWCkCaH","tlshash":"94a11bb1d996a1b8644b747f023b620c3f70861fb10ad90df45ce7826f146988afd96c","size":4761,"data":"","first_seen":"2025-10-15T19:37:21.176202Z","last_seen":"2025-10-15T19:37:21.176202Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"2a46dda085e6409750dc409611ac0357","sha1":"f90e7e3b4ab3d3e8f610b70d20264a7bd8c6408d","sha256":"a8731b50dd6b15bf1f2bb64ec69f7f03f5f204a96bc9979dae5ab9683a45a44a","sha512":"b4435a4af81e8ebdbafbb541388999d04eed1b327cd325d7c867545292496bfb2f692ae7d888c02b053776582191548ba7b9895fd3a24e1e939e5759fc39949c","ssdeep":"","tlshash":"b531c8bea58630ef35a5a98a0d1e182d47f3408c9a2be41b075209cd5a3042469598fc","size":1630,"data":"","first_seen":"2025-10-15T19:37:21.183931Z","last_seen":"2025-10-15T19:37:21.183931Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7255ba114dce95c03959dc3e931e6969","sha1":"bf66871d1c58c2703375702b1d7f875701eebecb","sha256":"6af0d1ea15da69d8ec81edff97d180050d0ac2251cc1cd217807d76e29b2eb80","sha512":"11c68e3b7678a8423afd0e191c51455f1a5aebe28b6ca3999c662ba5d7f2f610aca4043ad640d9764103ad8e8f7b5b8a7d9ca1bcf38ff49b8368924c63b1a551","ssdeep":"384:Lo20Jxzn8YediLAR9N3F/ww+wcX67J169m8h:Lo20H8rdiywpdm8h","tlshash":"53d273e3b3c0da7189074a94cc76fbad9575a5a7265ce8b89c3f4c3ec06811813993bd","size":28911,"data":"","first_seen":"2025-10-15T19:37:20.34857Z","last_seen":"2025-10-15T19:37:20.34857Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"165f15b582e1c0d80ec7f19b59c8c134","sha1":"12be86b50df4b71531ba30676bf4d4e392046773","sha256":"268ac4a684b0df1568ce026dff40e65bf451838f1a190769556b82607668d664","sha512":"9309a6afb57bbbf4e267db6466e992e1ace53e4e54fef1b28434989972b1a84bc576b754e192a11151d22b6f4ebabc1e50fa41bb63810dd0322e6e75ae839b40","ssdeep":"1536:Mo2V6B4gED2lXPP6BLkBm+Qtl6rdKSa3jcDYa0z933PCbrhwXPouQ:MTV6BASpkL3pnFaKN3PC3hUPA","tlshash":"a004a5e3a384e62185074694cc72fb9ea575e91b172de8b5cc3f4c2ec16815413ae3be","size":181265,"data":"","first_seen":"2025-10-15T19:37:20.564905Z","last_seen":"2025-10-15T19:37:20.564905Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/jsbin/52802623-lbx.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2cb2604f6e8c5c4715bbb3401711e08f","sha1":"85a4215479c9cc541653da6b55bbe729ea4f87fb","sha256":"df6b83c99121e5df678aab766bb62d562a622744dc6068006b19acf13599be53","sha512":"7e4b2e06386ff2bb76bb60207e99824d6ff72d938a3683b1e1bce8af7be47595c76166538bbbc4c15d0d6e5ba473b30a717500c053751af9cb5ef2d8654d7c8d","ssdeep":"3072:d/Sefkdhs7Ot3qS7YeLXiDQfaa7XqxE9rJVLOAzhhMt2QlhCP9a7svmmKhMh2V4j:d/bcL15XQULZfMLlhCP95NIlwH","tlshash":"058461deb292b4569263f0b4483f014aa37bbc99e4484a6cb58ddcd26e7481c513ff78","size":387681,"data":"","first_seen":"2025-10-01T10:03:02.644115Z","last_seen":"2025-10-16T22:42:25.316417Z","times_seen":431,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fc25e27d42774aeae6edbc0a18b72aa","sha1":"b66ed708717bf0b4a005a4d0113af8843ef3b8ff","sha256":"b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682","sha512":"87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1","ssdeep":"1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK","tlshash":"cc93e8d9b6d2706297b730a851bf510bb17698eab80c4c60f058d8e47eb4e8d507bf2d","size":96381,"data":"","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-04-04T11:09:12.813637Z","times_seen":22870,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14e5a6b6347f71ecbe2f2917cca4874d","sha1":"8ed396050edb86835eaf09ae9dd6e4e2b4435503","sha256":"56547b3ec4b7999d7324f3ba6801b37caa5b68631aa9fbc7f9e18799eb312d07","sha512":"ee94527605916cad3cae00da42da881ef6d4bd3c40a413ca752a3fee4151a95d3359df1f23c5aea01b93a3a22f20ac9dc088d3da327498130ec55b373507d487","ssdeep":"","tlshash":"46c08c78ab000a727b223a0d9b032bc09cc90b3be2b34c02a030601064a00374149008","size":145,"data":"","first_seen":"2025-10-15T19:37:20.829992Z","last_seen":"2025-10-15T19:37:20.829992Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ef4d69ea0c96e68a772e5bb5bb5db7d","sha1":"42864d39110934e7f67171c243dbfd51ab8bbb84","sha256":"bccd814a1840daf5fc5991f72bcc4fea370ecf2063d4d4fe725e2675ba13576b","sha512":"48522868c9ce26b7680a9b72422a6a04585b1bf1b448193a80404ac4186206af774d5ed89d5ad9cba2afe8515eec6312e0764541e96724035159728603747d55","ssdeep":"96:noz0KNrIZZwe7CVCWrOZMKok/xQMdFrVitwM/eCXxq51ZDYRCfMEDaH:ozX8nQVxyZokJQMdFBizXxGVWCkCaH","tlshash":"6ba14ca93dd866742826707e22bf36492cb0822b1d24cb89b85cda154f21bf54f6cd5d","size":4691,"data":"","first_seen":"2025-10-15T19:37:21.190746Z","last_seen":"2025-10-15T19:37:21.190746Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4fad036aba082e3dbd71b66e225a5039","sha1":"3ffb157af6cb3cb8a1a6b8137e4eeffe7ba0a174","sha256":"33a10cdeeb414789cbffedcab0c2ad353e3658bde0efa0080e9f91e7c17af715","sha512":"5ad130af4ba34b25291195668d7d53f1f2b9030a250baf58aab0d55f463888649a1ab4451da1526891baddcbc7f469838f225ffac10b7e3cd8a879be2616d689","ssdeep":"192:1AIgRPrgk8+JXn00AvJVIZkPGS95hQgMz1Xo3FqryBBF9gro1olXqntpppz/QpXL:yrL8+5hAxqZOhWpUswen2E","tlshash":"1592d03b1294d96d00668f9bedc1764b3510fccb4ae5920cdab7db81ac8acec48ddd52","size":21196,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.449472Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f28a1198c98b94df67a70edb79176a48/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ba0ba96e1fa4ec5ebd41627333db3ed","sha1":"79bb2fcbe4e77d365195e2625a9e0a0208d794cc","sha256":"cb9f1d5167bca56e78f770e9c8ede28f5c32a22d05b31ade8bb01ea617589023","sha512":"d130597ab8f2d7dcedaaa607356be18fc48ef792735d42f13c5c3a4b80b59f124fa06faf911f7ffeb862c32b06c33904cd06bcdab34359ac2cb15f789f721850","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yyb4ja2u:36rxKbk0CrQ+fdwNDba1lIlcPEE2u","tlshash":"eb23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46243,"data":"","first_seen":"2025-10-15T19:37:20.648461Z","last_seen":"2025-10-15T19:37:20.648461Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"c7a959f1095138b04a0099551886efe9","sha1":"d2bfc19f2c515a06dcf402ce1089a52502a738c4","sha256":"b6a7f3f215efc494d53aa8e15705a7b6fe5a5b4cb2174507114c5c1350bdf691","sha512":"1f1d96b861442a1478843daa4de7fc4040388ef096afe20810a3708a1d0bb63648fc5795a7b64dac4469336dea10a20068856a054285d907597ed74065dca6dd","ssdeep":"","tlshash":"e4312aed299b105f0142d0b2ee7a679c37716dd45e9e01c6a030821da245b8c833fbf6","size":1541,"data":"","first_seen":"2025-10-15T19:37:21.204419Z","last_seen":"2025-10-15T19:37:21.204419Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"177d8edd9ed10aaf61601baea7a919b8","sha1":"f1a74775a2307654daaf79600268b711cae6869d","sha256":"76481d53d41006b2129dbd2eda8cf553955657f348d286938a62af420dc73d15","sha512":"cd48291d12ca32d42739968f4082de0108af9f5dc132534690c08636649cd0f5da7d15efa92a28f1abe82ceacf65b028aa1cee69506e8302ee8de21c207cca88","ssdeep":"","tlshash":"b4411be5a1d522728cfdedf3121f23a07eb9d8459da48587843047459936cfea138dcc","size":1890,"data":"","first_seen":"2025-10-15T19:37:21.209379Z","last_seen":"2025-10-15T19:37:21.209379Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"f15bdd9b58a554c912f62d3a37d4bfae","sha1":"25afc57d12c68137e9a239754a5ea8a4f9e293a5","sha256":"04daf705e2eff637135ec94ed72fb79e08fd7ac4aa5303378be66d3243682e80","sha512":"b37770770d0d3dd7c311d0a88a27447018556d29ecc5b85c70db94fabf71bc56d56a805b2d49ce1bd491b95d20b6df3972bb648eec9f0f8ad4b576e29ac33c52","ssdeep":"384:TG2Wv3TyxLxgfqB+awNOrwIAkp8sweLxGXYk:TG2Wv3TyxLxgfqB+awNOrwIAc8ILx2","tlshash":"51d25a6721a481dd20198e6b9dd1730f709bdcd7ddd68218ca52cbc0e8e9cdc6a8df62","size":30489,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.378268Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"78fa88d874f0f0fe1f3c23ed0ecd5633","sha1":"f249b6503e0bf2658536b45e083180f07280c63f","sha256":"c639f3344c1c5e3f9ae643b9931dd95a270c6d1a76c9b2cd49713b985e44a39e","sha512":"9b260c3ae25a3866e820f8df1d6e6080db595fd8a01777e8b49ad9ed337921c4a60aa16d544302780a91bd4522cb9a2ba597477f65bc0d72937e125755fe3f55","ssdeep":"","tlshash":"de3107a8ddd94f0c2746313754fa04ae3fab520d1a2b83828e1cc9885b342a64de00b4","size":1542,"data":"","first_seen":"2025-10-15T19:37:21.221103Z","last_seen":"2025-10-15T19:37:21.221103Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24184826.cpmrevenuegate.com/26/04/4c/26044c9034d41067e4eeac3c8b2a25ba.js","fqdn":"pl24184826.cpmrevenuegate.com","domain":"cpmrevenuegate.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"69207f466930d91deddf3a6379360ae0","sha1":"ac54f8641b2f85b71dd58dd89ec0a4e5277dd689","sha256":"89bcb6d94c758ffb15fe08bdcaf5bc59558a63cb59afbfc856dad7dd80a29fbe","sha512":"e77e533d8d3a83e8ceb7f2912ac978000866ff8c36b62da73c4ad62594a21528f6f60ad59c70ebba57f477f0829070737ec26bd69978441d3000b1f29006708f","ssdeep":"1536:99TDYewwZykXTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9N9rvQ:fnDT9RCgZ0eQp29N9rvQ","tlshash":"41a3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","size":106648,"data":"","first_seen":"2025-10-15T19:37:20.52022Z","last_seen":"2025-10-15T19:37:20.52022Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"97140d108478d03907dffde1037775a2","sha1":"9cc54435ff14da23fd9d7dc4bd090b2f955bf220","sha256":"cd35df1dc5d4037551bb45a86ccd6366390b470c1b05a80ec243c2ad3f45865e","sha512":"cacdc9984cde16a506266168634a15c91e1be1935343e10689f03f05296de7e71c31fc69e26ebd91e121a7d6c9a6121791f78f81ff54bc74b68d255c2ab17f85","ssdeep":"","tlshash":"2e411b677d7f3f32a94fa0f1046d27218c12c14238140652bd514fc5643a979222edcf","size":1890,"data":"","first_seen":"2025-10-15T19:37:21.224698Z","last_seen":"2025-10-15T19:37:21.224698Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"792856e8e731d4a6fa09a175206f07d2","sha1":"fbea0e0445a8c588f85d40b006729caa960157e2","sha256":"d29dc7b3f00c9759377f655b948d94c5150a0afade927258a889e27453d7e0a2","sha512":"06fc4480d8a0df2971f990d1fa11a8c5fd86c8840bea7f4bf20301be55e81c7e88d53787a4cdf773589420ad216cc35df1f260e74c596c465a29a9497fbec276","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsj7Nk:36rxKbk0CrQ+fdwNDba1lIlcPEdNk","tlshash":"d423c48e3f71f15866867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46239,"data":"","first_seen":"2025-10-15T19:37:20.264028Z","last_seen":"2025-10-15T19:37:20.264028Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b0797aa55ac31aa9ca6832bfeff63713","sha1":"90c8b464400d54e600a23a4fcadc6e7f103ae35f","sha256":"36953f9b24a87c6a2ce3dede2f9f1ce66f05fc68620c5373ca6139a2955b526f","sha512":"ca2485b3773d9bba5484da3e353b876d31cce6d8e5057ae5b7338c89386672ae0c0e5c4c9be33563877c2e2d2c4176bb74d26d35d6cd78de06a5da6f9787b231","ssdeep":"","tlshash":"553129feb5846a5d26cc96973541f7bc2ff45409ae6b0588053c3ac0c738b01d6667b1","size":1550,"data":"","first_seen":"2025-10-15T19:37:21.229023Z","last_seen":"2025-10-15T19:37:21.229023Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"d2dd67a13f40bfde467119859adfec67","sha1":"b051c085e5624b70a766dff4441cdcbf041e4672","sha256":"b7346cc9d14942acef3a2c8e9d9d0354fae548ff31d0703315ad59bb6f1880b6","sha512":"992d7bafbaf5acee550c1dfec32d90e312025ac98acc75b003cf525ad04164f504515509262718653d7bd0f4052c36695c502156f3b93c2773576001f415a095","ssdeep":"","tlshash":"a1310afb145a1e5a81e44f6d82044636fff106d0014b128c211c83cbef17b12c7872ea","size":1616,"data":"","first_seen":"2025-10-15T19:37:21.237073Z","last_seen":"2025-10-15T19:37:21.237073Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc6e46daf466b2b7c6cb002b9dac4e94","sha1":"465d0532479bef5772afeb042e03811feca3ac0d","sha256":"a7eb20385ad915f1c8d60a3962491fbd23e4badf69cef9d9b40c14d0d2514cec","sha512":"df5393111a9bf0304c52f58481e38a886af64f81f2b18e3136a95d530fc400d4c4359ac6925b3a865cd952697835e79a36c187ca854a283ba5a208ebb526ab18","ssdeep":"96:xozN0Y+DTdcdqJPiJKGsIlk/4hpLERrQt3TKiw1ZDWCfMEDaH:uz/O42CkgfL+rQtpoVWCkCaH","tlshash":"0da14be52ec6526cd81f70bba07b76643f22101f1a40c64af68cf5850fa47f8483ade8","size":4733,"data":"","first_seen":"2025-10-15T19:37:21.249227Z","last_seen":"2025-10-15T19:37:21.249227Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24012289.highratecpm.com/359ffd8d92c6d81781d68ca2cfcb4022/invoke.js","fqdn":"pl24012289.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6859bae43ef269058271de30a45db44","sha1":"b3ae76c73592e6b14fa6a88dc5244158be2d4b30","sha256":"1566eead95ea50f4e2fc758d67b83146fd38f6d0a2dc3347bfc901739396c166","sha512":"c87f3f2eec451e1cbe4b8078a061b063c40fbbafcfabe7767f7a10490442f9219b09d6b0e249dcbe9448a06dd005be512dbacd874985614d39027683b0ce1b95","ssdeep":"768:McMESno4Q0ygG0I9lwTd+v8I6Ftf/AJEOlhP44QYStbpd:YnkATdlrnVld","tlshash":"e713c9ec7f45b2ad028b6823213f660af1399b1275cdd59cf192f0e8279c759c93ae14","size":43288,"data":"","first_seen":"2025-10-15T19:37:20.722161Z","last_seen":"2025-10-15T19:37:20.722161Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14e5a6b6347f71ecbe2f2917cca4874d","sha1":"8ed396050edb86835eaf09ae9dd6e4e2b4435503","sha256":"56547b3ec4b7999d7324f3ba6801b37caa5b68631aa9fbc7f9e18799eb312d07","sha512":"ee94527605916cad3cae00da42da881ef6d4bd3c40a413ca752a3fee4151a95d3359df1f23c5aea01b93a3a22f20ac9dc088d3da327498130ec55b373507d487","ssdeep":"","tlshash":"46c08c78ab000a727b223a0d9b032bc09cc90b3be2b34c02a030601064a00374149008","size":145,"data":"","first_seen":"2025-10-15T19:37:20.829992Z","last_seen":"2025-10-15T19:37:20.829992Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"7f32a0257b9411a9f14ed76a4321e006","sha1":"c24999db8e2a42183d280ca58411e656b6ae3dd6","sha256":"457dfad9afed4ca22e9e640862b222e29d38c2da7e5292462980516ab339e26a","sha512":"4d2287c91d55b3c3e86a91adbbd3a6fbebaeb353803bdbdaf8fb125fb47c38acee859f9dd016e1252d5892001a424922fd82c2fa4218a854b43570fd1423b3f6","ssdeep":"","tlshash":"5731e7ff0753a6ada2c88027386a3c56fa30113a715194be05ae864c48d00c10e885f6","size":1544,"data":"","first_seen":"2025-10-15T19:37:21.255518Z","last_seen":"2025-10-15T19:37:21.255518Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0e9fc1d5148d929bb280d2b1b8a4875","sha1":"4c5a1913db617d9ef3f4890de174f31970d447ad","sha256":"0939638d03135e383190cb34129ad12e43ce87edb4461da5ae1044b5020ac37f","sha512":"4838ed20ef17964a3332fd5691187af5bb3e8cc03047e1b6e3daf97d320174ef5974c6a362e3831bdc4cbd8323af0a78a8a4b7947b5d44dcfb6c24d3777a12ec","ssdeep":"96:7oz+OGvb7xHVaXcGTS6oDyuQvk/KQD8KFVkFBTpBsNw1ZDeCfMEDaH:MzkNHQGTD9QvkSHKFcsNoVeCkCaH","tlshash":"0a915cf92fa2927d555b503f146b3c5abe70422f2612dd4bbc9cd3489fa01e00e6c9e9","size":4580,"data":"","first_seen":"2025-10-15T19:37:21.260073Z","last_seen":"2025-10-15T19:37:21.260073Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14e5a6b6347f71ecbe2f2917cca4874d","sha1":"8ed396050edb86835eaf09ae9dd6e4e2b4435503","sha256":"56547b3ec4b7999d7324f3ba6801b37caa5b68631aa9fbc7f9e18799eb312d07","sha512":"ee94527605916cad3cae00da42da881ef6d4bd3c40a413ca752a3fee4151a95d3359df1f23c5aea01b93a3a22f20ac9dc088d3da327498130ec55b373507d487","ssdeep":"","tlshash":"46c08c78ab000a727b223a0d9b032bc09cc90b3be2b34c02a030601064a00374149008","size":145,"data":"","first_seen":"2025-10-15T19:37:20.829992Z","last_seen":"2025-10-15T19:37:20.829992Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"55685c779299399ac510d29142854f41","sha1":"cde2a9ad16d353603b3a0009dda4f6b3dd84c222","sha256":"78b444bf4897cace8947c011e02482509ff7a81f0ec2a823b4e8d2756f3599c6","sha512":"b3a0895c09a5ba49ca485f8e5bba0a1902220e0a840467402333d2a6d0257dd679f0a559bb3731cf0f0a6396fea07e6d572b2d853ba44d98f4b5f7b6582d1311","ssdeep":"","tlshash":"9031f89624ce838cdc1fa1c2faf33a607f33253cab86c1c586aa80db4dc42648405af5","size":1620,"data":"","first_seen":"2025-10-15T19:37:21.265278Z","last_seen":"2025-10-15T19:37:21.265278Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"76e4e9ceaa044d8aae454d721edecb6c","sha1":"885345b1b5319720d3e3a5a731c65d5d24defd0a","sha256":"01c7721f608071d2fc3852be6a8bda5bc07c837d83863295f97e50bc38ffdf69","sha512":"f17cdad094733c1a5447714fa0d84b7efbaea9ccea7b4153ef10fbfb1addca0174f79b58cc6d0cc3f327b0907e13860e042233e402e31f84912c11c0cf5028df","ssdeep":"","tlshash":"c951718ca3c2f84b2b8e2e03fd25ee8e6662522b97813243c35dbb5c02d5366c009069","size":2601,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.408128Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8e90cd8e6a9c25383d8be591f13b1b9","sha1":"a44c61fd787b73b1c663a4c4e5ef59608c0a18ed","sha256":"56b655dbf14873d3cda97a672a2d6b63ba94d6929a1ceab7e612a20295399b2a","sha512":"26831e6527104c5cb784c8d149a14bc74ed1182c3d849c19855363e1f9127d90559ef6ed8a10e35e805029955dec76f9a8d6dff6cf6827cd8ec8d8671e9cc997","ssdeep":"96:xozE07GGkVJWEloNAiukiVIuk/puyI1ZDWCfMEDaH:uzPGvT+n9iVIukRuhVWCkCaH","tlshash":"0d9108ab6e856579ac9ef86f99b632162f70d02e1b00dd02f84cd3002f10a955fb9ca5","size":4581,"data":"","first_seen":"2025-10-15T19:37:21.274768Z","last_seen":"2025-10-15T19:37:21.274768Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"afd64bc6223bd1b408adfafa276b2c53","sha1":"6c65c5e4907ae277667325968aa1b24eba936107","sha256":"23c63c792bb074ef0d633a1c4ff14fc8d95cda8f08673ccde03e2055bab8e4db","sha512":"675eb224fe9edcff9b6c547deb8cb816358c7bf2b2e6a783850b1882dfc5d02157a7e774fb502d2782b6c02e5d8803c36e2343c02dffef91475d18e0e7fe5e9e","ssdeep":"96:xozvY0otcLPvHJxOk/LiwDTYnm4ANSz/ZY79rdM1ZDWCfMEDaH:uzvgtcLnJxOkji4YnmPNk/m92VWCkCaH","tlshash":"e19118bc4fe65678e84f707765bb670c6f82912b5420e649780ce6102f10b649a7ecad","size":4581,"data":"","first_seen":"2025-10-15T19:37:21.281872Z","last_seen":"2025-10-15T19:37:21.281872Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24012289.highratecpm.com/359ffd8d92c6d81781d68ca2cfcb4022/invoke.js","fqdn":"pl24012289.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c7fade0f45c87207ef2f13f7be1b142","sha1":"a4bb5400f133fc66ad83fb3f59a10ee1c48fe81a","sha256":"6a70835214aff29998f2bb83d5a08d7fd8c409f15cbd0808b3041b6280053e42","sha512":"7a8597d33fee910d29be5cc1062458e3caa79df91ee432f5e798492c2c583f46fbc17306f47626dca7978a9819e9891088934a97b97bc54b02049083718e320c","ssdeep":"768:McMESno4Q0ygG0I9lwTd+v8I6Ftf0AJEOlhP4BnYStbpU:YnkATdl0pVlU","tlshash":"a113c9ec7f45b2ad028b6823113f660af1399b5275cdd5acf192f0e8279c758c93ae14","size":43280,"data":"","first_seen":"2025-10-15T19:37:20.67597Z","last_seen":"2025-10-15T19:37:20.67597Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"2d659cedfdec6776623cc035b4039805","sha1":"2df7640b4525588fb8eb5c3e4e12c6f6ce6a9f54","sha256":"3b69adfec7438e414ad383eddd08dcdb67bd6bb959c769bffd0f8f99dd802388","sha512":"cfd389486f396c91bc724269f46894b71acd515703b937f4062349c6a820c7a75c722b38a757a5e98f65dccf07fbb4c0e708bfd58d068a9895f5797e466066ee","ssdeep":"","tlshash":"1231ea36c13c52ef15ffec074e3e7447b46009cead9f5700a9156614e9a325227115ac","size":1616,"data":"","first_seen":"2025-10-15T19:37:21.286542Z","last_seen":"2025-10-15T19:37:21.286542Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"ba87341ea664f77d33d814bf070ff4f2","sha1":"522f7541d946102072d89b1108624bebf293c4e5","sha256":"5511f7f6d7675ac4dee82d6c9886dc152b82d5dd82a5afa3ecf0f0102ed108f8","sha512":"6ba0cf82c93bcdc8b1852e41c63359816ff7e24e9c05f59f67f413a619521a038acb768089db36559c3fe3a3bf077b33a66a898e31df0b937379f8c35f280388","ssdeep":"","tlshash":"be312af2218db43c264410b5a1fd3f340c762566ad9247dd2031486cd6433f39e19179","size":1597,"data":"","first_seen":"2025-10-15T19:37:21.291024Z","last_seen":"2025-10-15T19:37:21.291024Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7d18afb82ba815bad3bca9d85775544","sha1":"5dd57aaf78bbff21f424543bb80c5a2025a0a323","sha256":"ce905eec7aad4cc014dc6ec97a4b6414d89c801343187fbf55fe65d089eceb42","sha512":"82ee68c6ea8b4ae6d4a945b04d9d5d4f592e421856c3f60768994d8806bf83eea3a0c5f906017254aa27af8592a96a82d8a3f2bb58564cc94aa2c3f59ba87e73","ssdeep":"96:xozE0o6qLne+PLaZDV1k/Q37/G+bbHokOGVAbGcYz1ZDWCfMEDaH:uzU6N+PmJkqjG+bch/YBVWCkCaH","tlshash":"27a11a69aea55028ec86a0bf187a65047f31510f4510afcef94cd3412f317ea2e7ddac","size":4685,"data":"","first_seen":"2025-10-15T19:37:21.2959Z","last_seen":"2025-10-15T19:37:21.2959Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"de557915a4a08b8959561fc62d42aee2","sha1":"f9ae1c35fe204885f7dbc03dd38bb187dd634257","sha256":"8c81f0ddff4fa8c036a93ee9914d738cad33125c3bbd85ca5a98c1d979bc6b4f","sha512":"66ddda16c275a1900eec7fe1add5972a543a1c97f0b26ab23d6d664869a504d500e8111ccebcbb121ae823e93d8a62edcb07bc574abf9b7d70f7c89767b6e980","ssdeep":"","tlshash":"944118af21019eeb04666e679ccc607b6124accfc56b9218eb97db54bc5cdd88848e12","size":2353,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.406611Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"a424a49e6df19ec5752226fa31f211dd","sha1":"7b289a03da9b8bb64e2cd1b6c47701c7301c2fb6","sha256":"6cdf39bc5a6097b9645b60da57b71df4e12a16a39472308a17d12f60ada64944","sha512":"9e7b16888b1ce9ff5c882c9f5208f53a8e90282bd71efec03a8db47972c828f17eaa929f363d208f2b824368a28fcfe88864168dce1e4fb8115238c776974ad1","ssdeep":"","tlshash":"6b41fbfa75973a6bc4afb0f3403fb5f83a2950074944531a4140fd9805fc9ee1027d98","size":1880,"data":"","first_seen":"2025-10-15T19:37:21.30474Z","last_seen":"2025-10-15T19:37:21.30474Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a198ba77ef0bfe071ac81aa0fee0d8bf","sha1":"9b13728eb24810f9b421b7bda128c75290899b9a","sha256":"b69ababb9eb876b263e45ee0e80df1581583d689d6795e7ad74abf69ce932273","sha512":"14c7e59f666e63edcaa6f4b3d42cde35aa761c5f862e31ace51bb1d898f1afd715a926dae464af32d06be0e1b3aafa9f3ee166a39ae101ae58ecfd61add112b6","ssdeep":"","tlshash":"bd214c37347952b44626f2de412722dcb57303965c59831e7138168c9ec5a7823f86b0","size":1271,"data":"","first_seen":"2025-10-15T19:37:21.316735Z","last_seen":"2025-10-15T19:37:21.316735Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"53ec89b196f92f9d13567a5b89f74358","sha1":"795fdac6cfe751eb2d2413271ee4ba29d47367cc","sha256":"2934fd70b296ff7d03143a5ef96ec3ba6a07a09d3989f47981421225f64f31e9","sha512":"5858855fd0c8547d4ef5850f02242e4020141b5cc3be7148b2b33d290613602a23cd7eb6e247a5c48d5d4d491b9a4491df7e77419777af46907167190ad6b5fa","ssdeep":"","tlshash":"3d31e83095386f8f5116d04a056e714acda2d57e15a01284d33d2ded9c51d3c8f2b7f6","size":1620,"data":"","first_seen":"2025-10-15T19:37:21.334177Z","last_seen":"2025-10-15T19:37:21.334177Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3090c9a278353d9dd0bd5c02a9fca2ea","sha1":"3072be6361963c0b3867fb093bbe8f25e3848f87","sha256":"4b987fb8b15c37e8d17521b583d03d584ea6a0b389dd7320fb5cadfd73ec6d1e","sha512":"a1f958e35d2e765b142ceda03bd481b083c50bbc0a7505b043a5e1f0836652fea3303332497d8ad9ca1fe1eb042f5fca0a4f20df9c9684f24b81a5a68e591829","ssdeep":"","tlshash":"35411933f04d3910d9dde7ba041d57a4efa21a870b8092c84a8653c70c3aa8b36ee05e","size":1884,"data":"","first_seen":"2025-10-15T19:37:21.34649Z","last_seen":"2025-10-15T19:37:21.34649Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d71f46ed9b3a5fff8fbb95cd3e174405","sha1":"141a32966e7a65b644004290cb4fb522ab449b3a","sha256":"a1812f2d3fd24d3a49e4157b240a1e88cf5d1de5d0b86054d153d34770e6973c","sha512":"593a7c0cc1456f8538e1c51628ba6bec862cb40caf35d9dab84a3524c1350abd30f903d05c5e47a23535d2ce162a273a9c730dc4c41cc39e974cb16ecc6a1651","ssdeep":"96:7oziGTMxipJd50IzqgxBhLk/wWJdbXf+teqbnnrLogA1ZDeCfMEDaH:MzM8d50nqBhLkVba4qjnrLx4VeCkCaH","tlshash":"68a14cf66f6a217da432a1b92537de883da0420f1d20ee41bd5cd2541f30bf49ba9dc9","size":4730,"data":"","first_seen":"2025-10-15T19:37:21.353903Z","last_seen":"2025-10-15T19:37:21.353903Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"21710e2052d68ae14deb1d610707e902","sha1":"2a47a2e9eb5fba3fa95eefe58c2e0236a44479d6","sha256":"9988c12d7431db71f846ea2232376867d2653e2362770003cc5196ece7d5bb03","sha512":"12cb7d6dee942e8e083a60210ff0501c3825ed97b65095b4ef40c7936b60ad7f7402dce5c64c304ef8ec5a13182298d9f0946f2a85443c8c4fbcedb4746ec132","ssdeep":"96:7oz2WGTjVNOUQBo7NMvBe98Wk/7pcDfyvUh1ZDeCfMEDaH:MzwjIBGOZeVkDpcD6uVeCkCaH","tlshash":"34a13b769c9b52350419782a15bba61c3cf2840f2a56cd05f89cd9569f30b750fb9ccc","size":4688,"data":"","first_seen":"2025-10-15T19:37:21.36009Z","last_seen":"2025-10-15T19:37:21.36009Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"8035f2d563155dcacb64aada1a0193d1","sha1":"8cba4f0dd827634f42c00ef40c939df25ac26ec0","sha256":"068d94e74365198ef04821e99aae9e93a3de8149e79e239733c2489aee02a157","sha512":"8c32322f58ec45960fb9c77e966b9d4ffeda7bcad6fefc0eb8642817f59aa3488534dbe95ed63e03b7829b837d771c0b86ab33dc3f03d2f2669984050a41a7c6","ssdeep":"","tlshash":"5a411b6bf06fa33bcccdd4fb231e6352ee3a8049274447c9aa95f95421146d861fe448","size":1880,"data":"","first_seen":"2025-10-15T19:37:21.364756Z","last_seen":"2025-10-15T19:37:21.364756Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"af22229f4fcceace7bec2186ad18ccf8","sha1":"39de42e0ece36c9761c4763d52b90dfafcf25d49","sha256":"b361f2d22212bb541842c614ed96d354d0d2fc48e03ddf280d56c714e5ce558d","sha512":"566222a699224d1f7f337711a7e69ed231edebbd24be5e20204ec068e6f3c657ee8ddbf663239cee805e2f9a0594c08c12868cb4ab07347a75361b1295019a89","ssdeep":"","tlshash":"aac048987f099b26a634788ea60527849cc00307b4369a4629aa9544b0ea17f874858d","size":145,"data":"","first_seen":"2025-10-15T19:37:21.371362Z","last_seen":"2025-10-15T19:37:21.371362Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl23924524.highratecpm.com/c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js","fqdn":"pl23924524.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e01d4bdeeec03bbf049a7059ff4dc583","sha1":"fff07536f31ccaebd4e27304c1311ca6fe684a8e","sha256":"ceeb75b4e052e57d6a8e216bd2402572e15ca191513b5e8d5e01fe7093f3edb8","sha512":"0efef90550993baaab19cf98d764839c9d8b216a63738bf199db3853036c6b4a122f809960ace18a5b7b4289a001511199b9e4cc652392cda01d364050b2c85d","ssdeep":"1536:U0tsDEFAkM9IWf3pDTf0zpxftTgA4VEIaUa4Ru37oIXDWeGXMtb4cnSzB:QDxk4+BgA4VEIaUa4McBeGXMtb4/","tlshash":"af83f848bb82b869425630ba332ff01af15a4d421da8d444dc57f8d96fb8b1df637e24","size":84196,"data":"","first_seen":"2025-10-15T19:37:20.657145Z","last_seen":"2025-10-15T19:37:20.657145Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8a2233f6f156b159c2acce7e1b5630d","sha1":"ad208eed04fc0789330b64987e0ba235ef61f790","sha256":"0a696295a04616acc4df0cd368b5e19dbb99d5a7eb6743a02326460d752592b4","sha512":"3f7a00916de81a836c823b7fa7c7101b203b18da57cc19d1e01c2f49ba7b34e5f37f253c6cc6d8283f8d6b4eaa069742654a32352c3022eed1b5eb7b2274e37e","ssdeep":"96:7oz2WGAYpGw6xynJJdg4/JZk/TlREDCQKtv1ZDeCfMEDaH:MzbYpZ6snJ3giZkxAKPVeCkCaH","tlshash":"29914c3dbde5497c5092607e2c7f60982d64821f5d21ce89bc5cfa146f38af58a2dcc5","size":4580,"data":"","first_seen":"2025-10-15T19:37:21.374937Z","last_seen":"2025-10-15T19:37:21.374937Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ac0ab524d92376b7680bf3304f175f7","sha1":"2bda88c536bab4744d9bbc16299f0ad61d277387","sha256":"4b77b003cd0fb2003dd208349fa610b472a60afec9565563b9c62760b062b508","sha512":"ab06bc923d064025a2ee8ab58bdadd9c384548aa853a0cd9ca4a5fee98d2b469e7c37969041bdad933e13e5f0e79a93d8d651a7c4f5d9ef6e5a97b7851405876","ssdeep":"96:xoz/s0h/pR0HOUCl5xNEQYls2OHk/AI6xW4aaAzaHKrutw1ZDWCfMEDaH:uz/d0HOJl5xhwHOHkoI6xTa34uioVWCi","tlshash":"3ea13b64af52f11cec5eb07f153ba214bf61d11f2812a986398cc780af117a85eadec1","size":4689,"data":"","first_seen":"2025-10-15T19:37:21.378345Z","last_seen":"2025-10-15T19:37:21.378345Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"e76520063a26ffdab99b54bc55302929","sha1":"c31b97bef7509f19f815a4817a3062548902a524","sha256":"ac57207b778a98dfa6bbba2d222cd5bfa3c3ad21509847b9ca2c79500d68e993","sha512":"c2a9c71230ac13db19db78dd6ebda091e1304c3c3e7a50a3d3c9c09189fbfa00b813b6195bd19d6dd5e6337774ef1810941ee7ddc3604146db0bfbba358b939c","ssdeep":"","tlshash":"e5311973946b3a370474bd23514b9399693b461a4e9e9a4904186c968735978127fccc","size":1860,"data":"","first_seen":"2025-10-15T19:37:21.382839Z","last_seen":"2025-10-15T19:37:21.382839Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"25880492118bdbe7ae2b6212ccb5ead7","sha1":"f56b4ef67d0c8054e0d939416d53d3cdf83da66a","sha256":"443f17ede1c5bf497490c2087f6f993c5f668c308f5fc6639664bacca730fc99","sha512":"7cfc9db2f93ebdb2aea698ef7b017d53075a31762b26679d0295f18ef0ced221b1f125d6e754e89f37bc36022e0d38c03fcd6616bb6401beb035667dee52f845","ssdeep":"","tlshash":"7531eab60413709c347d1d43c83b2918f9e6e7ff38aa56651e70902895d17189711ef1","size":1620,"data":"","first_seen":"2025-10-15T19:37:21.38927Z","last_seen":"2025-10-15T19:37:21.38927Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"050e7505cab96551456a50d1b1942f8e","sha1":"8e4be7f2a8899dff37a5cd29f3c5b429470a2576","sha256":"6a26804581a718fe9b9a1ed6d0b3ea5e76f8392ca7c39bb92218f942c4e836cd","sha512":"842609731f5ae6b560c2adef35edb2b180ea4804af2538cbbdf47006478411767601fae44eabce8a8a00f4292f69118a4d0ca55fbed4b96a2c22c66784e03783","ssdeep":"96:xoz+0LfVZr56FO8onGEnTzj8wYPXk/lIDm3PcOxrecN6w1ZDWCfMEDaH:uzNNZoF/oRnTJYPXk91PcOVVN6oVWCkL","tlshash":"efa11ab81d526078a8af382f843b7419be60835f1418ea0f7d2cd2156f20f680eb9dd9","size":4737,"data":"","first_seen":"2025-10-15T19:37:21.393796Z","last_seen":"2025-10-15T19:37:21.393796Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"6c84fc14b810839a48a53cee4d9a66be","sha1":"7265fc18b1153f40084d292e46b23873964fb52e","sha256":"0cbb0aef136452801af79d70d0dfea2dca93bee2efaa5740a5e5c3006d538dac","sha512":"ebfb2ba09580f46bd7c5a0b8b1a08a869b807b14e13ffde5e9271815910c4fc60a68de24c4006d3ce5d8b62de5901bd1b82091269dbed0a073ff266d4c153241","ssdeep":"","tlshash":"6841cae9623e3059d8b196b12557bad81e7453461c6057804d1ec2b4385d9e8a316dcd","size":1881,"data":"","first_seen":"2025-10-15T19:37:21.39751Z","last_seen":"2025-10-15T19:37:21.39751Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"360ae224a36cfc27006abb38252c06c5","sha1":"382b1cca413daf1ce3308936ad99253175fa76a4","sha256":"e5d5cde97e3e6f84fcea0a2aa4b188a099d710b758482e8ae25645ba570e402c","sha512":"13087c13a7d9aa7393fcfabf2a60bdc22198901d0412c8198a46ba43c0ca6a75d0f0f89b7e2a7342517d5d745ea9a63610db8e9eea5bb929904cce4e2bf1766e","ssdeep":"","tlshash":"7f310c2c6994057d41b091975c7f24bd6e3aafcc9d251f9909fc7c01dd3d85a83409e0","size":1542,"data":"","first_seen":"2025-10-15T19:37:21.403277Z","last_seen":"2025-10-15T19:37:21.403277Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46236,"data":"","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"35b4d3f9af75c8541db420932cdad7f8","sha1":"bb345c5cc62003da481c613d6786aa41374abef6","sha256":"9a3a63fd7f7c4a9dd84de2b2a48a5af24e923f3560fd20f44cafa0135205b1c8","sha512":"53cf3bce8ab76a07086e78d374604dc618c6c6c51ba114d3cbed9f2580318d6674793ab954f3b04dfb691f1eed54e3a574db5ce969726119b8d0f50f03ae3486","ssdeep":"","tlshash":"f731c67826988138e560e8918b5b9989bed7657bf8e277e481c8d028a5c26f10e050b8","size":1620,"data":"","first_seen":"2025-10-15T19:37:21.40673Z","last_seen":"2025-10-15T19:37:21.40673Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"d0dd70a76900ed38be57c2984898083e","sha1":"b30788c1fa21507d9d22ca584f77f4d66118d31f","sha256":"afc6b0ae97a7a2f58911b9d6c90dec5c7c8cf75c91a926aa0bf36b372fbaa51e","sha512":"11950b8d8138319c1a0150a4756919d7f131778cb2c56a9bbe8e5b590ec2d726fa4510c4a5f2a4ed7832024963c7d4241c0bd4e52a7d762b5ff83116549ebf67","ssdeep":"","tlshash":"f9311b9d757827d25c5ef5a322af21ce7decc77a1d34828c4864855102308ae131cd0f","size":1861,"data":"","first_seen":"2025-10-15T19:37:21.411348Z","last_seen":"2025-10-15T19:37:21.411348Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/js/cookienotice.js","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","size":6513,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-04T11:01:34.870906Z","times_seen":109165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"94492fce921007c36d643f01a2614dc1","sha1":"61535a8c1aeaa571311d43cbcf7883f610531ab2","sha256":"bdef58b14a68bd0e1247ee31d7e4e22b22cdcc1c1e4a992d288a255d360880c7","sha512":"bd937894af807262a8b9985429264e8397733685e0f8be2eeff2396b0812cea7935a404a9ecf445ca71fa1e1fcc8cdf6d4c30f005fa4e6474fc859e87e77116a","ssdeep":"96:xoz+0LMEhxYV0bYje1Fwkk/LNwlEChm7+s9+W9o5W6w1ZDWCfMEDaH:uzN5XcjUkRO5G4voVWCkCaH","tlshash":"40a16db8bfcad575849670eb643bbb306e22810b2608d90638cce3412f70b945dbcc95","size":4737,"data":"","first_seen":"2025-10-15T19:37:21.41506Z","last_seen":"2025-10-15T19:37:21.41506Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"662d2ecefde8bd9f6f6bed10cac787fc","sha1":"a05ebd51696c1db2569367fa708ce51fbacde6ec","sha256":"a47ede33f8b005296919f2634d245ce6447f1a30ad36720db89a1a9b797ca670","sha512":"12a6dce2d8cd08ea5047846c6d15ff4f5df4331ff26f333d90e6c73bfcce8508b889fedd3868124fec1c252867d2f8565d46f51c61dd4e554982359ae580c50a","ssdeep":"","tlshash":"ee310978330a332689a7a3fd379476547ec018030b1567c4846b9a0186787dc9d99cc5","size":1806,"data":"","first_seen":"2025-10-15T19:37:21.421141Z","last_seen":"2025-10-15T19:37:21.421141Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"02166263d582b4ab11d593ee887ec186","sha1":"1ad112afabe8c613c54bd635e6cca2425e70e3e3","sha256":"4d327f5ac928542ef90e688edb9a867de4a6c4e210059b2b07578944cdfd49fa","sha512":"dc16732ab56e1d52447d26fd8f62b6d756899aae34f76988b781ee770f7e39fa3525960c60031428d42d368cdc5eeca42a9bb8fd8921695a0f8da49fee8b6247","ssdeep":"","tlshash":"ab31c8bb476778bd42c690873f4d320a5e515bf47895e451162955f08e907c2a78a4b0","size":1626,"data":"","first_seen":"2025-10-15T19:37:21.427393Z","last_seen":"2025-10-15T19:37:21.427393Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14e5a6b6347f71ecbe2f2917cca4874d","sha1":"8ed396050edb86835eaf09ae9dd6e4e2b4435503","sha256":"56547b3ec4b7999d7324f3ba6801b37caa5b68631aa9fbc7f9e18799eb312d07","sha512":"ee94527605916cad3cae00da42da881ef6d4bd3c40a413ca752a3fee4151a95d3359df1f23c5aea01b93a3a22f20ac9dc088d3da327498130ec55b373507d487","ssdeep":"","tlshash":"46c08c78ab000a727b223a0d9b032bc09cc90b3be2b34c02a030601064a00374149008","size":145,"data":"","first_seen":"2025-10-15T19:37:20.829992Z","last_seen":"2025-10-15T19:37:20.829992Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"325f2e3634e93d9ff8368ec2f5729e19","sha1":"a2711f13cbbf9336aba76d33ab2a4d733a83ad8f","sha256":"ecfcd0bf5a3bcfba0a7129e2721acb619f6ce21cfdd7a1dfdff2372278b31722","sha512":"e31a51eb07b91a49a310c1329ceeb95fee30177b454db91ae763f7751b9bb0efeabd4768761d3f2719fbaf898f2f4eb4f3645b61b51e324aaf2450386b78bbe0","ssdeep":"","tlshash":"dac02bfdc100f3e80023cc140c2ce880c6888d3179aa041320f010340260d16c54a35d","size":139,"data":"","first_seen":"2025-10-15T19:37:21.083083Z","last_seen":"2025-10-15T19:37:21.083083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4a712953bd69f1b082066201112465d","sha1":"45b607f57e1aa5cae95913f029f648ead75f44c9","sha256":"d3a548e536b3f1f256d3bcc908cbe2d6c86d44262e65841e25d774c2665e659e","sha512":"bcb78b48717cbdec008527c7e5f3abf2ea930dc547c3598329a27555201d28b32ee5b4987410fecd31497294936a3ef23513ddd78530417d707feefdb62f59ed","ssdeep":"96:xozE0o6ti1MW1Iswnk/4hrTmEIbm1g1GRv1ZDWCfMEDaH:uzU661kkwnIh+NVWCkCaH","tlshash":"9ba13a696f69a035a866b8be163b3a2c2f21420f5205dd06bc4ed7442f30fa00efcc58","size":4685,"data":"","first_seen":"2025-10-15T19:37:21.43178Z","last_seen":"2025-10-15T19:37:21.43178Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6929fa74907ccfdc383851f063c6e52","sha1":"92a8e444e80b0c5deff259cd342a151217a2f1b0","sha256":"8f6652b18dfcc44061f4cfde9fac07ff4adfe8a84e74dd680cd56bf95f372e88","sha512":"38fbb84a803570398b89db6d9c55505d028fe57cfe7fc0e1241b3d44aacabf209a2eb9a853551927c307f3f9922d05356c4dee85540ecbe19f7d9798c23b7f98","ssdeep":"","tlshash":"dec09be4e608f759c076dc98086ce544d6108d11657d451735d51c2541d45398bd576d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.435434Z","last_seen":"2025-10-15T19:37:21.435434Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a198ba77ef0bfe071ac81aa0fee0d8bf","sha1":"9b13728eb24810f9b421b7bda128c75290899b9a","sha256":"b69ababb9eb876b263e45ee0e80df1581583d689d6795e7ad74abf69ce932273","sha512":"14c7e59f666e63edcaa6f4b3d42cde35aa761c5f862e31ace51bb1d898f1afd715a926dae464af32d06be0e1b3aafa9f3ee166a39ae101ae58ecfd61add112b6","ssdeep":"","tlshash":"bd214c37347952b44626f2de412722dcb57303965c59831e7138168c9ec5a7823f86b0","size":1271,"data":"","first_seen":"2025-10-15T19:37:21.316735Z","last_seen":"2025-10-15T19:37:21.316735Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f6316f84a142284f4f75c49958232f1","sha1":"c839757572891e55150a180c3194b5afebf2060c","sha256":"08e7b7b4551f8f5e2271ffd4fdda563d4da89c150a83787243185d5b710492c6","sha512":"003c080843be1a099d73a554e073232afb9bd5b7b2d078a2e453767a359aa4afedb2d45add51767c00aa92b35864a4e68216ad25f2ce73ce5cd2e73849ff9ab9","ssdeep":"96:xoz3t06vyNUTQHnUsk/t4q51uGy3EWadk3upU5R1ZDWCfMEDaH:uzLvy53keQvy0ZcupsVWCkCaH","tlshash":"0b912bd46fd121694486b037a53ba20d3f75940a19089a8af85ce6052f30bc44abdd9d","size":4579,"data":"","first_seen":"2025-10-15T19:37:21.44484Z","last_seen":"2025-10-15T19:37:21.44484Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6929fa74907ccfdc383851f063c6e52","sha1":"92a8e444e80b0c5deff259cd342a151217a2f1b0","sha256":"8f6652b18dfcc44061f4cfde9fac07ff4adfe8a84e74dd680cd56bf95f372e88","sha512":"38fbb84a803570398b89db6d9c55505d028fe57cfe7fc0e1241b3d44aacabf209a2eb9a853551927c307f3f9922d05356c4dee85540ecbe19f7d9798c23b7f98","ssdeep":"","tlshash":"dec09be4e608f759c076dc98086ce544d6108d11657d451735d51c2541d45398bd576d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.435434Z","last_seen":"2025-10-15T19:37:21.435434Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"325f2e3634e93d9ff8368ec2f5729e19","sha1":"a2711f13cbbf9336aba76d33ab2a4d733a83ad8f","sha256":"ecfcd0bf5a3bcfba0a7129e2721acb619f6ce21cfdd7a1dfdff2372278b31722","sha512":"e31a51eb07b91a49a310c1329ceeb95fee30177b454db91ae763f7751b9bb0efeabd4768761d3f2719fbaf898f2f4eb4f3645b61b51e324aaf2450386b78bbe0","ssdeep":"","tlshash":"dac02bfdc100f3e80023cc140c2ce880c6888d3179aa041320f010340260d16c54a35d","size":139,"data":"","first_seen":"2025-10-15T19:37:21.083083Z","last_seen":"2025-10-15T19:37:21.083083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a026b019d4d3d5cb4af605c66466399","sha1":"6c52c55fc9585937eb5cd3355924c8d003f38ed4","sha256":"d5219cc1046000e053ec3ea43732d66669c959aef0f889cd2df6860860b71c96","sha512":"228e1c7cb07793d3afaeb6db6c2e59806decbb2e142360fe21cbf5d8e3bb0ecb55e623c5c826d24611334b1d1af08e4d7e3e65d1ce5df877b327196a24f5924e","ssdeep":"","tlshash":"d8c02bf4d300f24800d3c0357970e2440730dd503058003e20dd4812526ce86417d36d","size":140,"data":"","first_seen":"2025-10-15T19:37:21.157781Z","last_seen":"2025-10-15T19:37:21.157781Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"001ebd541cc58c549d205c130e56c8bc","sha1":"603fd9f734bccb9062c9cc476a6d7d7474cd40f2","sha256":"df02fc0d05387c864dd0705fb34f5444c23eb95f1104b6cb50ca558c153b16d7","sha512":"69e003cbabef04d2e16321f9706ac40835ed07ef17458acf962bc4c5e938cb5e8ce1ee29b4ef577f05cb8980fb31b7cba1513cc688e393cc844fd3782e009459","ssdeep":"","tlshash":"df310abd92ed4adf35d5c08e124b1165dfdd0744d72b4a0901f4c762401e7684f1e1f8","size":1626,"data":"","first_seen":"2025-10-15T19:37:21.450256Z","last_seen":"2025-10-15T19:37:21.450256Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b86c2574afea9d269f61d2c00189b307","sha1":"93406e2ef7da3fdf7e11d7da7adfe89883344a5f","sha256":"19d1863a6515ec3e5c0e75ddaa6832e51ffc0d611ec494f3b669c5056660299f","sha512":"66238e496265ca173c90936ad0a9151e38a09d9c166af2d7cfe5f7794f1960099825d13ae7444d9705e22e443929148e47b458712d48ee37f19e8ca92e28ee61","ssdeep":"96:xozKzx00+E3YYR1v2T/neePVPk/qzUml7+tvUGlw1ZDWCfMEDaH:uzYHvcPPkMtRqLloVWCkCaH","tlshash":"24a13b55addb827d988da0fe527b52055e72820e3605cf4afaccf2502b607944dfd8d8","size":4729,"data":"","first_seen":"2025-10-15T19:37:21.45673Z","last_seen":"2025-10-15T19:37:21.45673Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"08aaa2b41816cbb4991c9ecde28d0753","sha1":"a91a5691705a2d24e414896a799156d832812d0e","sha256":"fc17bc00801907b65e7c86af02c8f8c3227e0771f2cf21951ad454c9231fb943","sha512":"b69512195d416d9e04117ea3475a724505b78d7f09b5691ee591d958bcfc44163cacf61251ea6543feb75ebd93ef5d590bc3195aabe2d77bbac75ab52d821d16","ssdeep":"","tlshash":"b231e8b2d15b427c610ae2aa0137224cbab19f3eb11f9524f26ca8d2951563dae9b034","size":1630,"data":"","first_seen":"2025-10-15T19:37:21.467948Z","last_seen":"2025-10-15T19:37:21.467948Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a198ba77ef0bfe071ac81aa0fee0d8bf","sha1":"9b13728eb24810f9b421b7bda128c75290899b9a","sha256":"b69ababb9eb876b263e45ee0e80df1581583d689d6795e7ad74abf69ce932273","sha512":"14c7e59f666e63edcaa6f4b3d42cde35aa761c5f862e31ace51bb1d898f1afd715a926dae464af32d06be0e1b3aafa9f3ee166a39ae101ae58ecfd61add112b6","ssdeep":"","tlshash":"bd214c37347952b44626f2de412722dcb57303965c59831e7138168c9ec5a7823f86b0","size":1271,"data":"","first_seen":"2025-10-15T19:37:21.316735Z","last_seen":"2025-10-15T19:37:21.316735Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"438155a2b967befe9628196713a87e7d","sha1":"3ec8b3fa5bf04772871d7da098f1ad409efc553f","sha256":"82b511fddfe211966d0762e99cc2c1cd1f949250d151ebe5f9ae3720f0b2a282","sha512":"6a073de6e8852d15130a1fb0fe4a3d69b7ebbf885a829251333012d92c29915f184c2246feebe8fe372a0221c22c598cd63b882cbe702aa7ff22426fb226232b","ssdeep":"","tlshash":"b0311b9b256c15632cbad4f34f9d71051f47eb1807d504c68a0377005145eb7172dade","size":1862,"data":"","first_seen":"2025-10-15T19:37:21.477031Z","last_seen":"2025-10-15T19:37:21.477031Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"6cda50cd6edf2a09c1611b0b88d667d3","sha1":"092db87072623b412b83dcd72371eca905718d9c","sha256":"0b9e5e1b02d3c5ae90ec661eb217f835593f9762314a107b348d8144bdf3389d","sha512":"47e38871a98c487a69582fb812959662926b3ed2ce85c0bcc23de10e3f4f85786744f40fb94ee378a1713808f2e2aa71dbbe84ef954172bbfec8ece9314a0c24","ssdeep":"","tlshash":"ad31e858aa12f20decbca48b1827a204f69af857a57730f20998c545e7034684f8aa83","size":1596,"data":"","first_seen":"2025-10-15T19:37:21.487578Z","last_seen":"2025-10-15T19:37:21.487578Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"325f2e3634e93d9ff8368ec2f5729e19","sha1":"a2711f13cbbf9336aba76d33ab2a4d733a83ad8f","sha256":"ecfcd0bf5a3bcfba0a7129e2721acb619f6ce21cfdd7a1dfdff2372278b31722","sha512":"e31a51eb07b91a49a310c1329ceeb95fee30177b454db91ae763f7751b9bb0efeabd4768761d3f2719fbaf898f2f4eb4f3645b61b51e324aaf2450386b78bbe0","ssdeep":"","tlshash":"dac02bfdc100f3e80023cc140c2ce880c6888d3179aa041320f010340260d16c54a35d","size":139,"data":"","first_seen":"2025-10-15T19:37:21.083083Z","last_seen":"2025-10-15T19:37:21.083083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"ce9e621dec8bbc56f94e675b5e66c9fe","sha1":"3e9c116f73ff736f000dd898005c6c13aa9ae741","sha256":"cb7de424783907b5b2a1a1bac96110c6a40f9efa9311b11e03dea9b83d45e167","sha512":"f3a1db8e01d85ba2cc70d5df7b3bbf2e2dd5fcaf3ec1158ece3715798f43d2c5bad0e7a15d6f36c66229659234b1988e57810dec9dccc4038537422000188e3c","ssdeep":"","tlshash":"6531c8fbe21b841945c14d191cb60e178ab3074a56cb3fa00b29434856480b60fcb6b5","size":1622,"data":"","first_seen":"2025-10-15T19:37:21.4972Z","last_seen":"2025-10-15T19:37:21.4972Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b90d436d29e453eb3669903fccfa76b6","sha1":"cd57bd3942b69ac1708314d853d79cd2d4f21cf8","sha256":"4b0e071b06a87a46e62d751ca191feee4a86cee38f8b6c5bc20dc951af5aefb1","sha512":"3dad260640c9ea773dc4645ca44a1c268bb6ce720d8d8686f566895937cfc66f6b0526fdf60a8fd599401d76d55e815ebbf28667943566be9df746461011431d","ssdeep":"96:7ozzGo/f+Cub1SqlRcPboe/kk/srV89JWkvG37boir1ZDeCfMEDaH:MzB3+CLmmT/kkUre9JWkvGr/JVeCkCaH","tlshash":"e3a13bba5da546783852e0bf4bfa20092d91920e031a9c82be0ef7045f15fb60f2d5fd","size":4692,"data":"","first_seen":"2025-10-15T19:37:21.508931Z","last_seen":"2025-10-15T19:37:21.508931Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"af22229f4fcceace7bec2186ad18ccf8","sha1":"39de42e0ece36c9761c4763d52b90dfafcf25d49","sha256":"b361f2d22212bb541842c614ed96d354d0d2fc48e03ddf280d56c714e5ce558d","sha512":"566222a699224d1f7f337711a7e69ed231edebbd24be5e20204ec068e6f3c657ee8ddbf663239cee805e2f9a0594c08c12868cb4ab07347a75361b1295019a89","ssdeep":"","tlshash":"aac048987f099b26a634788ea60527849cc00307b4369a4629aa9544b0ea17f874858d","size":145,"data":"","first_seen":"2025-10-15T19:37:21.371362Z","last_seen":"2025-10-15T19:37:21.371362Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d6cb18cde944ab4b50e124df6bd1c27","sha1":"23526de971feadeb9cb6d667429376cde8e2448a","sha256":"78f9f79d1d54976fd1372be851acadeafa013018d2b2feeaaab262ca448be555","sha512":"3e52f72b606f74290912a4d740ea0b8d26630305b36f157363d52ba399226026672d98901c3b4c5f78c5a55f372dd7eff805b81cada8889eca7c152bfcdeafe6","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybsjvDI:36rxKbk0CrQ+fdwNDba1lIlcPExDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","size":46266,"data":"","first_seen":"2025-10-15T19:37:20.788764Z","last_seen":"2025-10-15T19:37:20.788764Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"021f55ede1114897724f4c161daed8ad","sha1":"d6f5fbe5880a232f6af6cefa9309501c957a73c8","sha256":"58867ea04c22fbaa8082dce1f691893392f8a218c74c49a493acb2e0da4b2361","sha512":"aa9b558d9820e434684dd883999640b5eb861a023697300e973b58a7d974b2e7f26c729c498143ae9e414ae976679ceee3980257148a74fc70897d526ac4e1f7","ssdeep":"","tlshash":"8131f957653e1572ecb3f476428fbfac3d5593056344c8c16817c3c05934aaa1739c09","size":1858,"data":"","first_seen":"2025-10-15T19:37:21.51791Z","last_seen":"2025-10-15T19:37:21.51791Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57c3e77ba68ad4dc863dc882a9f725bf","sha1":"35ad996179ba92f685a8d2ffdc07cde555a685fc","sha256":"2f4a32434f3aa8cdaff797e0196bd01fae083e90fb17533fb73e4f1b3f67823b","sha512":"a4d8d2a759effbc51d2a0470b64cbd16b9a2c53e7494c56236f64df57eec842cbf0160dcdfe8a3e59f8418db4051a22c5eeefaf0e17057982eaf41fa3c0fe7a7","ssdeep":"","tlshash":"6cc02bf4d300f24840d1dc150c7ce24487208d202498003f21e108220340d8681f936d","size":140,"data":"","first_seen":"2025-10-15T19:37:20.8414Z","last_seen":"2025-10-15T19:37:20.8414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"384568ed5ef2c0bc91f222390acbac44","sha1":"3c9cfc550dddca92d15b2b2975b59509f4c3b7de","sha256":"183582909ce6121a3746704dba6968224e2298c80619d84b843c1b5eb3770421","sha512":"0e29a81341c48bb30102599239048dbe132bfd1bfb8677f525fc1ac33132e2391164cc3ca68c7e5705bb9932c4b97d4be1190dd10ed8320dfd75e4df451c17d1","ssdeep":"96:xozE0qy2+Cp208QfT4E542ZwtVk/9PybB23qRfG/4p00w1ZDWCfMEDaH:uz2yiUi0E542ZwzkJA26A/c00oVWCkCM","tlshash":"dda16d625e46a13894da583f5537321a3e31414b0a09d749b80cd3cbbf31f654afedea","size":4733,"data":"","first_seen":"2025-10-15T19:37:21.564106Z","last_seen":"2025-10-15T19:37:21.564106Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c3ee2d9912930decec17f3f7c84776","sha1":"4927cb0e7182a4dd516cb5d256fd96341d20e848","sha256":"3984aa5a1b447f5a299542b1225c7da9b0007fefc8b8c4e6d5ec6457f5b32239","sha512":"9bcf9a59497acb025eca93b61b30e4a2529d1d4e858f26912af4174b1a54e8352f9088e144666b1051517cfd9b38b8ce7c6219c2992fa3932878d9afb5a19585","ssdeep":"","tlshash":"00c08ce4bf022010b980380f932b37d05fe1032ba020961e20924440768682b12bc00a","size":145,"data":"","first_seen":"2025-10-15T19:37:20.855098Z","last_seen":"2025-10-15T19:37:20.855098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"980ba2534e556437f7382a3f73b35250","sha1":"c8a43b40ae33db0364199c43825dce39f3badf9a","sha256":"39fd04fad6cbf77d5724c288633344bd11a7cef8fffb9ed6239d3953bd8feb1f","sha512":"6cb39c49e1e753c0cd712908f3308a2c7bfacf7a1cfbcbca21f46be1eac992af8aa1d976e67f5a029b3ec4071ef9eb4982c8aa6a1eb534b8ec14fdec25220d89","ssdeep":"","tlshash":"6b31d7fa5a3e76375ae961b4000e3b2e0e50e443c40514895cb20f025b3a7f11a7ef0c","size":1858,"data":"","first_seen":"2025-10-15T19:37:21.578721Z","last_seen":"2025-10-15T19:37:21.578721Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"7dfbe693c287e357da8ab766c702a141","sha1":"7c921a5d41f5c016ed5e7086b7661072045f09d5","sha256":"bb326dea40b721a5df55c895c53d1b7536079c6c9ee8ae924bc8bd1df76273f9","sha512":"466faff80505520d18caa75e6e7cf9c0fca9f64ab877d1aaf7ba2fe924c7c43136527e10b58a1cb05e783f960437cbb6bf1cdab42d343eb651a2f98f88349834","ssdeep":"","tlshash":"25310c9050dd40fde69cd0ec89a3402446a7bbadf6ab0b76b7e5517556d10010cb9df1","size":1616,"data":"","first_seen":"2025-10-15T19:37:21.61899Z","last_seen":"2025-10-15T19:37:21.61899Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57c3e77ba68ad4dc863dc882a9f725bf","sha1":"35ad996179ba92f685a8d2ffdc07cde555a685fc","sha256":"2f4a32434f3aa8cdaff797e0196bd01fae083e90fb17533fb73e4f1b3f67823b","sha512":"a4d8d2a759effbc51d2a0470b64cbd16b9a2c53e7494c56236f64df57eec842cbf0160dcdfe8a3e59f8418db4051a22c5eeefaf0e17057982eaf41fa3c0fe7a7","ssdeep":"","tlshash":"6cc02bf4d300f24840d1dc150c7ce24487208d202498003f21e108220340d8681f936d","size":140,"data":"","first_seen":"2025-10-15T19:37:20.8414Z","last_seen":"2025-10-15T19:37:20.8414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57c3e77ba68ad4dc863dc882a9f725bf","sha1":"35ad996179ba92f685a8d2ffdc07cde555a685fc","sha256":"2f4a32434f3aa8cdaff797e0196bd01fae083e90fb17533fb73e4f1b3f67823b","sha512":"a4d8d2a759effbc51d2a0470b64cbd16b9a2c53e7494c56236f64df57eec842cbf0160dcdfe8a3e59f8418db4051a22c5eeefaf0e17057982eaf41fa3c0fe7a7","ssdeep":"","tlshash":"6cc02bf4d300f24840d1dc150c7ce24487208d202498003f21e108220340d8681f936d","size":140,"data":"","first_seen":"2025-10-15T19:37:20.8414Z","last_seen":"2025-10-15T19:37:20.8414Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d5629af42ac6f9cee53d7591253a8675","sha1":"6ca0e8862d094ad0ba1817836644addca075c573","sha256":"158e7a04c03f9dde9a8992cdf8e25419505115e8e4097f7ff710b6a26178719a","sha512":"16dc136c13090222ec15560c8c07830a23323b8402d244b284a023fbe4f02598899d116548067159ef70e7de5131db12690d0579675589d5cb366b6ff37b8a68","ssdeep":"768:r2iBJnsqaYIrZf1EAYX0YaPKbBnoK4Op+4cFNAKeU9K0qcpO58O5uvKKOCOKVAe/:r2iBJnsqaYIrZf1EAYXDPAPSg","tlshash":"7bc38ff57107834beabd0843ae947aad82fab55391c4f143d0f8ba0f059a48fd5b98d4","size":126635,"data":"","first_seen":"2023-03-07T12:43:08Z","last_seen":"2025-11-03T12:21:11.446924Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24184826.cpmrevenuegate.com/26/04/4c/26044c9034d41067e4eeac3c8b2a25ba.js","fqdn":"pl24184826.cpmrevenuegate.com","domain":"cpmrevenuegate.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"69207f466930d91deddf3a6379360ae0","sha1":"ac54f8641b2f85b71dd58dd89ec0a4e5277dd689","sha256":"89bcb6d94c758ffb15fe08bdcaf5bc59558a63cb59afbfc856dad7dd80a29fbe","sha512":"e77e533d8d3a83e8ceb7f2912ac978000866ff8c36b62da73c4ad62594a21528f6f60ad59c70ebba57f477f0829070737ec26bd69978441d3000b1f29006708f","ssdeep":"1536:99TDYewwZykXTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9N9rvQ:fnDT9RCgZ0eQp29N9rvQ","tlshash":"41a3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","size":106648,"data":"","first_seen":"2025-10-15T19:37:20.52022Z","last_seen":"2025-10-15T19:37:20.52022Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl23924524.highratecpm.com/c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js","fqdn":"pl23924524.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d07896cde6c5b83b9653ffc65d936778","sha1":"8278ae430118bca21474878ee72710d82bb6f597","sha256":"498e30887af7da7e12b3be1b5f7d73cd7383ae593e55f9af90636fc1aeca10f4","sha512":"b199b0c6710c578cc18b398dc8c3d84800dc6fe735634e1ae6e29f2c3cb49bbbe2db66b0d22067214e32732fd10c8e1b289e43e5bea6b4bf2431b3147de834d2","ssdeep":"1536:UkzsDEFAkM9IWf3pDTf0zpxftTgA4VEIaU44Ru37oIXDWeGXMtb4cnSzB:ODxk4+BgA4VEIaU44McBeGXMtb4/","tlshash":"9b83f848bb82b869425630ba332ff01af15a4c421de8d454dc57f8d96fb8b1de637e24","size":84192,"data":"","first_seen":"2025-10-15T19:37:20.538555Z","last_seen":"2025-10-15T19:37:20.538555Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f488687f23b8b2ad6f1d05c2d07b2735","sha1":"9fc276898b78f841cb27d76da4f17dbe8c77aefe","sha256":"9153ade8a8e5db45d8092225fe85f04f6af83889149e2f735d1815268a1003c9","sha512":"de641622763436813ae87369ae73c0f2d7123835e07e67005a30b4bc76dccf76f07be9c35b78614275144015af1f491458cf292e060df5ef74cefbeb267e7ce2","ssdeep":"","tlshash":"690189137108e71422a314347b8bba18fd2ac2520895453b391cf5324f07b63ce96be3","size":798,"data":"","first_seen":"2024-02-05T14:31:36Z","last_seen":"2026-04-04T11:01:34.924316Z","times_seen":65736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"259a4a497c60c1df05773c0e881a4506","sha1":"c93e7aaa17c86e186ced69290282314fb5dc3704","sha256":"9b70b68ced3b1ebca3e1ca1b5fb2f7a026cd4bc50fa316a34ea2e6eea2e81133","sha512":"8621744e26c35743a1c3dd403419852af8089d93122d90e97824c728c83a9e760374c3e1aee7dfd708712e0a78bf53cc1dae16c05ea88d93e4e6fd59daee06a9","ssdeep":"192:euhhEhEzBrS7+hcOpyI/BRq2EaMkOkMkNDChqcpllLckzhWT5veGvKGvOG/BGvkM:euhhEhEzBrSjV2JMkxMkNedllIkzhxt5","tlshash":"0c321dc3b5fc78f10f9db86f74156bb474414c1ec983aa998c2d24b9230abc395a9f64","size":11847,"data":"","first_seen":"2025-10-15T19:37:21.643486Z","last_seen":"2025-10-15T19:37:21.643486Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"901be68ba602537e0c44fa5324842fa6","sha1":"800b23f987a6c7ebedeb543bf536807296ed1517","sha256":"7f16f6088b5ea1a92215eff3d5bd27b868a2dd8941f410e99668675241a34d67","sha512":"99edb24cd6c91fe17ccb36f3e226341c4cad7665d659da81de1f982e74b91056ecfb7cfaf00434c49905a18300ad5641a1e21e80cada835ccdf4e20279ee1c78","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsja2n:36rxKbk0CrQ+fdwNDba1lIlcPEM2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","size":46242,"data":"","first_seen":"2025-10-15T19:37:20.663264Z","last_seen":"2025-10-15T19:37:20.663264Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"wivesvacancycraft.com/pixel/nvwbdp?key=359ffd8d92c6d81781d68ca2cfcb4022","fqdn":"wivesvacancycraft.com","domain":"wivesvacancycraft.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wivesvacancycraft.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:34:17 GMT","end":"Wed, 31 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"4D:01:65:39:E3:24:0E:FF:79:8A:30:79:6C:8D:BA:45:61:FE:F5:E1","sha256":"5A:77:AD:C7:37:4F:28:49:B7:2D:91:C9:D9:A8:3B:AD:B7:0E:36:76:3A:B3:43:20:B1:AF:0B:1A:BE:E0:78:7D"}}},"request":{"raw":"GET /pixel/nvwbdp?key=359ffd8d92c6d81781d68ca2cfcb4022 HTTP/1.1\r\nHost: wivesvacancycraft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wivesvacancycraft.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":691,"timings":{"blocked":298,"dns":15,"connect":92,"send":0,"wait":95,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wivesvacancycraft.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wivesvacancycraft.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aIK3DYzB23%2B%2FCntKWfPkRpy7ufVNmhC5hm7H8CjGbymovogDpSSHhw%2By618hxoNaPljcAXRhic6hP5D4PgCKoHR07yyJQCkTpX%2FHDyc%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98f1c3fbb947b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /da4057f56deac1caae7482053a78f1aa/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18426\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9de3b71625132ab2a63838d2ef03f498\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46239), with no line terminators","md5":"792856e8e731d4a6fa09a175206f07d2","sha1":"fbea0e0445a8c588f85d40b006729caa960157e2","sha256":"d29dc7b3f00c9759377f655b948d94c5150a0afade927258a889e27453d7e0a2","sha512":"06fc4480d8a0df2971f990d1fa11a8c5fd86c8840bea7f4bf20301be55e81c7e88d53787a4cdf773589420ad216cc35df1f260e74c596c465a29a9497fbec276","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsj7Nk:36rxKbk0CrQ+fdwNDba1lIlcPEdNk","tlshash":"d423c48e3f71f15866867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.264028Z","last_seen":"2025-10-15T19:37:20.264028Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XTOfXZhb%2Bjy2Onmn1bVLU54La9Vw3Ku22GEUilC5U4fQP0pM3Ox4XTiDs%2B1hpg%2FgUtZRlO2CKxvc6pieG2wqn8tJiCwQyscK3O30RECJ\"}]}\r\nage: 1480950\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 98f1c3fbec63568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.461166338557.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f8df78fc903f065f0854d89281c95b8517961954ad7d35d51c590f89be1df12e79f35f373f447415e6aacb94310be745ed44778560010c2792987bab576bcbec11fd7657bc65f6fa609152b04965f3cbfa4a753c1fc8f9e04b19bc\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.461166338557.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f8df78fc903f065f0854d89281c95b8517961954ad7d35d51c590f89be1df12e79f35f373f447415e6aacb94310be745ed44778560010c2792987bab576bcbec11fd7657bc65f6fa609152b04965f3cbfa4a753c1fc8f9e04b19bc\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3680\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 12\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 314e59cfa2f32e9f21f865f4eafa475d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3842)","md5":"7f58f7974fd412df72311bbfd4495868","sha1":"003c96109148ddf670acabe4ce3ae1c890bd8a46","sha256":"23a16cb75350ae40d7fa4b0807003bb63960f2fb1b3a4a6acb4187efcd5700ae","sha512":"b1867d932ec52a0e0b7dd01d1e1889262b57b7f283214a8ec23fdfc9e21aaf49cff93514f0d48b172d1fb1e9035f123eaad3223ef8f6eedbee43f65c07690e8e","ssdeep":"96:yozE0o6qLne+PLaZDV1k/Q37/G+bbHokOGVAbGcYz1ZDWCfMEDaH:vzU6N+PmJkqjG+bch/YBVWCkCaH","tlshash":"23a11a69afa55028ec86a07f187a65047f31510f0610afcef94cd2412f317ea2e3ddac","first_seen":"2025-10-15T19:37:20.272887Z","last_seen":"2025-10-15T19:37:20.272887Z","times_seen":1,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18423\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 55923ba5694987085c7dc648e4b2aa1b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78672\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:44 GMT\r\netag: \"68b47314-13350\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78672,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:40:19], progressive, precision 8, 300x250, components 3","md5":"066e20100222b78fe9405d18539da6e4","sha1":"aa5e3d971a8d26f99b7fdc0ddacc61c062cd1776","sha256":"0af13aebc4a03fef7e5e9050db1d797bb81bf9f64227866392cb7b97ec045085","sha512":"5c6c20ab83609a25576880ddf9b35f93481a165e6ddd174dd086022bd660d9b1936b8edb37c46d7f0cdbbcd77cbf9753bb7d8b8757692266d45c64dceebb02b0","ssdeep":"1536:BHEqIkq/HEqIkq7lE6c/Fs27oxQhHXNFv3fEH3j0sF6:Bk1kq/k1kqp74HhHv38H3/6","tlshash":"e773f158bb45ee23f8d35b730873e7875a13ae24a3971e90708c7520f7f5b54080e616","first_seen":"2025-09-02T19:16:52.557605Z","last_seen":"2026-04-04T11:42:40.800923Z","times_seen":1066,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1488629374997.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=459619c3cf6d1cac0d6899239cbe9100b0bcd1c208112486ae697bfa709202341c504588279d1feabb6e28951c0052163d9e227a0f60a123bad331383e031322edf97d0e626ae856b242d39e0c7521fcc63f356b01e3327361c495\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1488629374997.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=459619c3cf6d1cac0d6899239cbe9100b0bcd1c208112486ae697bfa709202341c504588279d1feabb6e28951c0052163d9e227a0f60a123bad331383e031322edf97d0e626ae856b242d39e0c7521fcc63f356b01e3327361c495\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 3291\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3f4264a0dfbc197311650c57dede8a3b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3738)","md5":"f176065e0f9041425bf6df944757854a","sha1":"dc9a0a54d51e40bb065bc5ce4a2ec88a0858a9e4","sha256":"1e5c404956bd1c712f6574eb0e701bf9640f6a62b84cfa382d702e4c0a338618","sha512":"7ed68d9575e325423eca892baad889e86ea7dab973d9eb42deb711cee263ae5a619a1d348466200286df0de332dcaa5802e9c14692c0131e4fcfa218a55c1851","ssdeep":"96:yozvY0otcLPvHJxOk/LiwDTYnm4ANSz/ZY79rdM1ZDWCfMEDaH:vzvgtcLnJxOkji4YnmPNk/m92VWCkCaH","tlshash":"dc9129bc4fe55678e84f707765bb630c6fc2912b5410e645780ce6203f11b649a7ecad","first_seen":"2025-10-15T19:37:20.288146Z","last_seen":"2025-10-15T19:37:20.288146Z","times_seen":1,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":217,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.913222251200.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.913222251200.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://rashcolonizeexpand.com/watch.913222251200.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=c6df068370bb48f21834a593b168f77b24ead13ba5118bdf275f011adcfb3043c29c235b28edb7aa78c847496685e3931a62ad9c5b82adce82c0538ab392ed4d1ff6cd1b7d32681b3ea166c35420f2eaae3e87e0f28b424c304f27\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; expires=Wed, 15 Oct 2025 19:37:25 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9ba61de6e03b779d49df390e9de8aef9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/a/AVvXsEjEUzXED3k8zLP3urz3kNR8u2XoaJIaCVv8KzZz1E2q70zTZlI7pfBQB1_OXpwebkjdWEe9KPvtl2zYcv7Dh3hJIYsINCuKIwvRCqy_7im3-y5DlQs2G_qLk84fTK8v9tOCibZZgIkRuzoMKfKsVP_im-er__H9OFyluAntJFG_fgNzcxiNsr5fMTo7c7E=s220","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/a/AVvXsEjEUzXED3k8zLP3urz3kNR8u2XoaJIaCVv8KzZz1E2q70zTZlI7pfBQB1_OXpwebkjdWEe9KPvtl2zYcv7Dh3hJIYsINCuKIwvRCqy_7im3-y5DlQs2G_qLk84fTK8v9tOCibZZgIkRuzoMKfKsVP_im-er__H9OFyluAntJFG_fgNzcxiNsr5fMTo7c7E=s220 HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v31\"\r\nexpires: Thu, 16 Oct 2025 19:36:30 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Omniklusive.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\nserver: fife\r\ncontent-length: 6341\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6341,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 220x67, components 3","md5":"6778c1e54b8a08625022474dacc3f0b2","sha1":"55539b7893ffcacd10f5a23bc43e12dd800b2219","sha256":"d71245cd6e68aad110dffc050cc402de3f631d6cb3a3a1968460f222969ae0a5","sha512":"97b10dc82574f9c6b9509de2b56e3826563116ff674f699ab7bf598e9f43dd8c69f8d0d40130e9122d0c6c686103995318c0bb98a206f5be806294a7776f3a20","ssdeep":"96:BtHCShBzP/Gl+b6JH10vavZf3zepVYRzQQ5wh3RvZS11NmcRru4HZHm9jW0xoKIc:X1BzPSDfCoRzQMwh3G1rxm9XxWE","tlshash":"a3d17c2e3f07e461cbef0e301677679ab324defde30930af8160ba621a19b4e105516c","first_seen":"2025-10-15T19:37:20.292342Z","last_seen":"2025-10-15T19:37:20.292342Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1094,"timings":{"blocked":66,"dns":20,"connect":7,"send":0,"wait":939,"receive":1,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18423\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a5a7f50a8afea787f7b17a277e8e3071\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4ff04110e5c575b50eb098ec3cc88db1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"throbcrunchsurely.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu2cwpHsQYvClz8KDgznZP9_ROGyS4xoRgTGISCSge6kf3bLnVVW1X9_RmBIkuSG6u4EE99X6zycYYgnoTCSyzXiQgpC-6hywE_wAPQvQovRlYfVDfe6--Onzvq_fpRrFHPBR09_ybZiyVogv9rtN54bLUwpS2c_ZSx3W6zrHOZakD_1hntYFs9LLr-V3nxc6piK-YhZ7jOo7ruJ2TMotis7qwz0Kmt0O3Gzpdv9d1-z5Ws__3tmjB0hbEaI8cgRT1k3_E70LyKXTy3YnIruQmfen1pFA0NxlGYuttvaJNqZEclHHWQqy3Zq9hbE3Il3Mwems2Acxos5kATNZk7pkHYHprJhNsdP2xUqYQaTDxBMrRFJGaQtIpuFmDFPcJwAXOnoNObpw1WUmvPGZpw9ak_egvyLIm7QdHoZM7S0qudi4aVeTSaIvVuIJcnUIOp0iLHeTjOchyBzz_BFL8ShYenYFONs9ZZSDF7vMiZDQM3P58yERv3g_DcJ72HTHvBsHAoZ4XeMzdt0jGU1DbQtEc2UIRt1CkLSRit-M7A5-71AviUPBFx6e-LyLmhIOe49CQL6LgjfZ15Ok6uFoHz64izT6-KbzFyGPc32BYkZ_f7x9BVmzDLlew4lnYvCattz7CSFQoI4LSEpSUoJQEZU5QjqrrQtmerW4IZQvmznJvlr1qYvLhBr1u8mGkCWi2jkxUmzL9wK6B54cm49iKiWmAsryaUCaqjXSPPNUY3VIPNFai3Y7XD-NYDETY44EYuIsDVwQDTns85sx3ej1YWUHauX17xrImr9x9iFTW5LnNz8DoDqzaAZeHQAsXtKxAlyuM9Q8m0XJFFVaOoi43SVcPIUyFNG8jv9LaUHvk6cmFS0vb-7_-zs3jiPi94_n44ak7Rz8EzyqkWYX35c8EQ3VtcsGUZPOCKS35_lyay0SOabMRF3OaR4duvRFdKU0mTp-w69-8yhuiKW9fimx-hmoh9dCSb5ekEFF20mQ8IndP28sRO1_Y5aUi00V65vxrJ08naRZZK42egsqaHN6-BS5rcuS3tf1t9079A55ehU3vkVnAGgKWtqEkgYoO7imrYP_Ts4N6w17DMGuD5mvQSYVRVmGkKlC1DlscnuRpdu_4L1818TWYak-YytqbTGXqi5q89_vdBrYb-PGxbVbudvo95gWDQRDFgYg94fU8EfadKPRpGPih30du6-U___7p3wAAAP__ig_dlZ8EAAA=","fqdn":"throbcrunchsurely.com","domain":"throbcrunchsurely.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"throbcrunchsurely.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:35:19 GMT","end":"Wed, 31 Dec 2025 08:35:18 GMT"},"fingerprint":{"sha1":"50:72:94:2F:4C:52:0E:93:94:98:D2:04:39:34:0F:85:38:24:92:92","sha256":"A1:7D:09:0B:38:C0:E1:52:80:EB:94:D5:35:4F:7F:DC:F5:5E:0A:9C:B1:82:D5:82:DA:BE:C3:A1:97:1B:81:8D"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu2cwpHsQYvClz8KDgznZP9_ROGyS4xoRgTGISCSge6kf3bLnVVW1X9_RmBIkuSG6u4EE99X6zycYYgnoTCSyzXiQgpC-6hywE_wAPQvQovRlYfVDfe6--Onzvq_fpRrFHPBR09_ybZiyVogv9rtN54bLUwpS2c_ZSx3W6zrHOZakD_1hntYFs9LLr-V3nxc6piK-YhZ7jOo7ruJ2TMotis7qwz0Kmt0O3Gzpdv9d1-z5Ws__3tmjB0hbEaI8cgRT1k3_E70LyKXTy3YnIruQmfen1pFA0NxlGYuttvaJNqZEclHHWQqy3Zq9hbE3Il3Mwems2Acxos5kATNZk7pkHYHprJhNsdP2xUqYQaTDxBMrRFJGaQtIpuFmDFPcJwAXOnoNObpw1WUmvPGZpw9ak_egvyLIm7QdHoZM7S0qudi4aVeTSaIvVuIJcnUIOp0iLHeTjOchyBzz_BFL8ShYenYFONs9ZZSDF7vMiZDQM3P58yERv3g_DcJ72HTHvBsHAoZ4XeMzdt0jGU1DbQtEc2UIRt1CkLSRit-M7A5-71AviUPBFx6e-LyLmhIOe49CQL6LgjfZ15Ok6uFoHz64izT6-KbzFyGPc32BYkZ_f7x9BVmzDLlew4lnYvCattz7CSFQoI4LSEpSUoJQEZU5QjqrrQtmerW4IZQvmznJvlr1qYvLhBr1u8mGkCWi2jkxUmzL9wK6B54cm49iKiWmAsryaUCaqjXSPPNUY3VIPNFai3Y7XD-NYDETY44EYuIsDVwQDTns85sx3ej1YWUHauX17xrImr9x9iFTW5LnNz8DoDqzaAZeHQAsXtKxAlyuM9Q8m0XJFFVaOoi43SVcPIUyFNG8jv9LaUHvk6cmFS0vb-7_-zs3jiPi94_n44ak7Rz8EzyqkWYX35c8EQ3VtcsGUZPOCKS35_lyay0SOabMRF3OaR4duvRFdKU0mTp-w69-8yhuiKW9fimx-hmoh9dCSb5ekEFF20mQ8IndP28sRO1_Y5aUi00V65vxrJ08naRZZK42egsqaHN6-BS5rcuS3tf1t9079A55ehU3vkVnAGgKWtqEkgYoO7imrYP_Ts4N6w17DMGuD5mvQSYVRVmGkKlC1DlscnuRpdu_4L1818TWYak-YytqbTGXqi5q89_vdBrYb-PGxbVbudvo95gWDQRDFgYg94fU8EfadKPRpGPih30du6-U___7p3wAAAP__ig_dlZ8EAAA= HTTP/1.1\r\nHost: throbcrunchsurely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl23911790=1; nlec359ffd8d92c6d81781d68ca2cfcb4022=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: throbcrunchsurely.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 272796b06df15b3f873120effac1ccaf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2SQe4kFNxKPMwYOKO1v9u9sg4hojwZjEJJKDeKhfPVtOT1fb1T29uxeDgRC8uHgyt95vNlnUIOpB8BAJs94CQsaLe8ii-AeICPEqsxlYfVDvfa--Onyv6qtrm_Ue8VCz3fNvm3WdZWwp6NHu85d1Lk1ju2cvdR3aoye6l3Ue-ie6q7NUjl52PL9HX-i-qcTALLnUodShTveULlVqVpf2WejiduL0Etrz3Z4T-Fgt_9_bugPLOpCjPXIMWk6f-CN9D1pMkA-_OansoDLFS28M64xVpsRIbr-bD3LT5BgewLTsIM2356dh7JSQzxdg8u35BDCjrdkE4HpKFp55AJ5vz2WCj24-UsozqBxcPo5mNIHKdqDZBMJchZb3CSAkzp5DPrx11pQNW3vEshk7JYcf_g3dTMnhB08jH369nOnV7kWT1ZU2ucVq2kKvTqD7ExT1Dqr1BehmB6L6GFr-TJYenkE-3DpnMwMtd5-TCWdJ6ASLCZfuop8kySILqFx0wjCmzPNCjzv7V6TTCZjtoJ4t3UGddlAXHQzlbtensS8c5oVpIkVEfeb7UnGaxC6lLBERajHTvoGq2IDINiDKKyjKKxjoz-4Hx-4f-Q1lfRd2Zff7OAmlr9IkokHguI7DfccNmVJpwiLuMuFFLPIZi7hQaRonvoqCmPtOGIqARkGcBCykInE49eVMk0h8ytyYRhGX1PWVrxKqojCUMo79yJFMSCY86rtpFMfclUHKvMCNkiRwXc914og5acTCiCuRski5gRB-wkUcRTQOUyeVyuU0iGHlk7DVlHTe-Qgj2aJRBI0laBhBowmaiqAZtTdlZl3b3pKZrbkzr-68eu3YVP1NdtNUfZUTsHIDpWy3dPGhvQpRHRqvp1aOzSwxXrVjxmW7WeyRp2a-6AyuHcVA7Xap76VhGjgBp6mvXC-kSRi7sRSSchXFEla30HZh_zXX9ZS8cud3FHpKnt36FJztwGY7EPoQWH0ErBl7lIKtjN2AYj3_zgxzPchqq0eqJ8ywl_chTYuiOoxqrbOZ7ZHj4wuXlu_uW_X9X9egxD0yD4iyRVG2-ED_RNDPro8vmIZsXTCNJd-eKyo91OtsZuOLFavUY1--pdYaU8rTJ-3GF6-JGTGDty8pW51hudR535KvlrWUqjxlSqHIndP2suLna7uyXJd5XZw5__qp08OiVNZqk0_A9JQc_esTCD0lx3-8sf9FgxdvQBRXYIsDndYQ8IIg0wSZOthnvIX9T88P8Ka9jn7ZAauuIh-2GJUtRlkLlm3A1ofGVVHee_UXbz_As86YZyXZ4lk54_VuN_WUKyiNo9Dx4lQ5ni9FGsR-IkNGPU-hstOVP__54d8AAAD__3XEZspABQAA","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2SQe4kFNxKPMwYOKO1v9u9sg4hojwZjEJJKDeKhfPVtOT1fb1T29uxeDgRC8uHgyt95vNlnUIOpB8BAJs94CQsaLe8ii-AeICPEqsxlYfVDvfa--Onyv6qtrm_Ue8VCz3fNvm3WdZWwp6NHu85d1Lk1ju2cvdR3aoye6l3Ue-ie6q7NUjl52PL9HX-i-qcTALLnUodShTveULlVqVpf2WejiduL0Etrz3Z4T-Fgt_9_bugPLOpCjPXIMWk6f-CN9D1pMkA-_OansoDLFS28M64xVpsRIbr-bD3LT5BgewLTsIM2356dh7JSQzxdg8u35BDCjrdkE4HpKFp55AJ5vz2WCj24-UsozqBxcPo5mNIHKdqDZBMJchZb3CSAkzp5DPrx11pQNW3vEshk7JYcf_g3dTMnhB08jH369nOnV7kWT1ZU2ucVq2kKvTqD7ExT1Dqr1BehmB6L6GFr-TJYenkE-3DpnMwMtd5-TCWdJ6ASLCZfuop8kySILqFx0wjCmzPNCjzv7V6TTCZjtoJ4t3UGddlAXHQzlbtensS8c5oVpIkVEfeb7UnGaxC6lLBERajHTvoGq2IDINiDKKyjKKxjoz-4Hx-4f-Q1lfRd2Zff7OAmlr9IkokHguI7DfccNmVJpwiLuMuFFLPIZi7hQaRonvoqCmPtOGIqARkGcBCykInE49eVMk0h8ytyYRhGX1PWVrxKqojCUMo79yJFMSCY86rtpFMfclUHKvMCNkiRwXc914og5acTCiCuRski5gRB-wkUcRTQOUyeVyuU0iGHlk7DVlHTe-Qgj2aJRBI0laBhBowmaiqAZtTdlZl3b3pKZrbkzr-68eu3YVP1NdtNUfZUTsHIDpWy3dPGhvQpRHRqvp1aOzSwxXrVjxmW7WeyRp2a-6AyuHcVA7Xap76VhGjgBp6mvXC-kSRi7sRSSchXFEla30HZh_zXX9ZS8cud3FHpKnt36FJztwGY7EPoQWH0ErBl7lIKtjN2AYj3_zgxzPchqq0eqJ8ywl_chTYuiOoxqrbOZ7ZHj4wuXlu_uW_X9X9egxD0yD4iyRVG2-ED_RNDPro8vmIZsXTCNJd-eKyo91OtsZuOLFavUY1--pdYaU8rTJ-3GF6-JGTGDty8pW51hudR535KvlrWUqjxlSqHIndP2suLna7uyXJd5XZw5__qp08OiVNZqk0_A9JQc_esTCD0lx3-8sf9FgxdvQBRXYIsDndYQ8IIg0wSZOthnvIX9T88P8Ka9jn7ZAauuIh-2GJUtRlkLlm3A1ofGVVHee_UXbz_As86YZyXZ4lk54_VuN_WUKyiNo9Dx4lQ5ni9FGsR-IkNGPU-hstOVP__54d8AAAD__3XEZspABQAA HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fca7aa24a69e54a62c38c4e04d815879\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYsc1Ra_Pcl7i_cWj5eIkI30woWK03NvfXVdg4hjjARjEvNBFiJyP3uuXVW3rFvVNZmFBIMSBHEQF7qrPt2TQQ2iLlwIkdDjLiCk3TiLDIp_gIoQt1KdgdELdT5-v7P4ncOv3hlXe8iHiu2ee8lumCRhK2EPdx-7bDJpa9c9c7FLcA8f7142WRQc7663oRg9Rfyghx_vvqDE0K54mGBMMOmeNIXSdn1lwYLJb1LSo7gXeD0SBrBe_LN31RI41gE52kNHwMj5_37Rr4ARM8jSL04oNyxt_uTzaZWw0hYwktuXsmFm6wzSg1IXHdDZ9v40WDdH6KMlsNn2_gZgR9N2A-BmjpYevgc8296XCXy09UApT0BlwOV_oR7NQCU7YNgMhL0GRt5FAELCmbOQpTfO2KJmVx6wrGXn6PD9P8DUc3T43kOQpZ-vJma9e8EmVWls5mBdN2DWZ2AGM8irHSg3lsDUOyDKt8DI79HK_dOQpdOzLrFg5O6jknJGIxIuUy695YBSusxCLJdJFMWY-X7kc7I4kdEzYK4DVfuZDlS6A1XegVTudgMcB4IwP9JUij4OWBBIxTGNPYwZFX2oRKt9E8p8E0SyCaJ4-2b1Wp54fuz5ceyNyY1crpXD0bQsKjWtMuHGZPsBFC6wrRYLxwTy4ioMzQd3wyN3__UTFNVtcGu7X4eUaxUKpmQQx5pwwoUXCsVDqrXfJ9QjXDElYyap4jIiAY77gnJOJaVeGPmBFxIstMcwi4Mo7GuJGelHjJDQYzEjmsVeGPR5yAQN_NhrZxVhhEUEU6wpDaJQ8r7iLNYk4EISz5My7EcSy5BiHvMIe0wrHkWBZl5MNPEVBiePgSvnqPPymzCSDdQKQe0Q1AxBbRDUJYJ61GzJxHmuuSETV3Gyn7397DcTWw7GbMuWA5UhYMUmFLKZmvwNdw1EeWiyoZ2c2DYwXjYTxmUzzvfQ_1s7dT787RIM1W5XezEjhMaCxpwGUkd91sdK8j5t7xDE4EwDxi0tTLBh5ujpWz9Dbuboken7wNkOuGQHhDkErDoGrJ6QCANbm0QYw0b2lU0zM0wqZ0aqJ2zaywYgbQN5eRjKK51xsoeOTs5fXL29cPirP6agxB20_0AUDeRFA6-b7xAMkuuT87ZG0_O2dujLs3lpUrPBWvdfKFmp_v3pi-pKbQt56oTb_ORZ0RJtefOicuVplkmTDRz6bNVIqYqTthAK3TrlLit-rnJrq1WRVfnpc8-dPJXmhXLO2GwGzMzRf35_F4SZo6Pffrz4s8Mn3gORXwWXH-h0FgHPESQGQaIOcMYbcH_r-UE9dtdhUHSAldcgSxsYFQ2MkgZYsgmuOjQp8-LOMz_4iwc86Ux4UqApT4qWN7td7StPYBz3I-LHWhE_kEKHcUBlxLDvKyjdfO3XP7_5KwAA__9bolVkdwUAAA==","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYsc1Ra_Pcl7i_cWj5eIkI30woWK03NvfXVdg4hjjARjEvNBFiJyP3uuXVW3rFvVNZmFBIMSBHEQF7qrPt2TQQ2iLlwIkdDjLiCk3TiLDIp_gIoQt1KdgdELdT5-v7P4ncOv3hlXe8iHiu2ee8lumCRhK2EPdx-7bDJpa9c9c7FLcA8f7142WRQc7663oRg9Rfyghx_vvqDE0K54mGBMMOmeNIXSdn1lwYLJb1LSo7gXeD0SBrBe_LN31RI41gE52kNHwMj5_37Rr4ARM8jSL04oNyxt_uTzaZWw0hYwktuXsmFm6wzSg1IXHdDZ9v40WDdH6KMlsNn2_gZgR9N2A-BmjpYevgc8296XCXy09UApT0BlwOV_oR7NQCU7YNgMhL0GRt5FAELCmbOQpTfO2KJmVx6wrGXn6PD9P8DUc3T43kOQpZ-vJma9e8EmVWls5mBdN2DWZ2AGM8irHSg3lsDUOyDKt8DI79HK_dOQpdOzLrFg5O6jknJGIxIuUy695YBSusxCLJdJFMWY-X7kc7I4kdEzYK4DVfuZDlS6A1XegVTudgMcB4IwP9JUij4OWBBIxTGNPYwZFX2oRKt9E8p8E0SyCaJ4-2b1Wp54fuz5ceyNyY1crpXD0bQsKjWtMuHGZPsBFC6wrRYLxwTy4ioMzQd3wyN3__UTFNVtcGu7X4eUaxUKpmQQx5pwwoUXCsVDqrXfJ9QjXDElYyap4jIiAY77gnJOJaVeGPmBFxIstMcwi4Mo7GuJGelHjJDQYzEjmsVeGPR5yAQN_NhrZxVhhEUEU6wpDaJQ8r7iLNYk4EISz5My7EcSy5BiHvMIe0wrHkWBZl5MNPEVBiePgSvnqPPymzCSDdQKQe0Q1AxBbRDUJYJ61GzJxHmuuSETV3Gyn7397DcTWw7GbMuWA5UhYMUmFLKZmvwNdw1EeWiyoZ2c2DYwXjYTxmUzzvfQ_1s7dT787RIM1W5XezEjhMaCxpwGUkd91sdK8j5t7xDE4EwDxi0tTLBh5ujpWz9Dbuboken7wNkOuGQHhDkErDoGrJ6QCANbm0QYw0b2lU0zM0wqZ0aqJ2zaywYgbQN5eRjKK51xsoeOTs5fXL29cPirP6agxB20_0AUDeRFA6-b7xAMkuuT87ZG0_O2dujLs3lpUrPBWvdfKFmp_v3pi-pKbQt56oTb_ORZ0RJtefOicuVplkmTDRz6bNVIqYqTthAK3TrlLit-rnJrq1WRVfnpc8-dPJXmhXLO2GwGzMzRf35_F4SZo6Pffrz4s8Mn3gORXwWXH-h0FgHPESQGQaIOcMYbcH_r-UE9dtdhUHSAldcgSxsYFQ2MkgZYsgmuOjQp8-LOMz_4iwc86Ux4UqApT4qWN7td7StPYBz3I-LHWhE_kEKHcUBlxLDvKyjdfO3XP7_5KwAA__9bolVkdwUAAA== HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.w_88Kt97WnEIprWAD2hQ69_2zkWEdKyBUQ-LnfpS0YI; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 042801bcf101b45c8479f8b7ab2d90eb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1159520291438.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2f3add6b6134a9f43ffc2809908e12f67acbdd7c0ba1d07818e539ca0dfe6216a5c5bedc93ced9d98400b2172fbb6533f427a9e791f2137cc2e4061874fe645fa43b16721918563e3e37de88ad47a128d90b9c68bf9b50666d8722\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.1159520291438.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2f3add6b6134a9f43ffc2809908e12f67acbdd7c0ba1d07818e539ca0dfe6216a5c5bedc93ced9d98400b2172fbb6533f427a9e791f2137cc2e4061874fe645fa43b16721918563e3e37de88ad47a128d90b9c68bf9b50666d8722\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=5; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 3377\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs=6; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs5=6; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d23eba598d42fff376de7d2c4988d13a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4770,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3894)","md5":"8879ef4d0fa7511144a43b7cde445369","sha1":"e32daf2f1909cccff331ab2f5028a6900c0bc3c8","sha256":"40f5d4be9e4d1802f03206f3066cb75255947664f4d3985f85a070fe640a4e91","sha512":"29d8f62dba504b643a5a17bb90cedca4b2200d7efcf2d76741b8f0914007aeaf81019e048d6ab64d61b91a75056c29f9c0ea3514f83331603921ebb2d307bdea","ssdeep":"96:yozE0qG3kE3/pMFbJQ4k/EwzXYtHDaKtGw1ZDWCfMEDaH:vz2YF3/GB64knotmKtGoVWCkCaH","tlshash":"22a14c30be987524e44ab06e053e6108af61821f1640d649f65de7c60f30fa91e7e5dd","first_seen":"2025-10-15T19:37:20.302071Z","last_seen":"2025-10-15T19:37:20.302071Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/v-css/828616780-lightbox_bundle.css","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:31.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:27 GMT","end":"Mon, 15 Dec 2025 08:40:26 GMT"},"fingerprint":{"sha1":"58:46:3F:C8:CA:4C:E8:4A:99:AA:61:86:67:DA:60:F0:B9:30:41:02","sha256":"D8:B8:F0:37:14:79:13:C0:3C:E5:D1:5D:E9:71:56:44:42:27:47:58:CB:5C:D1:8C:47:36:FC:1A:52:AC:78:14"}}},"request":{"raw":"GET /static/v1/v-css/828616780-lightbox_bundle.css HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 6542\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 10:01:10 GMT\r\nexpires: Tue, 13 Oct 2026 10:01:10 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 12 Oct 2025 10:51:37 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 207321\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36020,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36020), with no line terminators","md5":"72be03aba193ac3186a29ced491369bd","sha1":"1c08fcc6956a584ade0d5be6a58ddca909aa6fd9","sha256":"2ec4dd4029f6eda33351ada7fee8531878022ab400e80995b5cc0560d03500ae","sha512":"e32ece4346190370cc10268b90b837ef2053d1c93824512e2aae9cb1af77352631739e0ef68ed2e126862c0ac30c7d96b9872902f840a3c64c946080eeeb666a","ssdeep":"384:/V2xnKV/Dmae25V3XsZ7UwHkOtOMPKXFo0fpI6V:/ynKBbr5","tlshash":"32f244eed501600ea13b9231e043f6dd32efa881b71b4796f769e66149c72e5142fb38","first_seen":"2025-09-06T23:21:55.968155Z","last_seen":"2026-04-04T11:01:34.902795Z","times_seen":8051,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aef06b3f0ab8765a5346abca8614b1dd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18421\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b131e505b8631965e5643498fec15e59\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46239), with no line terminators","md5":"df0ff3ba37d0ca6a8aae23bda437656f","sha1":"3e4a8916e2c9c2ae37ab0cd6e7d0e1b1c56e14a2","sha256":"a9be9cb9cb5a289fba70791060a8cf1fb569eb9a28492afa013da566e5fef5af","sha512":"8e7c98dcae69b194fb1c6bab0785c929f019520a42cf584fbc7bc798b6c1ed91dd56fec516b8796ceffa0ba828ed42d27a7ca98d4b9cd013a16d1dfc4a20c537","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej7Nk:36rxKbk0CrQ+fdwNDba1lIlcPEzNk","tlshash":"d423c48e3f71f15866867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.323673Z","last_seen":"2025-10-15T19:37:20.323673Z","times_seen":1,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qticABZnu6YxZrtLaQMOxNLgIfOHGBKDHZgBLMVnY6IwzMcfb7udjnXn%2B3R9ODZTxwhYUlq0zBPc0AgxcNqnhVM%2FtEf4hZ0aF2XRjO7Y\"}]}\r\ncf-ray: 98f1c3fc6cb8568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-04T10:49:57.044251Z","times_seen":10533,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.873337017745.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.873337017745.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.873337017745.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=099598e98d239858edded55dcd7aac1d4d083a8112bfc487a5353180b67a464a9dce7cfb95c579be05af0e04edd1ee2acb2bc7dd5b57caaca24dc3ee28712864714111eb6013378aba42f896229068a67c1c954558e0c1bf48ee50\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; expires=Wed, 15 Oct 2025 19:37:25 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 45572d5cec49a7e7419fc138f679c2b6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu2Wx-h_wOYiIeZQ4eVNzZqq7-KoOIa4wEYxKTSA4iUl89W05PV9vVPb27F4PBELy4eDK3nndms6hB1IPgIRJmvQWEjBf3kEXxDxAR4lVmMrD6Qr0f9TyH5y2euj6sDhCFiu9feMNumTTlq0EHt5-5YjJla9c-d7lNcAefbF8xWeifbG_MUjF4gVC_g59tv6Zlz656mGBMMGmfNoVO7MbqHAWT32akw3DH9zok8GGj-O_sqmVwfBnU4AAdB6Omj_2evA1GTiDrf31Ku15p8-df7VcpL20BA7X7VtbLbJ1B_7BNihYk2e6CDdZNEfpsCWy2u9gA7GA82wCEmaKlJx-AyHYXMkEMdh4pFSnoDIT6P9SDCeh0DwyfgLTXwKj7CEAqOHcesv6tc7ao-eYjlM_QKVp--BeYeoqWHzwBWf-rtdRstC_ZtCqNzRxsJA2YjQmY7gTyagLl1hKYeg9k-SEY9RNafXgWsv74vEstGLX_tGKCs5AEK0wob8VnjK3wAKsVEoYx5pSGVJD5E5lkAty1oJod04IqaUGVt6Cv9ts-jn1JOA0TpmSEfe77SgvMYg9jzmQElZxp34Yy3waZboMsPtrN1XrZGwTjsqj0TpVJFwzp7erdPPVo7NE49obk1iPOnDKeUYYU8uIq9Myn94Pj94_-CkV1F9z6_nehL6Qmnq-DWOGIJB7B2hOa-UyK2NMiSJRU1GdcaM4ZE5iEQewRmjARkShRfuAxTXjIpPZiT8RRmCQyCWMSM8UlCWMpMYkIZV4SShKGPIwEFiQM_YBjGjCaKKJpgv2QyST2vEhFgYx9TwqKIxbpgFMWBizwlI8xjViABSMCnDoBrpyi1psfwEA1UGsEtUNQcwS1QVCXCOpBs6NS57nmlkpdJciieotKm5Etu0O-Y8uuzhDwYhsK1YxN_r67BrI8MtpKnBrZWeKibEZcqGaYH6DHZ3Zq9a4fg57eb2OfJmESkEDgxNceDTELYy9WUmGho1iBMw0YtzQ3wZaZohfv_Aa5maKnxp-A4Hvg0j2Q5gjw6ijwekQxBr4-8gIMW9m3tp-ZXlo5M9AdafudrAvKNpCXy1ButobpAToxunh57e7c4e_8sgla3kOLAFk0kBcNvGd-RNBNb4wu2hqNL9raoW_O56Xpmy0-c_-lkpf6f1-8rjdrW6gzp9z25y_LGTBrb1_WrjzLM2WyrkNfrhmldHHaFlKjO2fcFS0uVG59rSqyKj974ZXTZ_p5oZ0zNpsAN1N07M-PQZopOvHDzfnPDp67CTK_Ci4_1OksApEjSA2CVB_ec9GA-9csDvuhuwHdogW8vAZZv4FB0cAgbYCn2-CqI6MyL-699DOdB4i0NRJpgcYiLWa42W8nVHsS4zgKCY0TTaivZBLEPlMhx5RqKN10_Y-_v_8nAAD__8DJoHV3BQAA","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu2Wx-h_wOYiIeZQ4eVNzZqq7-KoOIa4wEYxKTSA4iUl89W05PV9vVPb27F4PBELy4eDK3nndms6hB1IPgIRJmvQWEjBf3kEXxDxAR4lVmMrD6Qr0f9TyH5y2euj6sDhCFiu9feMNumTTlq0EHt5-5YjJla9c-d7lNcAefbF8xWeifbG_MUjF4gVC_g59tv6Zlz656mGBMMGmfNoVO7MbqHAWT32akw3DH9zok8GGj-O_sqmVwfBnU4AAdB6Omj_2evA1GTiDrf31Ku15p8-df7VcpL20BA7X7VtbLbJ1B_7BNihYk2e6CDdZNEfpsCWy2u9gA7GA82wCEmaKlJx-AyHYXMkEMdh4pFSnoDIT6P9SDCeh0DwyfgLTXwKj7CEAqOHcesv6tc7ao-eYjlM_QKVp--BeYeoqWHzwBWf-rtdRstC_ZtCqNzRxsJA2YjQmY7gTyagLl1hKYeg9k-SEY9RNafXgWsv74vEstGLX_tGKCs5AEK0wob8VnjK3wAKsVEoYx5pSGVJD5E5lkAty1oJod04IqaUGVt6Cv9ts-jn1JOA0TpmSEfe77SgvMYg9jzmQElZxp34Yy3waZboMsPtrN1XrZGwTjsqj0TpVJFwzp7erdPPVo7NE49obk1iPOnDKeUYYU8uIq9Myn94Pj94_-CkV1F9z6_nehL6Qmnq-DWOGIJB7B2hOa-UyK2NMiSJRU1GdcaM4ZE5iEQewRmjARkShRfuAxTXjIpPZiT8RRmCQyCWMSM8UlCWMpMYkIZV4SShKGPIwEFiQM_YBjGjCaKKJpgv2QyST2vEhFgYx9TwqKIxbpgFMWBizwlI8xjViABSMCnDoBrpyi1psfwEA1UGsEtUNQcwS1QVCXCOpBs6NS57nmlkpdJciieotKm5Etu0O-Y8uuzhDwYhsK1YxN_r67BrI8MtpKnBrZWeKibEZcqGaYH6DHZ3Zq9a4fg57eb2OfJmESkEDgxNceDTELYy9WUmGho1iBMw0YtzQ3wZaZohfv_Aa5maKnxp-A4Hvg0j2Q5gjw6ijwekQxBr4-8gIMW9m3tp-ZXlo5M9AdafudrAvKNpCXy1ButobpAToxunh57e7c4e_8sgla3kOLAFk0kBcNvGd-RNBNb4wu2hqNL9raoW_O56Xpmy0-c_-lkpf6f1-8rjdrW6gzp9z25y_LGTBrb1_WrjzLM2WyrkNfrhmldHHaFlKjO2fcFS0uVG59rSqyKj974ZXTZ_p5oZ0zNpsAN1N07M-PQZopOvHDzfnPDp67CTK_Ci4_1OksApEjSA2CVB_ec9GA-9csDvuhuwHdogW8vAZZv4FB0cAgbYCn2-CqI6MyL-699DOdB4i0NRJpgcYiLWa42W8nVHsS4zgKCY0TTaivZBLEPlMhx5RqKN10_Y-_v_8nAAD__8DJoHV3BQAA HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 68a4481c2533c3f47ebfb16e52e719e7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2eT7Dt93-PgSUfAgc_Cg4s5WdXV1dxlEXGMkGJOYRHIQkfrVu-X0dLVd3dObRSEYDMGLS05663lnNosaRHPwIpGw6y0gZLy4hyyKf4CIEK8yk4XVF_r99TyH522eujqq9xCFWuyefc2t2ywTS6yHu09dtLl2je-evtAluIePdS_aPAqPdddmqRw-R2jYw093XzGq75YCTDAmmHRP2NKkbm1pjoItbnLS47gXBj3CQlgr_zn7egG86IAe7qEjYPX0f7-mb4JV25APvjpufL9yxbMvD-pMVK6Eod56I-_nrslhcNCmZQfSfGufDc5PEfpkAVy-tX8BuOFkdgFIO0ULj94HmW_tywQ53HyoVGZgcpD6v9AMt8FkO2DFNih3Bay-hwCUhtNnIB_cOO3KRlx6iIoZOkWHH_wBtpmiw_cfgXzw5XJm17rnXVZX1uUe1tIW7No22JVtKOodqNYXwDY7oKoPwOof0NKDU5APJmd85sDq3Sc1l4JHhC1yqYPFkHO-KBjWiySKEiwojagk819k020QvgP17LMdqNMO1EUHBnq3G-IkVETQKOVaxTgUYaiNxDwJMBZcxVCrmfYNqIoNUNkGqPLDSZ0rPyJbhV6t-kM2qcrabM52bERu1m8XWUCTgCZJMCI3HnLmFCjKy9C31--xI_f-9TOU9R3wq7vfpJgZzaIwZlRynmoZCR0KEkcs0JxJprAQihBmSBjwmCaSh4qyUBAaYB5wJWOmMAkDHHPGGAsCwQKs4iRNiQpTrLVhIQ55LIUWOqEB11SRmIiAJJjEnEacqzCOTBwxYaSS2FCSMiMjkhCRBlRTqgJDQyNMwImiCQ0lU-D14-CrKeq8_j4MdQuNQdB4BI1A0FgETYWgGbabOvOBb2_ozNeS7Ndgv9J27KqVkdh01YrJEYhyA0rdTmzxrr8Cqjo0Xk-9HrtZErJqx0LqdlTsof_P7NTpX30P-ma3q0WIWZyySBuhiBLCxGESYEZFnKRECPC2BesX5iZYt1P0_O1foLBT9MTkY5BiB3y2A8oeAlE_BqIZx0ECYhU4hvX8lhvktp_V3g5NT7lBL18B7VooqsNQXeqMsj10dHzuwvKducHf-uk6GHUX7QeosoWibOEd-z2Cleza-Jxr0OScazz6-kxR2YFdFzPzn69EZf79-avmUuNKffK43_jsRTUDZu3NC8ZXp0Subb7i0RfLVmtTnnClMuj2SX_RyLO1X12uy7wuTp196cTJQVEa763Lt0HYKfrP7x-BslN09LtP5w-bPXMLVHEZfHGg0zsEskCQWQSZOdgL2YL_2ywP-pG_BitlB0R1BfJBC8OyhWHWgsg2wNeHxlVR3n3hRzoPkFlnLLMSTWRWznC7202pCRTGSRwRmqSG0FCrlCUh15HAlBqo_HT1tz-__SsAAP__wFmVUnYFAAA=","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2eT7Dt93-PgSUfAgc_Cg4s5WdXV1dxlEXGMkGJOYRHIQkfrVu-X0dLVd3dObRSEYDMGLS05663lnNosaRHPwIpGw6y0gZLy4hyyKf4CIEK8yk4XVF_r99TyH522eujqq9xCFWuyefc2t2ywTS6yHu09dtLl2je-evtAluIePdS_aPAqPdddmqRw-R2jYw093XzGq75YCTDAmmHRP2NKkbm1pjoItbnLS47gXBj3CQlgr_zn7egG86IAe7qEjYPX0f7-mb4JV25APvjpufL9yxbMvD-pMVK6Eod56I-_nrslhcNCmZQfSfGufDc5PEfpkAVy-tX8BuOFkdgFIO0ULj94HmW_tywQ53HyoVGZgcpD6v9AMt8FkO2DFNih3Bay-hwCUhtNnIB_cOO3KRlx6iIoZOkWHH_wBtpmiw_cfgXzw5XJm17rnXVZX1uUe1tIW7No22JVtKOodqNYXwDY7oKoPwOof0NKDU5APJmd85sDq3Sc1l4JHhC1yqYPFkHO-KBjWiySKEiwojagk819k020QvgP17LMdqNMO1EUHBnq3G-IkVETQKOVaxTgUYaiNxDwJMBZcxVCrmfYNqIoNUNkGqPLDSZ0rPyJbhV6t-kM2qcrabM52bERu1m8XWUCTgCZJMCI3HnLmFCjKy9C31--xI_f-9TOU9R3wq7vfpJgZzaIwZlRynmoZCR0KEkcs0JxJprAQihBmSBjwmCaSh4qyUBAaYB5wJWOmMAkDHHPGGAsCwQKs4iRNiQpTrLVhIQ55LIUWOqEB11SRmIiAJJjEnEacqzCOTBwxYaSS2FCSMiMjkhCRBlRTqgJDQyNMwImiCQ0lU-D14-CrKeq8_j4MdQuNQdB4BI1A0FgETYWgGbabOvOBb2_ozNeS7Ndgv9J27KqVkdh01YrJEYhyA0rdTmzxrr8Cqjo0Xk-9HrtZErJqx0LqdlTsof_P7NTpX30P-ma3q0WIWZyySBuhiBLCxGESYEZFnKRECPC2BesX5iZYt1P0_O1foLBT9MTkY5BiB3y2A8oeAlE_BqIZx0ECYhU4hvX8lhvktp_V3g5NT7lBL18B7VooqsNQXeqMsj10dHzuwvKducHf-uk6GHUX7QeosoWibOEd-z2Cleza-Jxr0OScazz6-kxR2YFdFzPzn69EZf79-avmUuNKffK43_jsRTUDZu3NC8ZXp0Subb7i0RfLVmtTnnClMuj2SX_RyLO1X12uy7wuTp196cTJQVEa763Lt0HYKfrP7x-BslN09LtP5w-bPXMLVHEZfHGg0zsEskCQWQSZOdgL2YL_2ywP-pG_BitlB0R1BfJBC8OyhWHWgsg2wNeHxlVR3n3hRzoPkFlnLLMSTWRWznC7202pCRTGSRwRmqSG0FCrlCUh15HAlBqo_HT1tz-__SsAAP__wFmVUnYFAAA= HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.cBjrUEQBxa9UBRRIOA4jctzFrQxyuur-b4mSBoLJeLg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 861bdfcec88ec35d30b7045b2c752f84\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.913222251200.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=c6df068370bb48f21834a593b168f77b24ead13ba5118bdf275f011adcfb3043c29c235b28edb7aa78c847496685e3931a62ad9c5b82adce82c0538ab392ed4d1ff6cd1b7d32681b3ea166c35420f2eaae3e87e0f28b424c304f27\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.913222251200.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=c6df068370bb48f21834a593b168f77b24ead13ba5118bdf275f011adcfb3043c29c235b28edb7aa78c847496685e3931a62ad9c5b82adce82c0538ab392ed4d1ff6cd1b7d32681b3ea166c35420f2eaae3e87e0f28b424c304f27\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 3686\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs=3; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs5=3; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 5\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0cbe34bd62836f3234fa0cf547e2c0da\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3842)","md5":"f8aebf5c5f4c673f2a4c199b210dc09a","sha1":"16fb8afebc31c5ef59a6b3fe587fb614c0e4f312","sha256":"50d6bb4933cbf783e4bc4385d4905c8788f328f06277552dbf53dd3638c0f135","sha512":"794b68bd0250bf6c300722434c6d64ed6fd6c2044319617ad4cff276b4f16733590a8b2866092af53a8b28102819949a9503bd273bb172637aee91dec114a356","ssdeep":"96:yozN0ooVeQmVKKK1CpdMJPk/u0e6pgydL2yKMERfsr11ZDWCfMEDaH:vzBootVKKACpdYPkW08yZIV5srvVWCkL","tlshash":"1da129b61f7aa07455aa203a043b261e2fa0e01ba5018d0d795edf035f28bf15bbda4c","first_seen":"2025-10-15T19:37:20.335447Z","last_seen":"2025-10-15T19:37:20.335447Z","times_seen":1,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.324154015322.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=17b15200b81f12bfc73a9f8ef2e6d66b9856fddc6ddd679845672cbe46ed23c29c89525cae35ec8f15fab2177491c6cad1bce64df1ad6a7ff524e9b343522c0960be5114cb383f5cde5b979bc49ce06009242f013d2b069406dd5b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.324154015322.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=17b15200b81f12bfc73a9f8ef2e6d66b9856fddc6ddd679845672cbe46ed23c29c89525cae35ec8f15fab2177491c6cad1bce64df1ad6a7ff524e9b343522c0960be5114cb383f5cde5b979bc49ce06009242f013d2b069406dd5b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3477\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=3; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=3; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 25\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 09348fbea226031642fefb1af0ae9060\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3906)","md5":"80e686be63cbf97a4d486b16f08c621d","sha1":"f1a8a3e515e4a2d0895cb8658499dd4c680ee754","sha256":"fb94c055c447beaeec333f5847925dc04de0a14046289dff557a141ffb71ad45","sha512":"6795f7d61c7abeb371f30b95c6cbcd206b569f28a68c6f82b343cccbfbbbd73c8957bd16e792a103c4686408361808071a81826f9ad1540a6c340ecaf9bc4503","ssdeep":"96:yozE0oFVhXU9ZG9I9IwOk/ISbDDu8+ar2N3AOakXZ1ZDWCfMEDaH:vzUFjWGdwOkASbDDus23zVWCkCaH","tlshash":"e3a14ab49bd181bd68d6a4bf123b2254bfb481096a12cd0ab46cd7011f21fb84e7c9cc","first_seen":"2025-10-15T19:37:20.34101Z","last_seen":"2025-10-15T19:37:20.34101Z","times_seen":1,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 46096\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:17:25 GMT\r\netag: \"68327db5-b410\"\r\nexpires: Fri, 17 Oct 2025 19:36:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"ed4f60d20941ae5888b01b01916f2e88","sha1":"e35f9e4ac46b078a6627e153c36fa08b0750f9fc","sha256":"e4092e5b649b52528da0fc6ac5ef1ae0530699d6e0b29c3fa0eb83478c99f5ed","sha512":"55d3bedc530d7c9751dfdf88f78fc55c6dc87c772edafb974240b896bf4dd1ed8cdfc538f8075a31dbd14e5e88b55946a0c81b734bb670c2d639e9900ee76095","ssdeep":"768:CX3yKRSHXnYe/8/geEnPDDO5usUZSEN+wNvQix0UgI4FiOt7ILUaPAWSN8V:eyKRSXdUDEnPfPUENdNoFiDPJ","tlshash":"7423f13625269c94d2599bfc0b3618d4e3e88484a5d68f56af4907c2abc1fc3ccdccb5","first_seen":"2025-06-05T18:59:05.430298Z","last_seen":"2026-01-06T02:07:37.704074Z","times_seen":696,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1488629374997.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1488629374997.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://rashcolonizeexpand.com/watch.1488629374997.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=459619c3cf6d1cac0d6899239cbe9100b0bcd1c208112486ae697bfa709202341c504588279d1feabb6e28951c0052163d9e227a0f60a123bad331383e031322edf97d0e626ae856b242d39e0c7521fcc63f356b01e3327361c495\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 256c6add345fb2606f3b09e406152141\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":694,"timings":{"blocked":296,"dns":13,"connect":93,"send":0,"wait":96,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.523065044251.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.523065044251.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://rashcolonizeexpand.com/watch.523065044251.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=41ed484c0646869c1502d1f43d5ddd264d38ac384e93833b29b184147c8f1c314ad689441a24ff6171dd9ed039e8cdc85ff16e85536ef79f67c2f1fe25ba1d6a0019fd0a8849ee3ff4d760b7e892263835f1427d9404c1e8496f3b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 376c52cca8dc79cfd61dbcd9944ebc11\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":30,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1STz4sc1RbHb0-St0gWj5c83vLRCxcqTs-te-unQcQxRoIxiUkkCxG5P2euXV23rFvVNZmNwUAIbhxciO6qT_fM-COIuhA3kdDjLiCk3TiLDIp_gIgQt1I9AxMv1D3n1PdD8T3FObdG1R6iULHdS6_adZOmbCno4e6T10wmbe26F652PdzDp7vXTBb6p7tr7VUMn_Wo38NPdV9Wom-XCPYw9rDXPWsKpe3a0lwFk99JvF6Cez7peYEPa8U_a1ctgGMLIId76CQYOfv3b_oNMGIK2eCrM8r1S5s_89KgSllpCxjK7dezfmbrDAaHqS46oLPtAxqsmyH08QLYbPugA7DDSdsBcDNDC_97CDzbPrAJfLi575SnoDLg8gTUwymodAcMm4KwN8HIBwhASLhwEbLB1gVb1Oz6vspadYaOPvoTTD1DRx_-F7LBl8upWetesWlVGps5WNMNmLUpmJUp5NUUyvUFMPUOiPI9MPJHtPToPGSDyUWXWjBy9wmZcJaEXrCYcEkW_SRJFlmA5aIXhjFmlIaUe_NfZPQUmOtA1T6mA5XuQJV3YCB3uz6OfeExGupEigj7zPel4jiJCcYsERFUovW-AWW-ASLdAFHc_jSXq2V_SOikLCq1VWXCETry7lRv5SmhMaFJEo687X0qmEObLRQ8zsQxGXlb-8wcmbTIyIO8uAF98-GD4OSDY79AUd0Dt7r7rcAUe5r7CY2CUAjOhe-HmLNAsZD7ScSZCLEfY6K1p-MYaxJKQaiUAdUhiXjA4hB7ONHK80kSMhzEXOD2e4kvtUqSSMUBI2EUckGjJIxVFEVRyJKA8JgRqSkOqI6SgERxFAmCia-ojHTgUyW8SEhNKI-oSJjwcUg8rCQNY3DyBLhyhjqvvQtD2UCtENQOQc0Q1AZBXSKoh82mTB1xzZZMXcW9g0gOIm3GtlwZsU1brqgMASs2oJDNxOTvuJsgyiPjde3k2LYX42UzZlw2o3wP_acduk7_1nHoq90u9qkOdeAFHGtfERriJIxJLIXEXEWxBGcaMG5hPirrZoaeu_sr5GaG_j_5ADjbAZfugDBHgFXHgNVjijGw1TEJMKxn39hBZvpp5cxQ9YQd9LIVkLaBvDwK5fXOKN1Dp8aXry7fm-_Bmz8PQYn76OCAKBrIiwbeNj8gWElvjy_bGk0u29qhry_mpRmYddbuyJWSlepfn7-irte2kOfOuI3PXhCt0KZ3ripXnmeZNNmKQ18sGylVcdYWQqG759w1xS9VbnW5KrIqP3_pxbPnBnmhnDM2mwIzM3T8j_dBmBk69f0n8_0Pnv4IRH4DXH7o01kEPEeQGgSpOnzPeAPusZof5iN3G1aKDrDyJmSDBoZFA8O0AZZugKuOjMu8uP_8T3R-gKedMU8LNOFp0epmt6upIgLjOAo9GmvlUV8KHcR-IkOGKVVQutnq739993cAAAD___3kAp6dBQAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STz4sc1RbHb0-St0gWj5c83vLRCxcqTs-te-unQcQxRoIxiUkkCxG5P2euXV23rFvVNZmNwUAIbhxciO6qT_fM-COIuhA3kdDjLiCk3TiLDIp_gIgQt1I9AxMv1D3n1PdD8T3FObdG1R6iULHdS6_adZOmbCno4e6T10wmbe26F652PdzDp7vXTBb6p7tr7VUMn_Wo38NPdV9Wom-XCPYw9rDXPWsKpe3a0lwFk99JvF6Cez7peYEPa8U_a1ctgGMLIId76CQYOfv3b_oNMGIK2eCrM8r1S5s_89KgSllpCxjK7dezfmbrDAaHqS46oLPtAxqsmyH08QLYbPugA7DDSdsBcDNDC_97CDzbPrAJfLi575SnoDLg8gTUwymodAcMm4KwN8HIBwhASLhwEbLB1gVb1Oz6vspadYaOPvoTTD1DRx_-F7LBl8upWetesWlVGps5WNMNmLUpmJUp5NUUyvUFMPUOiPI9MPJHtPToPGSDyUWXWjBy9wmZcJaEXrCYcEkW_SRJFlmA5aIXhjFmlIaUe_NfZPQUmOtA1T6mA5XuQJV3YCB3uz6OfeExGupEigj7zPel4jiJCcYsERFUovW-AWW-ASLdAFHc_jSXq2V_SOikLCq1VWXCETry7lRv5SmhMaFJEo687X0qmEObLRQ8zsQxGXlb-8wcmbTIyIO8uAF98-GD4OSDY79AUd0Dt7r7rcAUe5r7CY2CUAjOhe-HmLNAsZD7ScSZCLEfY6K1p-MYaxJKQaiUAdUhiXjA4hB7ONHK80kSMhzEXOD2e4kvtUqSSMUBI2EUckGjJIxVFEVRyJKA8JgRqSkOqI6SgERxFAmCia-ojHTgUyW8SEhNKI-oSJjwcUg8rCQNY3DyBLhyhjqvvQtD2UCtENQOQc0Q1AZBXSKoh82mTB1xzZZMXcW9g0gOIm3GtlwZsU1brqgMASs2oJDNxOTvuJsgyiPjde3k2LYX42UzZlw2o3wP_acduk7_1nHoq90u9qkOdeAFHGtfERriJIxJLIXEXEWxBGcaMG5hPirrZoaeu_sr5GaG_j_5ADjbAZfugDBHgFXHgNVjijGw1TEJMKxn39hBZvpp5cxQ9YQd9LIVkLaBvDwK5fXOKN1Dp8aXry7fm-_Bmz8PQYn76OCAKBrIiwbeNj8gWElvjy_bGk0u29qhry_mpRmYddbuyJWSlepfn7-irte2kOfOuI3PXhCt0KZ3ripXnmeZNNmKQ18sGylVcdYWQqG759w1xS9VbnW5KrIqP3_pxbPnBnmhnDM2mwIzM3T8j_dBmBk69f0n8_0Pnv4IRH4DXH7o01kEPEeQGgSpOnzPeAPusZof5iN3G1aKDrDyJmSDBoZFA8O0AZZugKuOjMu8uP_8T3R-gKedMU8LNOFp0epmt6upIgLjOAo9GmvlUV8KHcR-IkOGKVVQutnq739993cAAAD___3kAp6dBQAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 14865d823211a2a134c31676ce93c70f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2U08xIOYiEeZgwcVd7Z-dPd0GURcYyQYk5hEchAP9atny-nuaru6pyd7WgyE4MXFU7z1vtlkUYOoBz1Fwqy3gJDx4h6yKP4BIkK8ymwWVh_Ue9-rrw7fq_rq-ma9hxjUYvfCO27NpqlYDnu4-8IVm2vX-O65y12Ce_hk94rNo-BkdzxP5egVwoIefrH7llFDt0wxwZhg0j1tS5O48fI-C7a4w0mP415AeyQMYFz-v_d1B7zogB7toeNg9eypP5L3waop5Nk3p4wfVq54-c2sTkXlShjp7ffyYe6aHLJDmJQdSPLtg9Pg_Ayhmwvg8u2DCcCNtuYTgLQztPDsQ5D59oFMkKNbj5XKFEwOUj8JzWgKJt0BK6ag3DWw-gECUBrOnYc8u33OlY24-pgVc3aGjjz6G2wzQ0cePgN59vVKasfdSy6tK-tyD-OkBTuegh1Moah3oFpbANvsgKo-Bqt_RsuPzkKebZ33qQOrd5_XXAoekXCJS02XAs75kgixXiJRFGPBWMQk2b8im0xB-A7U82U7UCcdqIsOZHq3G-A4UESwKOFa9XEggkAbiXlMMRZc9aFWc-0bUBUboNINUOU6FOU6DO1nD8LjD47-BmV9D_zq7vdByCPCFVNJpIkSCuso5pwyrqThBGOJpdJEURwTQoM4EibifZmIPuYUUxYQFeIgjGPa55okRkgZGRrzkCiMQ0oiprmhtC9wEmFBKJNCM0ZYzAxmhFFqdML7GpuIRsLEYSRpQDXjBqt-SEmiVMQSFkYSE8MY7bOIqICH4PUi-GqGOu-uw0i30BgEjUfQCASNRdBUCJpRe0unnvr2tk59LclBpQeVtRNXDTbFLVcNTI5AlBtQ6nbLFh_5a6Cqxcla4vXEzZOQVTsRUrebxR56eu6LzvD6MRia3S4OWBIlIQklTgJDWYR5FNNYK42l6ccavG3B-oX911yzM_Tq3d-hsDP03NanIMUO-HQHlF0EUR8F0UwYxiBWJzTEsJZ_57LcDtPa25HpKZf18gFo10JRHYHqamcz3UMnJhcvr9zbt-oHv47BqPvoIECVLRRlCx_anxAM0huTi65BWxdd49G354vKZnZNzG18qRKVeeLLt83VxpX6zCm_8cXrak7M4Z3LxldnRa5tPvDoqxWrtSlPu1IZdPeMv2LkhdqvrtRlXhdnL7xx-kxWlMZ76_IpCDtDx_76BJSdoRM_fr7_RcOXboIq1sEXhzq9QyALBKlFkJrDfSFb8P_p5SHe9DdgUHZAVNcgz1oYlS2M0hZEugG-XpxURXn_tV_YfoBMOxOZlmhLpuWct7vdhBmqMI77EWFxYggLtErCOOA6EpgxA5Wfrf75zw__BgAA__-QXaspQAUAAA==","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2U08xIOYiEeZgwcVd7Z-dPd0GURcYyQYk5hEchAP9atny-nuaru6pyd7WgyE4MXFU7z1vtlkUYOoBz1Fwqy3gJDx4h6yKP4BIkK8ymwWVh_Ue9-rrw7fq_rq-ma9hxjUYvfCO27NpqlYDnu4-8IVm2vX-O65y12Ce_hk94rNo-BkdzxP5egVwoIefrH7llFDt0wxwZhg0j1tS5O48fI-C7a4w0mP415AeyQMYFz-v_d1B7zogB7toeNg9eypP5L3waop5Nk3p4wfVq54-c2sTkXlShjp7ffyYe6aHLJDmJQdSPLtg9Pg_Ayhmwvg8u2DCcCNtuYTgLQztPDsQ5D59oFMkKNbj5XKFEwOUj8JzWgKJt0BK6ag3DWw-gECUBrOnYc8u33OlY24-pgVc3aGjjz6G2wzQ0cePgN59vVKasfdSy6tK-tyD-OkBTuegh1Moah3oFpbANvsgKo-Bqt_RsuPzkKebZ33qQOrd5_XXAoekXCJS02XAs75kgixXiJRFGPBWMQk2b8im0xB-A7U82U7UCcdqIsOZHq3G-A4UESwKOFa9XEggkAbiXlMMRZc9aFWc-0bUBUboNINUOU6FOU6DO1nD8LjD47-BmV9D_zq7vdByCPCFVNJpIkSCuso5pwyrqThBGOJpdJEURwTQoM4EibifZmIPuYUUxYQFeIgjGPa55okRkgZGRrzkCiMQ0oiprmhtC9wEmFBKJNCM0ZYzAxmhFFqdML7GpuIRsLEYSRpQDXjBqt-SEmiVMQSFkYSE8MY7bOIqICH4PUi-GqGOu-uw0i30BgEjUfQCASNRdBUCJpRe0unnvr2tk59LclBpQeVtRNXDTbFLVcNTI5AlBtQ6nbLFh_5a6Cqxcla4vXEzZOQVTsRUrebxR56eu6LzvD6MRia3S4OWBIlIQklTgJDWYR5FNNYK42l6ccavG3B-oX911yzM_Tq3d-hsDP03NanIMUO-HQHlF0EUR8F0UwYxiBWJzTEsJZ_57LcDtPa25HpKZf18gFo10JRHYHqamcz3UMnJhcvr9zbt-oHv47BqPvoIECVLRRlCx_anxAM0huTi65BWxdd49G354vKZnZNzG18qRKVeeLLt83VxpX6zCm_8cXrak7M4Z3LxldnRa5tPvDoqxWrtSlPu1IZdPeMv2LkhdqvrtRlXhdnL7xx-kxWlMZ76_IpCDtDx_76BJSdoRM_fr7_RcOXboIq1sEXhzq9QyALBKlFkJrDfSFb8P_p5SHe9DdgUHZAVNcgz1oYlS2M0hZEugG-XpxURXn_tV_YfoBMOxOZlmhLpuWct7vdhBmqMI77EWFxYggLtErCOOA6EpgxA5Wfrf75zw__BgAA__-QXaspQAUAAA== HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 87ed0df7a74a540333603c29450ee494\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.326885374828.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.326885374828.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.326885374828.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=b9b5bdda23d99a376ad26aa502d724c82bda749078e69db9b5191032ba8d709250c38d93ea94ae1a5e6c951c7438d3591968112533810d1514380a21542e6f241dd00052ff84b9c8b77f193a8abe50f8ae05337671e1b4937b4c6f\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; expires=Wed, 15 Oct 2025 19:37:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 4\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6fcb20cb50c0c89a7188db49b7802bbc\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4790,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1159520291438.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.1159520291438.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=5; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.1159520291438.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2f3add6b6134a9f43ffc2809908e12f67acbdd7c0ba1d07818e539ca0dfe6216a5c5bedc93ced9d98400b2172fbb6533f427a9e791f2137cc2e4061874fe645fa43b16721918563e3e37de88ad47a128d90b9c68bf9b50666d8722\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; expires=Wed, 15 Oct 2025 19:37:27 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d692d380cf0ac78756a29c082e4e661b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4770,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RUzWsdVRS_L60udCG2oivlLVyomJf7MXNnxiJirJVibWtb6UJE7tck1zdvZpw78yYNIsVCKW6MrnQ377yXxI8i1oUbqZTEXUHoc2MWDYp_gIhQtzIvweiBOV-_3-J3hnPu1VG1ixhUYufsa9mqTRKx4Pdw96mLNtVZ7bqnL3QJ7uFj3Ys25d6x7krriuFzhHk9_HT3FaP62QLFBGOCSfeELUycrSzMULD59Yj0ItzzaI_4HqwU_69ddQic6IAe7qIjYPX0od_jN8GqLUgH3xw3rl9m-bMvD6pElFkBQ735RtpPszqFwUEaFx2I0819NmRuitCnc5Clm_sTQDactBOAtFM09-hdkOnmvkyQw_U9pTIBk4LUD0I93AKTbIMVW6CyK2D1HQSgNJw-A-lg43RW1OLSHipadIoO3_sLbD1Fh-8-Aung68XErnTPZ0lV2ix1sBI3YFe2wC5tQV5tQ7k6B7beBlV-AFb_hBbunYJ0MDnjkgys3nlSR1JEnPjzkdR03ouiaF74WM8TzkMsGONMktkvsvEWCNeBqv1sB6q4A1XegYHe6Xo49BQRjMeRVgH2hOdpI3EUUoxFpAKoVKt9Dcp8DVSyBqq4NqlS5UZ0M9fLZX_oT8qiMuttzx-R69XbeUJZSFkY0hH5fI9D90gbLYn-y-I-CzGPRmRjjzXjQF5chr795I5_5M59v0JR3QK3vPOdjiKPG6wY50J6XJAIB8JXhEYxZkTEBlNuFGcs8CjFRsd-HKlIhoZqYyLCFdWBkYbwMNIUi0AoIUNGiCTGN7GnophzbWLCGDfEBCTGWgpitOTc51LrUHPP40wz6ok4MFTElEpJiRKGxV7EBAsN9WTAtdE4ZoGOQh0H4PTj4Mop6rz-Pgx1A7VBUDsEtUBQWwR1iaAeNus6cdQ1GzpxlST7ke5H1oyzcmkk1rNyyaQIRLEGhW4mNn_XXQFVHhqvxk6Ps9YJWTZjIXUzynfRw-3SdfpX34O-2elq4WE_iH2ujVBECWECL6TYZyIIYyIEONuAdXOzVVm1U_T8zd8gt1P0xOQjkGIbXLINyh4CUT0Goh4HNASxDBGG1fTbbJDaflI5OzQ9lQ166RLorIG8PAzlpc4o2UVHx-cuLN6ancFbv3wMRt1G-waqaCAvGnjH_ohgKbk2PpfVaHIuqx26cSYv7cCuivZEzpeiNPd_-aq5VGeFPnncrX3xomqBNr1-wbjylEi1TZcc-mrRam2KE1mhDLp50l008mzllherIq3yU2dfOnFykBfGOZulWyDsFD3w54eg7BQd_eGz2fn7z9wAlV8Glx_odBkCmSNILILEHPSFbMD9p5YH-chdg6WiA6K8AumggWHRwDBpQCRr7Zs2LvPi9gs_s5mBTDpjmRRoIpOixe1ON2aGKozDgBMWxoYwT6vYD71Ic4EZM1C66fIff3__TwAAAP__B1qbcJwFAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RUzWsdVRS_L60udCG2oivlLVyomJf7MXNnxiJirJVibWtb6UJE7tck1zdvZpw78yYNIsVCKW6MrnQ377yXxI8i1oUbqZTEXUHoc2MWDYp_gIhQtzIvweiBOV-_3-J3hnPu1VG1ixhUYufsa9mqTRKx4Pdw96mLNtVZ7bqnL3QJ7uFj3Ys25d6x7krriuFzhHk9_HT3FaP62QLFBGOCSfeELUycrSzMULD59Yj0ItzzaI_4HqwU_69ddQic6IAe7qIjYPX0od_jN8GqLUgH3xw3rl9m-bMvD6pElFkBQ735RtpPszqFwUEaFx2I0819NmRuitCnc5Clm_sTQDactBOAtFM09-hdkOnmvkyQw_U9pTIBk4LUD0I93AKTbIMVW6CyK2D1HQSgNJw-A-lg43RW1OLSHipadIoO3_sLbD1Fh-8-Aung68XErnTPZ0lV2ix1sBI3YFe2wC5tQV5tQ7k6B7beBlV-AFb_hBbunYJ0MDnjkgys3nlSR1JEnPjzkdR03ouiaF74WM8TzkMsGONMktkvsvEWCNeBqv1sB6q4A1XegYHe6Xo49BQRjMeRVgH2hOdpI3EUUoxFpAKoVKt9Dcp8DVSyBqq4NqlS5UZ0M9fLZX_oT8qiMuttzx-R69XbeUJZSFkY0hH5fI9D90gbLYn-y-I-CzGPRmRjjzXjQF5chr795I5_5M59v0JR3QK3vPOdjiKPG6wY50J6XJAIB8JXhEYxZkTEBlNuFGcs8CjFRsd-HKlIhoZqYyLCFdWBkYbwMNIUi0AoIUNGiCTGN7GnophzbWLCGDfEBCTGWgpitOTc51LrUHPP40wz6ok4MFTElEpJiRKGxV7EBAsN9WTAtdE4ZoGOQh0H4PTj4Mop6rz-Pgx1A7VBUDsEtUBQWwR1iaAeNus6cdQ1GzpxlST7ke5H1oyzcmkk1rNyyaQIRLEGhW4mNn_XXQFVHhqvxk6Ps9YJWTZjIXUzynfRw-3SdfpX34O-2elq4WE_iH2ujVBECWECL6TYZyIIYyIEONuAdXOzVVm1U_T8zd8gt1P0xOQjkGIbXLINyh4CUT0Goh4HNASxDBGG1fTbbJDaflI5OzQ9lQ166RLorIG8PAzlpc4o2UVHx-cuLN6ancFbv3wMRt1G-waqaCAvGnjH_ohgKbk2PpfVaHIuqx26cSYv7cCuivZEzpeiNPd_-aq5VGeFPnncrX3xomqBNr1-wbjylEi1TZcc-mrRam2KE1mhDLp50l008mzllherIq3yU2dfOnFykBfGOZulWyDsFD3w54eg7BQd_eGz2fn7z9wAlV8Glx_odBkCmSNILILEHPSFbMD9p5YH-chdg6WiA6K8AumggWHRwDBpQCRr7Zs2LvPi9gs_s5mBTDpjmRRoIpOixe1ON2aGKozDgBMWxoYwT6vYD71Ic4EZM1C66fIff3__TwAAAP__B1qbcJwFAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5fc1f635379087128337db3b00aacfd9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=571","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=571 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":64,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/feeds/posts/default/-/School%20News?alt=json-in-script\u0026max-results=4\u0026callback=jQuery111001300496830480642_1760556982648\u0026_=1760556982649","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /feeds/posts/default/-/School%20News?alt=json-in-script\u0026max-results=4\u0026callback=jQuery111001300496830480642_1760556982648\u0026_=1760556982649 HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"c3d57f07f00a7b707a172bf4e3c7016d366b4f4950362b766a540a357277b259\"\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nserver: blogger-renderd\r\nexpires: Wed, 15 Oct 2025 19:36:30 GMT\r\ncache-control: public, must-revalidate, proxy-revalidate, max-age=1\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 5025\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28911,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (28893)","md5":"7255ba114dce95c03959dc3e931e6969","sha1":"bf66871d1c58c2703375702b1d7f875701eebecb","sha256":"6af0d1ea15da69d8ec81edff97d180050d0ac2251cc1cd217807d76e29b2eb80","sha512":"11c68e3b7678a8423afd0e191c51455f1a5aebe28b6ca3999c662ba5d7f2f610aca4043ad640d9764103ad8e8f7b5b8a7d9ca1bcf38ff49b8368924c63b1a551","ssdeep":"384:Lo20Jxzn8YediLAR9N3F/ww+wcX67J169m8h:Lo20H8rdiywpdm8h","tlshash":"53d273e3b3c0da7189074a94cc76fbad9575a5a7265ce8b89c3f4c3ec06811813993bd","first_seen":"2025-10-15T19:37:20.34857Z","last_seen":"2025-10-15T19:37:20.34857Z","times_seen":1,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Oct 2025 00:01:49 GMT\r\nexpires: Thu, 15 Oct 2026 00:01:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 70473\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T11:44:39.437955Z","times_seen":183953,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":85,"dns":1,"connect":28,"send":0,"wait":37,"receive":10,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.461166338557.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.461166338557.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://rashcolonizeexpand.com/watch.461166338557.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f8df78fc903f065f0854d89281c95b8517961954ad7d35d51c590f89be1df12e79f35f373f447415e6aacb94310be745ed44778560010c2792987bab576bcbec11fd7657bc65f6fa609152b04965f3cbfa4a753c1fc8f9e04b19bc\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0e0af818e8bd2a23c34ed7f1a84787a9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 785bd93f342ddec8c12b438e6bc1847a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1441157358012.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=64bce124e58d071f210e2be949cb82eb5fdcd349abeaa99b01658213f9b717fd4529e1a69ce282b876ffcf68189dac168cc0171392f6c166a67b0b16645a03593fd1e3f0469cf8227d75c842cb30797e5a3965952d40037950b91b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1441157358012.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=64bce124e58d071f210e2be949cb82eb5fdcd349abeaa99b01658213f9b717fd4529e1a69ce282b876ffcf68189dac168cc0171392f6c166a67b0b16645a03593fd1e3f0469cf8227d75c842cb30797e5a3965952d40037950b91b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 3676\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs=4; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs5=4; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7eca8aa30e1af88d2431234713978510\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3842)","md5":"aa97e8748f79e06727c8b3b30ce923c5","sha1":"ae3c351015ac0b9f2af23a845e6c886fe1bc0bfa","sha256":"f75a22fa42cea5a70cbae6f30095dfe0d19f051d931b20ecfcd345e00ba509af","sha512":"d19c3372612d6eb750cc3e58a1fb9fbc2b28d7ebf3aad7880c23a35a91a2f8ce1f22c8e9a74c744643766f998d9093e0e75867865c5373974bea7915894e83ca","ssdeep":"96:yozE0o6ti1MW1Iswnk/4hrTmEIbm1g1GRv1ZDWCfMEDaH:vzU661kkwnIh+NVWCkCaH","tlshash":"35a14b656f69a035a866b47e263b3a2c3b21430b5205dd42bc4ed7542f30fa01efcc5c","first_seen":"2025-10-15T19:37:20.356667Z","last_seen":"2025-10-15T19:37:20.356667Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/sbar.json?key=c2a4795bd129ec38aabf8f830c396956\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /sbar.json?key=c2a4795bd129ec38aabf8f830c396956\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=6; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4791\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs=7; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nu_pl23824025=1; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nslecc2a4795bd129ec38aabf8f830c396956=[5857915]; expires=Wed, 15 Oct 2025 19:36:33 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 213\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: abc8147af056d13eec2941577b4da53d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6471,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"3584e229a18c539dd430662a4941d742","sha1":"a7064b884143168d0dc69e25d630966effb35721","sha256":"8429e34eb26878e14727b1c8c5a4499ea27aab9ec20528339b43e49d74528633","sha512":"98bdb7a7d16f6a0e517a052b038f75b5908f78ae6bb1321bf9e64df86a7ab42d7e4672ea420807d49356f72a993e462da898ed7de22cf8a7b8691bf49effbfab","ssdeep":"96:9z6T4OXh7w36f/w4qobzwY0+svtOUwKSHh4ZQI9FN86KZkNRpH0IqoUrESZPLGu3:9zuDx7wi/w4t03ih1An/RJ0IqKUDGuyu","tlshash":"f3d16a6e42de25e199838c4ea8522cf34dc6810747c8cf59dc2e6bbf132b6598d0de29","first_seen":"2025-10-15T19:37:20.361742Z","last_seen":"2025-10-15T19:37:20.361742Z","times_seen":1,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c8df7f09ddb6457024d04e613a3daa85\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":58,"dns":0,"connect":17,"send":0,"wait":17,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AwASSbMiDYnFpryRWOpHwMxGNBAUJkih2Icw7nDwyAlFeXdJR0GwSZfoWgwiToiYl4JkJp413hXsbx9Ymq9a8kFxtCzsovCseqUtNUCh\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa8501-3bd\"\r\ncontent-encoding: br\r\ncf-ray: 98f1c3fc8cd7568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pl23924524.highratecpm.com/c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js","fqdn":"pl23924524.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highratecpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 22:56:35 GMT","end":"Fri, 19 Dec 2025 22:56:34 GMT"},"fingerprint":{"sha1":"09:55:75:01:0C:70:AF:6F:8E:56:01:66:32:02:9A:D6:5C:2B:32:FD","sha256":"30:C5:C8:19:3B:E4:B4:FE:41:DF:58:D4:1F:26:4C:E7:D5:8D:50:5B:F5:CE:9E:9B:DD:50:00:7B:A4:D8:92:29"}}},"request":{"raw":"GET /c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js HTTP/1.1\r\nHost: pl23924524.highratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32691\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 9\r\nHost: pl23924524.highratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5a6f5be0fb2f578d1d97977a0ee3bbf2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":84232,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9d6e45ebbd4c7e6ddab3f30909ea730b","sha1":"2328134c58dba459e12b4fbfb2bfb7225a42e545","sha256":"55e61f9e5967790438d9cfa1c8c2835d2215fcc8d07b8fd972ff6a894564bdd8","sha512":"e6dfd3ecb747ac984785510286ebdc823a4dd2b97bbde32479432fe3f5419120dab5b3fe0941fc6201305b8f51a7bc6fb68e88c68b76b4bcc4f6ea8f57204abf","ssdeep":"1536:UcJsDEFAkM9IWf3pDTf0zpxftTgA4VEIaUe4Ru37oIXDWeGXMtb4cnSzB:UDxk4+BgA4VEIaUe4McBeGXMtb4/","tlshash":"a683f848bb82b869425620bb332ff01af15a4d421da8d444dc57f8d96fb8b1df637e24","first_seen":"2025-10-15T19:37:20.37143Z","last_seen":"2025-10-15T19:37:20.37143Z","times_seen":1,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":52,"connect":93,"send":0,"wait":108,"receive":91,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.1711124793345.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=33f44395a31b8af80c59fad3fb6344a5f7a71904a4ca7c51ce119bd20d4aea5b2d1b0b9f7d9de7b78b34e06397bf5e64d8c6a81831efc6c14066d4c24a35bf8d30b76fd96800b8ba56b26d4eb4195ef4e8ec01dec3bdc6e4d63559\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.1711124793345.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=33f44395a31b8af80c59fad3fb6344a5f7a71904a4ca7c51ce119bd20d4aea5b2d1b0b9f7d9de7b78b34e06397bf5e64d8c6a81831efc6c14066d4c24a35bf8d30b76fd96800b8ba56b26d4eb4195ef4e8ec01dec3bdc6e4d63559\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8SQfMkVjIuoV2tPLZJNg44l5ANmpGHpw1hTFdRDu8IU\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 3218\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nu_pl23823996=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 20\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1df02547defdc013341b2e6edf84e1e6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4612,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3736)","md5":"be907d1ed6e4b7505957739f8e6e7e40","sha1":"b3f399b797c9c06af51a79793812ffcd4e5ab344","sha256":"50ae1524961be020b357d6f58eb5f763840a680fd0d63e01df0e32fb287c0ef3","sha512":"b8d0681f048db5d5bf17ec63398c855cfb50c788fbee5fb055a15cb5f5f66e46be264df732b4d262ec4f5a935d9ead68cc8b85bceba92c12dd07a87169d26809","ssdeep":"96:woz2WGAYpGw6xynJJdg4/JZk/TlREDCQKtv1ZDeCfMEDaH:ZzbYpZ6snJ3giZkxAKPVeCkCaH","tlshash":"95914b3dbde5497c5093607e2c7f60982d64821f59218e89bc5cfa106f38af58a2dcc5","first_seen":"2025-10-15T19:37:20.37583Z","last_seen":"2025-10-15T19:37:20.37583Z","times_seen":1,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1154506335423.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=04132b6267c4a00c3f37c428a2f2f7c4e71bd39ba651c073dbfe2ad4f6b94a38f3a31b86a6147631be2c86fd6cec85db81f015c7defaa5746b0edf1efbcbe3f05561a976e837ebcacbc606446e131d286b453b717c006aa6baaee3\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.1154506335423.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=04132b6267c4a00c3f37c428a2f2f7c4e71bd39ba651c073dbfe2ad4f6b94a38f3a31b86a6147631be2c86fd6cec85db81f015c7defaa5746b0edf1efbcbe3f05561a976e837ebcacbc606446e131d286b453b717c006aa6baaee3\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8SQfMkVjIuoV2tPLZJNg44l5ANmpGHpw1hTFdRDu8IU\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 3254\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nu_pl23823996=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 59b03d1cd718f296753d0040c01edc67\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4612,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3736)","md5":"68ef6e76c46288655c5ed6dfaab6352a","sha1":"1f5a5d2914d98df62394ba10caa3b5e0075c6a30","sha256":"46a953dd39ee9cb31e829f88bb624d75149dfa0a9d46ae4c99adef01524fd8ee","sha512":"2f660e32c56fae224647714795b1580636ffd16b8de632ee670c4afaea447661baee662c26bb9c9280603c880cd48cc5be4fa91661a26f1f0f879d9c1edeafe1","ssdeep":"96:woz+OGvb7xHVaXcGTS6oDyuQvk/KQD8KFVkFBTpBsNw1ZDeCfMEDaH:ZzkNHQGTD9QvkSHKFcsNoVeCkCaH","tlshash":"9e915cf91fa2927d545b103f246b3c157e70422b2712dc4b7c9cd3485fa01e00e6c9e9","first_seen":"2025-10-15T19:37:20.380176Z","last_seen":"2025-10-15T19:37:20.380176Z","times_seen":1,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78672\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:44 GMT\r\netag: \"68b47314-13350\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78672,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:40:19], progressive, precision 8, 300x250, components 3","md5":"066e20100222b78fe9405d18539da6e4","sha1":"aa5e3d971a8d26f99b7fdc0ddacc61c062cd1776","sha256":"0af13aebc4a03fef7e5e9050db1d797bb81bf9f64227866392cb7b97ec045085","sha512":"5c6c20ab83609a25576880ddf9b35f93481a165e6ddd174dd086022bd660d9b1936b8edb37c46d7f0cdbbcd77cbf9753bb7d8b8757692266d45c64dceebb02b0","ssdeep":"1536:BHEqIkq/HEqIkq7lE6c/Fs27oxQhHXNFv3fEH3j0sF6:Bk1kq/k1kqp74HhHv38H3/6","tlshash":"e773f158bb45ee23f8d35b730873e7875a13ae24a3971e90708c7520f7f5b54080e616","first_seen":"2025-09-02T19:16:52.557605Z","last_seen":"2026-04-04T11:42:40.800923Z","times_seen":1066,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.326885374828.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=b9b5bdda23d99a376ad26aa502d724c82bda749078e69db9b5191032ba8d709250c38d93ea94ae1a5e6c951c7438d3591968112533810d1514380a21542e6f241dd00052ff84b9c8b77f193a8abe50f8ae05337671e1b4937b4c6f\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.326885374828.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=b9b5bdda23d99a376ad26aa502d724c82bda749078e69db9b5191032ba8d709250c38d93ea94ae1a5e6c951c7438d3591968112533810d1514380a21542e6f241dd00052ff84b9c8b77f193a8abe50f8ae05337671e1b4937b4c6f\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 3402\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs=5; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs5=5; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 8\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bec8453c4039890e5e608682046c41b2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4790,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3914)","md5":"2e009be55ec62770ba8ca73400e6369d","sha1":"6fab31df4d5cff0a6cb77271687e23c4ab0f20da","sha256":"582a84ac6c7e53a53df320764afef7c5af0e27aa216659b894105eea881707d2","sha512":"0b3128ac8f1341f95a1a0894cee6f1ab62db6a3d1f477aac202731d516813373a423001f3521c60dd416348996c69c5e04e5fdb727eb675a2ec9818bcddd2760","ssdeep":"96:yozE0oXryY8WyVkk/h9OgWBDN5QPoZmZhBbeG1ZDWCfMEDaH:vzUXZ8WyVkk59NsgPokDtVWCkCaH","tlshash":"18a11a75ae8560b95092b46b5e3f365c1e72800f0918f90bb5dcea493f30a682d7dcdc","first_seen":"2025-10-15T19:37:20.383932Z","last_seen":"2025-10-15T19:37:20.383932Z","times_seen":1,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":107,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/3878540743-widgets.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:27 GMT","end":"Mon, 15 Dec 2025 08:40:26 GMT"},"fingerprint":{"sha1":"58:46:3F:C8:CA:4C:E8:4A:99:AA:61:86:67:DA:60:F0:B9:30:41:02","sha256":"D8:B8:F0:37:14:79:13:C0:3C:E5:D1:5D:E9:71:56:44:42:27:47:58:CB:5C:D1:8C:47:36:FC:1A:52:AC:78:14"}}},"request":{"raw":"GET /static/v1/widgets/3878540743-widgets.js HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 52140\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Oct 2025 15:30:40 GMT\r\nexpires: Mon, 12 Oct 2026 15:30:40 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 12 Oct 2025 08:49:28 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 273942\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":147538,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4058)","md5":"21eece0b7a222dbb78c925531a656c27","sha1":"48d0cc9691ba9b6229b5e4ec20e8a88c43f5af6d","sha256":"7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106","sha512":"197338ee2203a3e54e007d8b5fb5ee330667d86536e7d8f5bf9d150e3f7d1fa0f42fa033abf6f64e20fdbd68c8e7b6aec738fdb046420cbbc1b9608f28878f7a","ssdeep":"1536:ZJVLTvRqRF9UwngQc6MYse/412eRAMwPlH2NrAtSKUnvGYgMBSBWV66dSDXsZAas:oF9USb412eqXsNrPK+gYV8sGJeNNyN","tlshash":"6ee30ad8b79270628373b4b5003f010ff13a74aae84889acb188d9e57e749695677f7c","first_seen":"2025-09-29T03:21:26.936869Z","last_seen":"2025-10-17T21:16:23.593664Z","times_seen":4190,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":4,"connect":20,"send":0,"wait":16,"receive":26,"ssl":125},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.1028636003190.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.1028636003190.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=5; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.1028636003190.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=1217784b0326ca660bbe228ad11c74108c541ef639f710eb63299286a47949c4b96854da6bea2eaa68635724a7b679a815a5e899c9814004f1cebb9dd71fa2963ff43afe5ccbf79b852f4026c5a14a847f89d8a0368423db4bfcaf\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; expires=Wed, 15 Oct 2025 19:37:27 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 629a894c986505c9f21b8be850655548\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4794,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/81/38/73/81387328b92d5376d3bf6fc70d0962f4/1756656875.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/81/38/73/81387328b92d5376d3bf6fc70d0962f4/1756656875.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48533\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:36 GMT\r\netag: \"68b474ec-bd95\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48533,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:09:12], progressive, precision 8, 728x90, components 3","md5":"b655968dfbf788c0e508a561a6aa8ad1","sha1":"ee1fd3180c9ba834b04194e37159eb6ac40f0b4a","sha256":"9eb371b5ed2f8d3b721f179e0c2ce793dd445d329f5fa5f9ba9cba61c25a23ec","sha512":"c60e8b3f81379dce1cef22d6b38786c93c703ea022679bd0178382c6ca99fbd83ea2ece9b12bbe7700ef3fd3c102c59dd5f42646a3062b17e3e96bb8e697ddfd","ssdeep":"768:dJx3MijJx3BkpYyE6XdAAjCMAdUVzpnNhCLs2LjenuRPnSdkMNM5gTTOoy:PBlBBkpIAp1pfCLffenuRP4kcMiTry","tlshash":"8e23d01d7b66ad02f8c0c77548f1e3fb6312b558fba366067ddc64813b7a282981c1ca","first_seen":"2025-09-02T18:27:26.497192Z","last_seen":"2026-04-04T00:40:49.58216Z","times_seen":629,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/d6/39/0a/d6390af0b4f58d3725cd01a19abacd3a/1756661987.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/d6/39/0a/d6390af0b4f58d3725cd01a19abacd3a/1756661987.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 93518\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:39:48 GMT\r\netag: \"68b488e4-16d4e\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93518,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:25:00], progressive, precision 8, 320x240, components 3","md5":"c68d4f79a76b758c2624caba8892164b","sha1":"f5fbfbc14fea8c9b05a962b395ff854517c333fe","sha256":"19e1f4a3d8aa639cc69911d4c6bc713497f0936330c1fc4539ca2dade4eeb6af","sha512":"ef6f997a9bfe1a208b4c54ba2f7d732f19348df16b73cc73a7628d190fe456aba0ec1d87993daefa127cd8f093cca3ca7cc2c49c4c4a8017f20d0c79badff1e1","ssdeep":"1536:BGfG/zbP01UpLKf55/FiVhLgNa1qiokfY89PqoPt48z:BGfGbT018L+9iVhLr1qiBw89PJJz","tlshash":"4d93f23bb6a2db21f5e4563886fbe79503b30e68ae3701503ccdb6d4b7a64c31999407","first_seen":"2025-09-02T18:13:44.321498Z","last_seen":"2026-04-04T12:17:30.455092Z","times_seen":1277,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/d8/b1/09/d8b109165fc0ec08002c14fd9e81f6ece67b955e786b918b73abb33e5be5188f.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/d8/b1/09/d8b109165fc0ec08002c14fd9e81f6ece67b955e786b918b73abb33e5be5188f.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 57237\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 11 May 2025 14:02:30 GMT\r\netag: \"6820adf6-df95\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced","md5":"423a240fbfb182d7805dad3bb9e822bb","sha1":"6a853689b2cc95a6c36b98e6938e598bf2a28d52","sha256":"da19475c70c6669a83473eb52dec1feb61e629e374fdd426dd02024080d0b1a6","sha512":"98e063f429420821aa55688891aa4426d16d9e7ffa44f92f8d9d7f3e3870007872a66a718185428f197db14d070b7254e92a2cc7734cc54c39034c808daa7c8f","ssdeep":"1536:BP5oFAaPeX990yL036TelNvY6lEFLXmLw2JR:FWqaPeXz0yLDe7luXyH","tlshash":"ab430224ff03e61784be24af91eae88f1f6421bfb5b092807770221445b7c6b4282463","first_seen":"2025-05-16T16:44:08.672031Z","last_seen":"2026-04-04T10:55:20.054482Z","times_seen":3525,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscRRSv2SQekoOYiEeZgwcVd7a6qvqjDCKuMRKMSUwiOYhIffVsOT3dbVf39O5eDAZC8OLiydx63szu-hFEPYiXSJj1FhAyXtxDFsU_QESIV5nZhdUH9b5-v8PvFe_dHFZ7iEIldi-9ma3bJBFLfge3n71mU53Vrn3hatvDHXy6fc2mATvdXp25YvCiR1kHP9d-3ahetkSwh7GHvfZZW5g4W12ao2DzO9zrcNxhpOP5DFaL_9euWgAnFkAP9tBJsHr6-B_xO2DVBNL-N2eM65VZ_sJr_SoRZVbAQG-_nfbSrE6hf5jGRQvidPuADZmbIvTZAmTp9sEEkA3GswlA2ilaeOohyHT7QCbIwea-UpmASUHqE1APJmCSHbBiAiq7AVY_QABKw4WLkPa3LmRFLdb2UTFDp-joo7_B1lN09OGTkPa_Xk7savtKllSlzVIHq3EDdnUCtjuBvJpAub4Att4BVX4EVv-Mlh6dh7Q_vuiSDKzefUZzKXjg-YtcarLIOOeLwsd60QuCCAtKAyq9-RfZeALCtaCaPduCKm5Blbegr3fbDEdMeYIGMdcqxEwwpo3EPCIYC65CqNRM-waU-QaoZANUcWtcpcoNyee5Xil7A0LHZVGZrVmT0KF3p3ovTwiNCOU8GHrb-yx_TtqckfwhOeREERl6W_ucOQXy4jr07KcP_JMPjv0GRXUP3Mru914kJDMqZFpQ7IsIh4L5gS9kRJgfMiIw4aEUXAbUE0p5sQowJyFhIfc9QgKfRj4PTEBCFhpjJDdBTCVlhHhREBhjYhJxo7zYM6FndEAMITHlBlNMvEB6VPokoIwpwZkX-xIrLngsTGykHwkjKOc0xDxgPmaSRRozEtIAnD4Brpyi1lsfwkA3UBsEtUNQCwS1RVCXCOpBs6kTR1yzpRNXSe8gkoNIm1FWdodiMyu7JkUgig0odDO2-QfuBqjyyGg9dnqUzZyQZTMSUjfDfA89MVu6Vu_mceiZ3TZmNA5i3_MljpkhNMA8iEiklcbShJEGZxuwbmG-Kut2il66-zvkdoqeHn8CUuyAS3ZA2SMgqmMg6hHFGMTKiPgY1tPvsn5qe0nl7MB0VNbvpF3QWQN5eRTKtdYw2UOnRpevLt-b38G7v66BUffRgYEqGsiLBt63PyHoJrdGl7MajS9ntUPfXsxL27frYnYjV0pRmse-fMOs1Vmhz51xG1-8ombALL1z1bjyvEi1TbsOfbVstTbF2axQBt09564ZealyK8tVkVb5-Uuvnj3XzwvjnM3SCQg7Rcf_-hiUnaJTP96e37___G1Q-XVw-aFOlyGQOYLEIkjMYV_IBtx_anmYD90t6BYtEOUNSPsNDIoGBkkDItkAVx0ZlXlx_-Vf6NxAJq2RTAo0lkkxw-1uO6aGKIyjMPBoFBuPMq1iP2JcBwJTaqB005U___nh3wAAAP__hi0vIJ0FAAA=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscRRSv2SQekoOYiEeZgwcVd7a6qvqjDCKuMRKMSUwiOYhIffVsOT3dbVf39O5eDAZC8OLiydx63szu-hFEPYiXSJj1FhAyXtxDFsU_QESIV5nZhdUH9b5-v8PvFe_dHFZ7iEIldi-9ma3bJBFLfge3n71mU53Vrn3hatvDHXy6fc2mATvdXp25YvCiR1kHP9d-3ahetkSwh7GHvfZZW5g4W12ao2DzO9zrcNxhpOP5DFaL_9euWgAnFkAP9tBJsHr6-B_xO2DVBNL-N2eM65VZ_sJr_SoRZVbAQG-_nfbSrE6hf5jGRQvidPuADZmbIvTZAmTp9sEEkA3GswlA2ilaeOohyHT7QCbIwea-UpmASUHqE1APJmCSHbBiAiq7AVY_QABKw4WLkPa3LmRFLdb2UTFDp-joo7_B1lN09OGTkPa_Xk7savtKllSlzVIHq3EDdnUCtjuBvJpAub4Att4BVX4EVv-Mlh6dh7Q_vuiSDKzefUZzKXjg-YtcarLIOOeLwsd60QuCCAtKAyq9-RfZeALCtaCaPduCKm5Blbegr3fbDEdMeYIGMdcqxEwwpo3EPCIYC65CqNRM-waU-QaoZANUcWtcpcoNyee5Xil7A0LHZVGZrVmT0KF3p3ovTwiNCOU8GHrb-yx_TtqckfwhOeREERl6W_ucOQXy4jr07KcP_JMPjv0GRXUP3Mru914kJDMqZFpQ7IsIh4L5gS9kRJgfMiIw4aEUXAbUE0p5sQowJyFhIfc9QgKfRj4PTEBCFhpjJDdBTCVlhHhREBhjYhJxo7zYM6FndEAMITHlBlNMvEB6VPokoIwpwZkX-xIrLngsTGykHwkjKOc0xDxgPmaSRRozEtIAnD4Brpyi1lsfwkA3UBsEtUNQCwS1RVCXCOpBs6kTR1yzpRNXSe8gkoNIm1FWdodiMyu7JkUgig0odDO2-QfuBqjyyGg9dnqUzZyQZTMSUjfDfA89MVu6Vu_mceiZ3TZmNA5i3_MljpkhNMA8iEiklcbShJEGZxuwbmG-Kut2il66-zvkdoqeHn8CUuyAS3ZA2SMgqmMg6hHFGMTKiPgY1tPvsn5qe0nl7MB0VNbvpF3QWQN5eRTKtdYw2UOnRpevLt-b38G7v66BUffRgYEqGsiLBt63PyHoJrdGl7MajS9ntUPfXsxL27frYnYjV0pRmse-fMOs1Vmhz51xG1-8ombALL1z1bjyvEi1TbsOfbVstTbF2axQBt09564ZealyK8tVkVb5-Uuvnj3XzwvjnM3SCQg7Rcf_-hiUnaJTP96e37___G1Q-XVw-aFOlyGQOYLEIkjMYV_IBtx_anmYD90t6BYtEOUNSPsNDIoGBkkDItkAVx0ZlXlx_-Vf6NxAJq2RTAo0lkkxw-1uO6aGKIyjMPBoFBuPMq1iP2JcBwJTaqB005U___nh3wAAAP__hi0vIJ0FAAA= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0fe88f697e924c433ea19eccd22e99e2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b767f79257b0ab1b92608bd0bb146571\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s3hx8-DGMWTyggeDLiz_TWz0wYJrjESjElMIjnkINVV3bPl1FS1Vd3TmwUhGAi5uQEPxlPPM7O7fgRRLyIYCLPeFoSMpz1kQfwDPAjxqPTswOoL_X49z-F5337r1rA4IAEKun_xHb0hpKTLrabbePmqUFyXtnH-SsNzm-7JxlWh2uHJxnrtzOBVLwib7onGWwnr6WXf9VzXc73GGWGSVK8vz1CI7F7kNSO3GfpNrxVi3fy3tsX_YKkDPjggxyH49Mnf02sQbALV__Z0Ynu5zl55s19ImmuDAd95T_WULhX6R2lqHKRqZ86GtlNCPluAVjvzCaAH43oCxGJKFp59hFjtzGUiHmwdKo0lEoWYP4FyMEEiJxB0AqZvQvCHBGAc5y9A9bfPa1PS64cordEpOfb4T4hySo49egaq_82qFOuNy1oWudDKYj2tINYnEN0JsmIX-cYCRLkLln8MwX8hy4_PQfXHF6zUEHz_JR7FNGp7raUo5v5SGEXREm25fMlrtzsuDYJ2EHuzFYl0AmodFPUnHBSpgyJz0Of7jdDthMyjQTuNOFtxQxqGPIndqOO7Lo3YCgpWa99Enm2CyU0wc_te8X4m_aDjB1HUHno7GV_Le4PWODdFslUoZlvDlSNOp-MPve1DzowyrinDlS8OW34wa27XTT8YesjMDfTEnYet4zDFA9i1Cpa_CJtPifPuRxjwCmVCUFqCkhKUgqDMCcpBtcWl9W21zaUtYm8e_XkMqpHOu0O6pfNuogio2YTh1VhkH9qbYPniaCO1fKRrR-O8GtGYV8PsgDxV_zqnd-suesl-g_k0XIlaMff8KGFBh9I47aSdwGVB1I5abVhRQdiF2cI3xJS8dv83ZGJKXhh_gpjuwspdMLEIWjwPWlagaxU21Pe6r0RPFlYMkibT_abqgusKWX4M-XVnKA_I06NLV1YfzO7o2okHSNjeqR_v1vY5mKmQmQofiJ8JuvL26JIuyfiSLi357kKWi77YoPWNXc5pnix-9XZyvdSGnz1tN798ndVAnd67ktj8HFVcqK4lX68KzhNzRhuWkPtn7dUkvljYtdXCqCI7d_GNM2f7mUmsFVpNQMWU_L96DkxMyfG_78zeT_DpD2DZDdjsSKfVBHHmQAoCmeyRuYHGFey_6vgoH9rb6BoHNL8J1a8wMBUGsgKVm7DF4ijPzN6pX4OZIZbOKJbGGcfSyDuHe7Jiv5EGic9ct7PS9oJOmnhByFna6oQRb1M3CBLkdrr2x18__RMAAP__-2Cx5-IEAAA=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s3hx8-DGMWTyggeDLiz_TWz0wYJrjESjElMIjnkINVV3bPl1FS1Vd3TmwUhGAi5uQEPxlPPM7O7fgRRLyIYCLPeFoSMpz1kQfwDPAjxqPTswOoL_X49z-F5337r1rA4IAEKun_xHb0hpKTLrabbePmqUFyXtnH-SsNzm-7JxlWh2uHJxnrtzOBVLwib7onGWwnr6WXf9VzXc73GGWGSVK8vz1CI7F7kNSO3GfpNrxVi3fy3tsX_YKkDPjggxyH49Mnf02sQbALV__Z0Ynu5zl55s19ImmuDAd95T_WULhX6R2lqHKRqZ86GtlNCPluAVjvzCaAH43oCxGJKFp59hFjtzGUiHmwdKo0lEoWYP4FyMEEiJxB0AqZvQvCHBGAc5y9A9bfPa1PS64cordEpOfb4T4hySo49egaq_82qFOuNy1oWudDKYj2tINYnEN0JsmIX-cYCRLkLln8MwX8hy4_PQfXHF6zUEHz_JR7FNGp7raUo5v5SGEXREm25fMlrtzsuDYJ2EHuzFYl0AmodFPUnHBSpgyJz0Of7jdDthMyjQTuNOFtxQxqGPIndqOO7Lo3YCgpWa99Enm2CyU0wc_te8X4m_aDjB1HUHno7GV_Le4PWODdFslUoZlvDlSNOp-MPve1DzowyrinDlS8OW34wa27XTT8YesjMDfTEnYet4zDFA9i1Cpa_CJtPifPuRxjwCmVCUFqCkhKUgqDMCcpBtcWl9W21zaUtYm8e_XkMqpHOu0O6pfNuogio2YTh1VhkH9qbYPniaCO1fKRrR-O8GtGYV8PsgDxV_zqnd-suesl-g_k0XIlaMff8KGFBh9I47aSdwGVB1I5abVhRQdiF2cI3xJS8dv83ZGJKXhh_gpjuwspdMLEIWjwPWlagaxU21Pe6r0RPFlYMkibT_abqgusKWX4M-XVnKA_I06NLV1YfzO7o2okHSNjeqR_v1vY5mKmQmQofiJ8JuvL26JIuyfiSLi357kKWi77YoPWNXc5pnix-9XZyvdSGnz1tN798ndVAnd67ktj8HFVcqK4lX68KzhNzRhuWkPtn7dUkvljYtdXCqCI7d_GNM2f7mUmsFVpNQMWU_L96DkxMyfG_78zeT_DpD2DZDdjsSKfVBHHmQAoCmeyRuYHGFey_6vgoH9rb6BoHNL8J1a8wMBUGsgKVm7DF4ijPzN6pX4OZIZbOKJbGGcfSyDuHe7Jiv5EGic9ct7PS9oJOmnhByFna6oQRb1M3CBLkdrr2x18__RMAAP__-2Cx5-IEAAA= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+738c57e32eabd4df8b4c412ead0cbb7f=5974464; expires=Thu, 16 Oct 2025 19:36:29 GMT; path=/; secure; SameSite=None\niprc_l:5974464=1; expires=Thu, 16 Oct 2025 19:36:29 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: effbade9c0cc60114d1cecde80df8c4c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 873cf1d2134ebcf775b89430aaa43e86\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/96/34/ac/9634acb83fcdf3e17fdfeff8277050ef/1756656422.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/96/34/ac/9634acb83fcdf3e17fdfeff8277050ef/1756656422.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88669\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:03 GMT\r\netag: \"68b47327-15a5d\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88669,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 09:52:12], progressive, precision 8, 300x250, components 3","md5":"9bd84ed26d2194b5474eeb4a7853a5f4","sha1":"c15dd30cc3a2fdc855ab4a8cde307cd3d5e0aea3","sha256":"582568b484f7fea73c21631b5982cce91c3ac935d48b14a371919ccc9e07f15f","sha512":"856e3f19d718039e9544e3d86d9ef183678f50d4ca010b3f004a5e908108707af6690c2d375edfd8df61cef98f8367c04cb7358d830ef810d4233d54098c58f8","ssdeep":"1536:Pd+Rw6RTyFd+Rw6RTy4hMWYL1ZrR6PPaYSe0QZWFnbAVwNhyrvJ6S2bnm9+:PsDRTyFsDRTyfBL1Z16XXSe0QMFbiXJS","tlshash":"9e83f1606a688f2ae4a59b7872e8d3f76337a76dc3e35991784c7d123f302600d4d2d2","first_seen":"2025-09-02T16:16:24.150956Z","last_seen":"2026-04-03T17:23:29.965887Z","times_seen":933,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":19,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2SQi8SAm4lHm4EHFna3q7uruMoi4xkgwJjGJ5CAi9XO3nJ7utqt7encvBoMheHHxZG49b2azqEHUg3iJhFlvASHjxT1kUfwDRIR4lZ4srD7o96O_7_C9x1fXRtUe8qHiu-ffzDZskvAl2sPdZy_bVGW165691CW4h090L9s0DE5019pUDF8kftDDz3Vf17KfLXmYYEww6Z6yhTbZ2tIcBZvfYqTHcC_weoQGsFb8f3bVAji-AGq4h46BVbPH_zDvgJVTSAffnNSuX2b5C68NqoSXWQFDtf122k-zOoXBQWuKDph0e58NmZsh9PkCZOn2_gaQDSftBiDsDC08dR9Eur0vE8Rw66FSkYBOQajHoB5OQSc7YPkUZHYVrLqHAKSCs-cgHdw8mxU1X3-I8hadocMP_gZbz9Dh-09COvh6ObFr3YtZUpU2Sx2smQbs2hTsyhTyagrlxgLYegdk-RFY9TNaenAG0sHknEsysGr3GcUEZyGhi0wobzFgjC1yitUiCcMYc98PfUHmJ7JmCtx1oGo_24HKdKDKOzBQu90Ax4Ek3A8NUzLCAQ8CpQVmsYcxZzKCSrbaN6HMN0EmmyCLj7dztVr2h3RSFpXeqlLp6Ijcqt7LE8-PPT-OvRG5-ZAzp0xayohAXlyBvv3sHj1278hvUFR3wK3ufm9iZaLYSIZ9g0NqcEwDFTMvJpJREVMSsZAwGnAVKZ8qSiRl2MRMaKIM8XTEjE-NH_kmCKKAUB1yLgULfIKFjgKqVRBEUUzD1nfSi5jH4khwQaNQSKElIUZFIY2EDKkJDQ8xI9QTOGAhNb4Uhgc8or4kRsaGaRwIwoQEpx4FV85Q560PYagaqDWC2iGoOYLaIqhLBPWw2VKJ81xzUyWuEmS_evvVb8ZZuTLiW1m5olMEvNiEQjUTm3_groIsD403jFPjrE1clM2YC9WM8j30RGunTv_aUejr3S4OfBMaSqjAJtCeH2IWxl6spGovECtwtgHrFuYm2LAz9NLt3yG3M_T05FMQfAdcsgPSHgJeHQFej32Mga-OPYphI_0uG6S2n1TODnVPZoNeugIqayAvD0O53hkle-j4-MKl5Ttzh7_76zpoeRftB8iigbxo4H37E4KV5Pr4QlajyYWsdujbc3lpB3aDt-6_WPJSP_LlG3q9zgp1-qTb_OIV2QJte-uSduUZniqbrjj01bJVShenskJqdPu0u6zF-cqtLldFWuVnzr966vQgL7RzNkunwO0MHf3rE5B2ho7_eGP-sunzN0DmV8DlBzpdhkDkCBKLINEH_7lowP1nFgf9yF2HlaIDvLwK6aCBYdHAMGmAJ5vgqkPjMi_uvvyLPw8QSWcskgJNRFK0uN3tGl97EuM4CokfG038QElD44CpkGPf11C62eqf__zwbwAAAP__sW5XUXcFAAA=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2SQi8SAm4lHm4EHFna3q7uruMoi4xkgwJjGJ5CAi9XO3nJ7utqt7encvBoMheHHxZG49b2azqEHUg3iJhFlvASHjxT1kUfwDRIR4lZ4srD7o96O_7_C9x1fXRtUe8qHiu-ffzDZskvAl2sPdZy_bVGW165691CW4h090L9s0DE5019pUDF8kftDDz3Vf17KfLXmYYEww6Z6yhTbZ2tIcBZvfYqTHcC_weoQGsFb8f3bVAji-AGq4h46BVbPH_zDvgJVTSAffnNSuX2b5C68NqoSXWQFDtf122k-zOoXBQWuKDph0e58NmZsh9PkCZOn2_gaQDSftBiDsDC08dR9Eur0vE8Rw66FSkYBOQajHoB5OQSc7YPkUZHYVrLqHAKSCs-cgHdw8mxU1X3-I8hadocMP_gZbz9Dh-09COvh6ObFr3YtZUpU2Sx2smQbs2hTsyhTyagrlxgLYegdk-RFY9TNaenAG0sHknEsysGr3GcUEZyGhi0wobzFgjC1yitUiCcMYc98PfUHmJ7JmCtx1oGo_24HKdKDKOzBQu90Ax4Ek3A8NUzLCAQ8CpQVmsYcxZzKCSrbaN6HMN0EmmyCLj7dztVr2h3RSFpXeqlLp6Ijcqt7LE8-PPT-OvRG5-ZAzp0xayohAXlyBvv3sHj1278hvUFR3wK3ufm9iZaLYSIZ9g0NqcEwDFTMvJpJREVMSsZAwGnAVKZ8qSiRl2MRMaKIM8XTEjE-NH_kmCKKAUB1yLgULfIKFjgKqVRBEUUzD1nfSi5jH4khwQaNQSKElIUZFIY2EDKkJDQ8xI9QTOGAhNb4Uhgc8or4kRsaGaRwIwoQEpx4FV85Q560PYagaqDWC2iGoOYLaIqhLBPWw2VKJ81xzUyWuEmS_evvVb8ZZuTLiW1m5olMEvNiEQjUTm3_groIsD403jFPjrE1clM2YC9WM8j30RGunTv_aUejr3S4OfBMaSqjAJtCeH2IWxl6spGovECtwtgHrFuYm2LAz9NLt3yG3M_T05FMQfAdcsgPSHgJeHQFej32Mga-OPYphI_0uG6S2n1TODnVPZoNeugIqayAvD0O53hkle-j4-MKl5Ttzh7_76zpoeRftB8iigbxo4H37E4KV5Pr4QlajyYWsdujbc3lpB3aDt-6_WPJSP_LlG3q9zgp1-qTb_OIV2QJte-uSduUZniqbrjj01bJVShenskJqdPu0u6zF-cqtLldFWuVnzr966vQgL7RzNkunwO0MHf3rE5B2ho7_eGP-sunzN0DmV8DlBzpdhkDkCBKLINEH_7lowP1nFgf9yF2HlaIDvLwK6aCBYdHAMGmAJ5vgqkPjMi_uvvyLPw8QSWcskgJNRFK0uN3tGl97EuM4CokfG038QElD44CpkGPf11C62eqf__zwbwAAAP__sW5XUXcFAAA= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 26756b70bae0e46a1e758536b368d42f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTS4scVRS-PZm4iAsxEZfSCxcqTs991NMg4hgjwZjEJJKFiNxX9Vy7um5Zt6prMi4MBkJw4-BKcVN9umfGRxB1IbiIhB53ASHtxllkUPwBIkLcSvcMjF6o8_i-b_Gd4pwbw2oPMaj47oXX7LpJU77sd3D7qSsmU7Z27XOX2wR38Mn2FZMF3sn22iwUg-cI8zr46fYrWvbsMsUEY4JJ-7QpdGLXlucsmPxWTDox7ni0Q3wP1or_965aBMcXQQ320HEwavrIH8mbYOQEsv43p7TrlTZ_9uV-lfLSFjBQ229kvczWGfQPy6RoQZJtH6jBuilCnyyAzbYPJgA7GM8mAGGmaOHx-yCy7QObIAab-05FCjoDoR6GejABne6A4ROQ9joYdQ8BSAXnzkPW3zpni5pf3Wf5jJ2ixQd_g6mnaPH-Y5D1v15JzVr7kk2r0tjMwVrSgFmbgOlOIK8mUK4vgKl3QJYfgFE_o-UHZyHrj8-71IJRu0-qWPA4IP5SLBRd8uI4XuI-VkskCCLMGQuYIPNfZJIJcNeCavaZFlRJC6q8BX212_Zw5EnCWZDESobY456ntMBxRDHmsQyhkjPvG1DmGyDTDZDFzVvV23lKWURZHAdDsp2r1bI38MdlUenNKpPOH7JDTRTRIdna18wl45lkyD7fhyibg1szkLIhgby4Bj3z8T3_-L2jv0FR3QG3uvs9DRhJZMBFIP0wxtxLWBSHnCdaURkmkvCIRmHAIhaGIY4k4yTyQh0KnPCA4YDpMKKEa-0lWvpUBSEPhCelJjjWHPuMq4glingJ8aXkkgahjmKqMWNCC4YDn2uGMcdSJDQKQk4VFiwKpRdyP4x9HnteRLUksR9HTCtMMNUhOHUcXDlFrdffh4FqoNYIaoeg5ghqg6AuEdSDZlOljrpmS6WuEuQg04PMmpEtu0O-acuuzhDwYgMK1YxN_q67DrI8MlpPnBrZWeCibEZcqGaY76FHZ0vX6t04Bj2928YeS4LEJ77AiacpC3AcRDRSUmGhw0iBMw0YtzBflXUzRc_f_h1yM0VPjD8CwXfApTsgzRHg1VHg9YhhDHx1RH0M69l3tp-ZXlo5M9AdafudrAvKNpCXi1BebQ3TPXRidPHyyp35Hbz163ug5V108EAWDeRFA--YnxB005uji7ZG44u2dujb83lp-madz27kUslL_dCXr-qrtS3UmVNu44sX5YyYlbcua1ee5ZkyWdehr1aMUro4bQup0e0z7ooWFyq3ulIVWZWfvfDS6TP9vNDOGZtNgJspOvbXhyDNFJ348dP5_fvPfAYyvwYuP_TpLAKRI0gNglQf4lw04P7Ti8N66G5Ct2gBL69D1m9gUDQwSBvg6Qa46siozIu7L_zC5g9E2hqJtEBjkRYz3uy2E6apxDgKA8KiRBPmKZn4kRergGPGNJRuuvrnPz_8GwAA___VByKTnQUAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTS4scVRS-PZm4iAsxEZfSCxcqTs991NMg4hgjwZjEJJKFiNxX9Vy7um5Zt6prMi4MBkJw4-BKcVN9umfGRxB1IbiIhB53ASHtxllkUPwBIkLcSvcMjF6o8_i-b_Gd4pwbw2oPMaj47oXX7LpJU77sd3D7qSsmU7Z27XOX2wR38Mn2FZMF3sn22iwUg-cI8zr46fYrWvbsMsUEY4JJ-7QpdGLXlucsmPxWTDox7ni0Q3wP1or_965aBMcXQQ320HEwavrIH8mbYOQEsv43p7TrlTZ_9uV-lfLSFjBQ229kvczWGfQPy6RoQZJtH6jBuilCnyyAzbYPJgA7GM8mAGGmaOHx-yCy7QObIAab-05FCjoDoR6GejABne6A4ROQ9joYdQ8BSAXnzkPW3zpni5pf3Wf5jJ2ixQd_g6mnaPH-Y5D1v15JzVr7kk2r0tjMwVrSgFmbgOlOIK8mUK4vgKl3QJYfgFE_o-UHZyHrj8-71IJRu0-qWPA4IP5SLBRd8uI4XuI-VkskCCLMGQuYIPNfZJIJcNeCavaZFlRJC6q8BX212_Zw5EnCWZDESobY456ntMBxRDHmsQyhkjPvG1DmGyDTDZDFzVvV23lKWURZHAdDsp2r1bI38MdlUenNKpPOH7JDTRTRIdna18wl45lkyD7fhyibg1szkLIhgby4Bj3z8T3_-L2jv0FR3QG3uvs9DRhJZMBFIP0wxtxLWBSHnCdaURkmkvCIRmHAIhaGIY4k4yTyQh0KnPCA4YDpMKKEa-0lWvpUBSEPhCelJjjWHPuMq4glingJ8aXkkgahjmKqMWNCC4YDn2uGMcdSJDQKQk4VFiwKpRdyP4x9HnteRLUksR9HTCtMMNUhOHUcXDlFrdffh4FqoNYIaoeg5ghqg6AuEdSDZlOljrpmS6WuEuQg04PMmpEtu0O-acuuzhDwYgMK1YxN_q67DrI8MlpPnBrZWeCibEZcqGaY76FHZ0vX6t04Bj2928YeS4LEJ77AiacpC3AcRDRSUmGhw0iBMw0YtzBflXUzRc_f_h1yM0VPjD8CwXfApTsgzRHg1VHg9YhhDHx1RH0M69l3tp-ZXlo5M9AdafudrAvKNpCXi1BebQ3TPXRidPHyyp35Hbz163ug5V108EAWDeRFA--YnxB005uji7ZG44u2dujb83lp-madz27kUslL_dCXr-qrtS3UmVNu44sX5YyYlbcua1ee5ZkyWdehr1aMUro4bQup0e0z7ooWFyq3ulIVWZWfvfDS6TP9vNDOGZtNgJspOvbXhyDNFJ348dP5_fvPfAYyvwYuP_TpLAKRI0gNglQf4lw04P7Ti8N66G5Ct2gBL69D1m9gUDQwSBvg6Qa46siozIu7L_zC5g9E2hqJtEBjkRYz3uy2E6apxDgKA8KiRBPmKZn4kRergGPGNJRuuvrnPz_8GwAA___VByKTnQUAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 66276e2ce09dbfbb170dc914bb4b2af7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":70,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/1f/b7/2d/1fb72d2e8ca268ffbf1b86e4cd2f693c/1756656271.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/1f/b7/2d/1fb72d2e8ca268ffbf1b86e4cd2f693c/1756656271.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74733\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:04:31 GMT\r\netag: \"68b4728f-123ed\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74733,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:06:17], progressive, precision 8, 160x600, components 3","md5":"a0de059c2f07fe8aed9fc99f3bc0496b","sha1":"5ea6d01a4f8af9ea97306341fa9f4a188954195d","sha256":"0660383fbefda96d7fa892ee16ad60cb3d6a6276e6607b5771a1f8f933082bd3","sha512":"4c967451ac51da893d10710c4d931282c12f883c2f660296f6411a9dfd8dcfd9f5756336e0d32d0bb157816a475fb7201e57434d7a8eddc4d9e476547ba29aa4","ssdeep":"1536:qzXs0o/zXs0oeoWI89I/57x/DpcoLV4jjsizhf4qbQnTR58qTxshqJ/DcpCjU80:qbsLbsfWIuI/5ZpcoLejnziz158Ed/Do","tlshash":"4973f129fb73de63f5e142b888ecc2d42364ee90fab316443d4e65823b787954e5e406","first_seen":"2025-09-03T14:21:12.387652Z","last_seen":"2026-03-26T14:29:12.567227Z","times_seen":213,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.59721054259.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557048\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=97a194900cb4598286974d646d4cfa61dcf43808b1a0895453d5cc4d92e6c7f16341dd5a95ee3d1aaf1226a8730ae0ec9dc22a759321a76478c76cfacfe333e3e0961e9099dbe64141e8f93ad611dc2cb66697a9d5da6fa40e87ca\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.59721054259.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557048\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=97a194900cb4598286974d646d4cfa61dcf43808b1a0895453d5cc4d92e6c7f16341dd5a95ee3d1aaf1226a8730ae0ec9dc22a759321a76478c76cfacfe333e3e0961e9099dbe64141e8f93ad611dc2cb66697a9d5da6fa40e87ca\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=6; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 3358\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs=7; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs5=7; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ee9b9126236448f6a8b4379a9a4179df\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4770,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3894)","md5":"7e4068a57fc9419b2ce2dbe84fe50722","sha1":"3381245cd17fe5df2622d2b1048a99ed47dc553b","sha256":"d8d5e713bf2dcdd67f6705c7823b3e7c598d2d6e94552609251ce4a12d16ac5b","sha512":"68cc9f28c13f744c077e9dd7fbd02f7d99d704604761dff15f178343bd85a9fa30e0c20c0b1caaf1c04786f0d8e6bb3ff2c346e8cd1bc1952465ef57ce8b6ea6","ssdeep":"96:yoz+0LfVZr56FO8onGEnTzj8wYPXk/lIDm3PcOxrecN6w1ZDWCfMEDaH:vzNNZoF/oRnTJYPXk91PcOVVN6oVWCkL","tlshash":"90a11ab81d526078a8af382f843b7419be60834f1418ea0f7d2cd2156f20f681eb9dd9","first_seen":"2025-10-15T19:37:20.422725Z","last_seen":"2025-10-15T19:37:20.422725Z","times_seen":1,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/sbar.json?key=c2a4795bd129ec38aabf8f830c396956\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /sbar.json?key=c2a4795bd129ec38aabf8f830c396956\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=2; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 5091\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs=4; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nu_pl23824025=1; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nslecc2a4795bd129ec38aabf8f830c396956=[5974464]; expires=Wed, 15 Oct 2025 19:36:33 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 524dfe3efdc064c627bd22d819cf6fb2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6558,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"3bb1cb87fadf643449de4d31ba7ddc39","sha1":"99e0cd7377c43fd28bf66e04114863b5350ebb3a","sha256":"b70ce67368b81ea6bc7fbd789a38fb1098ba0240fda7e0e57938f7617555f001","sha512":"dfef9158a9d13111824f4612ceec912d3c9ef36269b2d8f78430d0fc890860b91c80bee12b9a913eee6c82386583acdbbd6514f4f02e0d4401e4eaf6b1313ef1","ssdeep":"192:9zmxyG48BM5n6ZAfka98b5RpCiiZ/oRWemGWTNR/2W6ZobW:9zgyGMp6ZAMaegiidem1TNR/HQobW","tlshash":"61d17dbfbbcd21ab05a74d10f1881d587c03e84b0da9de9ba56f739947e3014c08a05a","first_seen":"2025-10-15T19:37:20.43506Z","last_seen":"2025-10-15T19:37:20.43506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbs?c=1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=7; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5857915]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:30 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":670,"timings":{"blocked":287,"dns":1,"connect":93,"send":0,"wait":95,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/js/cookienotice.js","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /js/cookienotice.js HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 2026\r\ndate: Wed, 15 Oct 2025 19:36:21 GMT\r\nexpires: Wed, 22 Oct 2025 19:36:21 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 15 Oct 2025 15:50:16 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6513,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-04T11:01:34.870906Z","times_seen":109165,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1739585047445.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=400a4044cbb51ec24ccca9230e290a9291a33a980ae8e5e2fc8fbac6f4162681c84e5e6f7c907c50c5fe584ad8128331e79bf5de4e866c5eaafe178519bd8ad806b43ebf8ffeb8b792aa93c4aa17ec1dc709e024196cd671d03674\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1739585047445.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=400a4044cbb51ec24ccca9230e290a9291a33a980ae8e5e2fc8fbac6f4162681c84e5e6f7c907c50c5fe584ad8128331e79bf5de4e866c5eaafe178519bd8ad806b43ebf8ffeb8b792aa93c4aa17ec1dc709e024196cd671d03674\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 3256\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 8\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5a97021535a0d979f54036cc2d938ad7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4612,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3736)","md5":"d8f57b7feb96226b2a3d17d5d661929d","sha1":"46493e1e1a60ad45ed24ba00b13f8e2f147f68bd","sha256":"a1e81e4cea160ce99fd79a0e46820af7972dbe4caaa691f4020dfbc35bebed79","sha512":"ed5963b9049b46a5be6dc97852e7ce08649c91c7b6769969e67161976eb5134319e3b7e5ef29bf60776531c581731f695740ec1a8abfda5aa59576b279122d92","ssdeep":"96:yoz3t06vyNUTQHnUsk/t4q51uGy3EWadk3upU5R1ZDWCfMEDaH:vzLvy53keQvy0ZcupsVWCkCaH","tlshash":"c9911bd46fd1216d4486b03b6937a20d3f75940a1904998af85cf5052f30bd44abde9d","first_seen":"2025-10-15T19:37:20.450588Z","last_seen":"2025-10-15T19:37:20.450588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa8501-15d94\"\r\nage: 1480950\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ka%2FMF3zFLd1jwUT6C5E0A20AVFl3eNNhucLcjDi9t7q7VCnQrI6mb7aV6%2BiBLnKyAQom9Ujs%2B9QjEatjAegh%2FBq7pHBfKF8omWI1WNLd\"}]}\r\ncf-ray: 98f1c3fccb58b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2STf4fsOH1_yEW8yBw8q7mxVd3VPtUHENUaCMYlJJAcRqZ-75fR0tV3d05tFJBgMwYuDJ731vDObRQ0SPXgQImHWW0DIeHEPWRT_ABEhXmUmC6sv1PvjeerwvMVT10fVHgqh4rvnX3WbNk35StTB7Scv20y52rfPXmoT3MEn2pdtFtMT7Y15KgbPkpB28FPtl7XsuZUAE4wJJu1TttDGbawsWLD5rYR0EtyhQYdEFDaKf86-OgKet0AN9tBRsGr231_NG2DlFLL-7ZPa90qXP_NSv0p56QoYqO3Xs17m6gz6B60pWmCy7f3b4PwMoU-WwGXb-xuAG0zmG4CwM7R0_AGIbHtfJojB1iOlIgWdgVD_gXowBZ3ugOVTkO4aWHUfAUgFZ89B1r951hU1v_KI5XN2hg4__ANsPUOHH_wfsv6Xq6ndaF90aVVal3nYMA3YjSnYtSnk1Q6Um0tg6x2Q5ftg1Q9o5eEZyPqTcz51YNXuEyoRPIlJtJwIFSzTJEmWeYTVMoljhnkYxqEgiyeyZgrct6CaH9uCyrSgylvQV7ttihmVhIexSZTsYsopVVrghAUY80R2oZJz7UMo8yHIdAiy-OBmrtbL3mBSFpWeVJn0I7r9CIoW2NYci0b0VvVWngYhC0LGghGBvLgKPfvx_ejo_SM_Q1HdBb---w0PmWYRJaHUkmBCDQmZpsKQbhDFDMtYRSJmgWEypCJmlBvGleJSSBHqWFLDEhkpE_IuYUwZLWIcxtiQJME6DjGJdBTpqGuoYCbWTEVCSyFinOiI8SiikUxCpWIRJZQIrrQMNIsZNzHVieJdHqhAmcgYbSgRVGrMEhwT8Oo4-HKGWq-9BwPVQK0R1B5BzRHUFkFdIqgHzZZKfeCbmyr1lSD7NdivYTN25dqIb7lyTWcIeDGEQjUTm7_jr4EsD403jVdjN09clM2YC9WM8j30v7mdWr3r70JP77YVpzjqmihWmksiOdddygIchbzLDOEcvG3A-qWFCTbtDD135xfI7Qw9PvkIBN8Bn-6AtIeAV48Br8fdgAFfhwTDZva162e2l1beDnRHun4nWwPlGsjLw1BeaY3SPXRsfOHS6t2Fwd_8aQha3kP7AbJoIC8aeNt-j2AtvTG-4Go0ueBqj746l5e2bzf53PwXS17qf33-ir5Su0KdPumHn70g58S8vXVJ-_IMz5TN1jz6YtUqpYtTrpAa3TntL2txvvLrq1WRVfmZ8y-eOt3PC-29ddkUuJ2hf__-IUg7Q8e--3TxsaOnb4PMr4LPD3R6h0DkCFKLINUHOBcN-L_N4qAf-RuwVrSAl9cg6zcwKBoYpA3wdAi-OjQu8-Le8z-GiwCRtsYiLdBEpMWct7ttE-pAYsy6MQmZ0SSkSpqI0UTFHIehhtLP1n_789u_AgAA___Stdj8dgUAAA==","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2STf4fsOH1_yEW8yBw8q7mxVd3VPtUHENUaCMYlJJAcRqZ-75fR0tV3d05tFJBgMwYuDJ731vDObRQ0SPXgQImHWW0DIeHEPWRT_ABEhXmUmC6sv1PvjeerwvMVT10fVHgqh4rvnX3WbNk35StTB7Scv20y52rfPXmoT3MEn2pdtFtMT7Y15KgbPkpB28FPtl7XsuZUAE4wJJu1TttDGbawsWLD5rYR0EtyhQYdEFDaKf86-OgKet0AN9tBRsGr231_NG2DlFLL-7ZPa90qXP_NSv0p56QoYqO3Xs17m6gz6B60pWmCy7f3b4PwMoU-WwGXb-xuAG0zmG4CwM7R0_AGIbHtfJojB1iOlIgWdgVD_gXowBZ3ugOVTkO4aWHUfAUgFZ89B1r951hU1v_KI5XN2hg4__ANsPUOHH_wfsv6Xq6ndaF90aVVal3nYMA3YjSnYtSnk1Q6Um0tg6x2Q5ftg1Q9o5eEZyPqTcz51YNXuEyoRPIlJtJwIFSzTJEmWeYTVMoljhnkYxqEgiyeyZgrct6CaH9uCyrSgylvQV7ttihmVhIexSZTsYsopVVrghAUY80R2oZJz7UMo8yHIdAiy-OBmrtbL3mBSFpWeVJn0I7r9CIoW2NYci0b0VvVWngYhC0LGghGBvLgKPfvx_ejo_SM_Q1HdBb---w0PmWYRJaHUkmBCDQmZpsKQbhDFDMtYRSJmgWEypCJmlBvGleJSSBHqWFLDEhkpE_IuYUwZLWIcxtiQJME6DjGJdBTpqGuoYCbWTEVCSyFinOiI8SiikUxCpWIRJZQIrrQMNIsZNzHVieJdHqhAmcgYbSgRVGrMEhwT8Oo4-HKGWq-9BwPVQK0R1B5BzRHUFkFdIqgHzZZKfeCbmyr1lSD7NdivYTN25dqIb7lyTWcIeDGEQjUTm7_jr4EsD403jVdjN09clM2YC9WM8j30v7mdWr3r70JP77YVpzjqmihWmksiOdddygIchbzLDOEcvG3A-qWFCTbtDD135xfI7Qw9PvkIBN8Bn-6AtIeAV48Br8fdgAFfhwTDZva162e2l1beDnRHun4nWwPlGsjLw1BeaY3SPXRsfOHS6t2Fwd_8aQha3kP7AbJoIC8aeNt-j2AtvTG-4Go0ueBqj746l5e2bzf53PwXS17qf33-ir5Su0KdPumHn70g58S8vXVJ-_IMz5TN1jz6YtUqpYtTrpAa3TntL2txvvLrq1WRVfmZ8y-eOt3PC-29ddkUuJ2hf__-IUg7Q8e--3TxsaOnb4PMr4LPD3R6h0DkCFKLINUHOBcN-L_N4qAf-RuwVrSAl9cg6zcwKBoYpA3wdAi-OjQu8-Le8z-GiwCRtsYiLdBEpMWct7ttE-pAYsy6MQmZ0SSkSpqI0UTFHIehhtLP1n_789u_AgAA___Stdj8dgUAAA== HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6NSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.sVUirNfr4Ltpj0Z3GqQ0BCi2gkLbL9Esm3prFTHJNos; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv5=true; uncs5=4; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0b9febb75ecbaf5c180e743bcea42c23\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"throbcrunchsurely.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYscxRuu2Sy_Q34HMRFvyhw8qLiz_TW90wYJrjESjElMIgHFQ310z5ZbXdV2dU9v9iDRgAQvruBBvdj7zCYbNYh6E4mEWS8SENIn97AL4h8gIsSr9GRg9YV63vetpw7P-9T7_ma5T3yUdPfcK2ZdKkUX-z2n--QlqYWpbPfMxa7r9Jxj3UtSh8Gx7loL-ehZ1w96zlPdl2K-ahY9x3Uc13G7J2UeJ2ZtccpCZrcitxc5vcDruf0Aa_l_e1t2YGkHYrRPjkCK5qHfkzcg-QQ6_eZEbFcLkz3zYloqWpgcI7H9ml7VptJID8ok7yDR27PXMLYh5JM5GL09mwBmtNVOACYbMvfoHpjenskEG11_oJQpxBpM_B_VaIJYTSDpBNxchRT3CMAFzpyFTm-cMXlFLz9gacs2ZP7-X5BVQ-b3HoFOv15Wcq17waiykEZbrCU15NoEcjhBVu6gWJ-DrHbAi_cgxS9k8f5p6HTrrFUGUuw-ISJGo9DtL0RMeAtBFEULtO-IBTcMBw71_dBn7tQimUxAbQdle2QHZdJBmXWQit1u4AwC7lI_TCLBl5yABoGImRMNPMehEV9CyVvtGyiyDXC1AZ5fQZa_e1P4S7HPeLDJsCo_utc_gry8A7tSw4rHYIuGdF59ByNRo4oJKktQUYJKElQFQTWqrwtlPVvfEMqWzJ1lb5b9emyK4Sa9bophrAlovoFc1Fsye9teBS8OjdcTK8amBcqKekyZqDezffJwa3RH7Wmsxrtdvx8liRiIyOOhGLhLA1eEA049nnAWOJ4HK2tIOze1Z1025LnbvyGTDXl860MwugOrdsDlIdDSBa1q0JUa6_o7k2q5qkorR3GPm7SnhxCmRlbMo7jc2VT75Oj4_MXlO9Nff_PX24j5XTIL8LxGltd4S_5EMFTXxudNRbbOm8qSb89mhUzlOm034kJBi_h_X74cX65MLk6dsBtfPM9boi1vXYxtcZpqIfXQkq-WpRBxftLkPCa3T9lLMTtX2pXlMtdldvrcCydPpVkeWyuNnoDKhhz-8wNw2ZCjP34-3fb-03vg2RXY7ECnNQQs60BJAhUf3FNWw_6rZwf1pr2GYT4PWlyFTmuM8hojVYOqDdjy8LjI8rvHf_60jc_A1PyYqXx-i6lcfTz1qYU7LXzfkNdvHoeVu92-x_xwMAjjJBSJL3zPF1HfiaOARmEQBX0Utln54-8f_gkAAP__qo80ap8EAAA=","fqdn":"throbcrunchsurely.com","domain":"throbcrunchsurely.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"throbcrunchsurely.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:35:19 GMT","end":"Wed, 31 Dec 2025 08:35:18 GMT"},"fingerprint":{"sha1":"50:72:94:2F:4C:52:0E:93:94:98:D2:04:39:34:0F:85:38:24:92:92","sha256":"A1:7D:09:0B:38:C0:E1:52:80:EB:94:D5:35:4F:7F:DC:F5:5E:0A:9C:B1:82:D5:82:DA:BE:C3:A1:97:1B:81:8D"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYscxRuu2Sy_Q34HMRFvyhw8qLiz_TW90wYJrjESjElMIgHFQ310z5ZbXdV2dU9v9iDRgAQvruBBvdj7zCYbNYh6E4mEWS8SENIn97AL4h8gIsSr9GRg9YV63vetpw7P-9T7_ma5T3yUdPfcK2ZdKkUX-z2n--QlqYWpbPfMxa7r9Jxj3UtSh8Gx7loL-ehZ1w96zlPdl2K-ahY9x3Uc13G7J2UeJ2ZtccpCZrcitxc5vcDruf0Aa_l_e1t2YGkHYrRPjkCK5qHfkzcg-QQ6_eZEbFcLkz3zYloqWpgcI7H9ml7VptJID8ok7yDR27PXMLYh5JM5GL09mwBmtNVOACYbMvfoHpjenskEG11_oJQpxBpM_B_VaIJYTSDpBNxchRT3CMAFzpyFTm-cMXlFLz9gacs2ZP7-X5BVQ-b3HoFOv15Wcq17waiykEZbrCU15NoEcjhBVu6gWJ-DrHbAi_cgxS9k8f5p6HTrrFUGUuw-ISJGo9DtL0RMeAtBFEULtO-IBTcMBw71_dBn7tQimUxAbQdle2QHZdJBmXWQit1u4AwC7lI_TCLBl5yABoGImRMNPMehEV9CyVvtGyiyDXC1AZ5fQZa_e1P4S7HPeLDJsCo_utc_gry8A7tSw4rHYIuGdF59ByNRo4oJKktQUYJKElQFQTWqrwtlPVvfEMqWzJ1lb5b9emyK4Sa9bophrAlovoFc1Fsye9teBS8OjdcTK8amBcqKekyZqDezffJwa3RH7Wmsxrtdvx8liRiIyOOhGLhLA1eEA049nnAWOJ4HK2tIOze1Z1025LnbvyGTDXl860MwugOrdsDlIdDSBa1q0JUa6_o7k2q5qkorR3GPm7SnhxCmRlbMo7jc2VT75Oj4_MXlO9Nff_PX24j5XTIL8LxGltd4S_5EMFTXxudNRbbOm8qSb89mhUzlOm034kJBi_h_X74cX65MLk6dsBtfPM9boi1vXYxtcZpqIfXQkq-WpRBxftLkPCa3T9lLMTtX2pXlMtdldvrcCydPpVkeWyuNnoDKhhz-8wNw2ZCjP34-3fb-03vg2RXY7ECnNQQs60BJAhUf3FNWw_6rZwf1pr2GYT4PWlyFTmuM8hojVYOqDdjy8LjI8rvHf_60jc_A1PyYqXx-i6lcfTz1qYU7LXzfkNdvHoeVu92-x_xwMAjjJBSJL3zPF1HfiaOARmEQBX0Utln54-8f_gkAAP__qo80ap8EAAA= HTTP/1.1\r\nHost: throbcrunchsurely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl23911790=1; nlec359ffd8d92c6d81781d68ca2cfcb4022=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: throbcrunchsurely.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e7ced3c996c75e5cf84b34249074869b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vxl0d9JJ9TA8Tmjw%2F7yZXseh%2B101M%2BRyBK6JRhPofCWCaQxBI5sQQuNmcTBqfbudA3Hczjs8tw%2F2DLwupMmIQfABxn0nyqkJfqLXy3pB\"}]}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98f1c3fecb78b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-04T10:49:57.044251Z","times_seen":10533,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2U08xIOYiEeZgwcVd7aqu6u7yyDiGiPBmMQkkoN4qJ-z5fR0tV3d05s9LQZC8OIiHvTW-2aTRQ2iHvQUCbPeAkLGi3vIovgHiAjxKrMZWH1Q732vvjp8r-qr61v1Pgqh5nsX3nLrNsv4Mu3h7nNXbK5c47vnLncJ7uGT3Ss2j6OT3bVZKkcvkTDq4ee7b2g5cMsBJhgTTLqnbamNW1s-YMEWtxnpMdyLgh6hEayV_-993QHPO6BG--g4WDV94g_zLlg5gXz4zSntB5UrXnx9WGe8ciWM1M47-SB3TQ7DQ2jKDph8Z34anJ8i9NkCuHxnPgG40fZsAhB2ihaefgAi35nLBDG6-UipyEDnINTj0IwmoLNdsHwC0l0Dq-4jAKng3HnIh7fOubLhVx-xfMZO0ZGHf4NtpujIg6cgH369ktm17iWX1ZV1uYc104Jdm4DtT6Cod6FaXwDb7IKsPgSrfkbLD89CPtw-7zMHVu09q5jgLCZ0iQkVLEWMsSVOsVoicZxiHoZxKMjBFVkzAe47UM-W7UBtOlAXHRiqvW6E00gSHsaGKZngiEeR0gKzNMCYM5lALWfaN6EqNkFmmyDLDSjKDRjYT-7T4_eP_gZlfRf86t73UWISEUQslAqHlLA4MZQrmghOVcQpC2iiUs05DQwVEeWaxiYJlErTlAsSKZYGsdJCkRirROo4ZDiNYm1SHgQ0JYlKQyIjoSmNmNaEGh5pGYdCKyUE45gHkkWap4YExJCEcWJIGDOWhKFihFPNhCLGGMbjlOJES80TRcCrRfDVFHXe3oCRaqHRCBqPoOEIGougqRA0o_amynzg21sq87Ug8xrMa9iOXdXf4jdd1dc5Al5uQqnabVt84K-BrBbH68arsZslLqp2zIVqt4p99OTMF53B9WMw0HtdHIUmNpRQgU2kgzDGLE6DVEmFhU5SBd62YP3CwWuu2yl6-c7vUNgpemb7YxB8F3y2C9IuAq-PAm_GIcbAV8cBxbCef-eGuR1ktbcj3ZNu2Mv7oFwLRXUEqqudrWwfnRhfvLxy98Cq7_1agZb30DxAli0UZQvv258Q9LMb44uuQdsXXePRt-eLyg7tOp_Z-FLFK_3Yl2_qq40r1ZlTfvOLV-WMmMHbl7WvzvJc2bzv0VcrVildnnal1OjOGX9Fiwu1X12py7wuzl547fSZYVFq763LJ8DtFB376yOQdopO_Pj5wRelL3wKstgAXxzq9A6BKBBkFkGmD_e5aMH_pxeHeMvfgH7ZAV5dg3zYwqhsYZS1wLNN8PXiuCrKe6_8Eh4EiKwzFlmJtkVWzni71zWhDiTGaRKTMDWahJGShqYRUzHHYaih8tPVP__54d8AAAD__4n-iIFABQAA","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2U08xIOYiEeZgwcVd7aqu6u7yyDiGiPBmMQkkoN4qJ-z5fR0tV3d05s9LQZC8OIiHvTW-2aTRQ2iHvQUCbPeAkLGi3vIovgHiAjxKrMZWH1Q732vvjp8r-qr61v1Pgqh5nsX3nLrNsv4Mu3h7nNXbK5c47vnLncJ7uGT3Ss2j6OT3bVZKkcvkTDq4ee7b2g5cMsBJhgTTLqnbamNW1s-YMEWtxnpMdyLgh6hEayV_-993QHPO6BG--g4WDV94g_zLlg5gXz4zSntB5UrXnx9WGe8ciWM1M47-SB3TQ7DQ2jKDph8Z34anJ8i9NkCuHxnPgG40fZsAhB2ihaefgAi35nLBDG6-UipyEDnINTj0IwmoLNdsHwC0l0Dq-4jAKng3HnIh7fOubLhVx-xfMZO0ZGHf4NtpujIg6cgH369ktm17iWX1ZV1uYc104Jdm4DtT6Cod6FaXwDb7IKsPgSrfkbLD89CPtw-7zMHVu09q5jgLCZ0iQkVLEWMsSVOsVoicZxiHoZxKMjBFVkzAe47UM-W7UBtOlAXHRiqvW6E00gSHsaGKZngiEeR0gKzNMCYM5lALWfaN6EqNkFmmyDLDSjKDRjYT-7T4_eP_gZlfRf86t73UWISEUQslAqHlLA4MZQrmghOVcQpC2iiUs05DQwVEeWaxiYJlErTlAsSKZYGsdJCkRirROo4ZDiNYm1SHgQ0JYlKQyIjoSmNmNaEGh5pGYdCKyUE45gHkkWap4YExJCEcWJIGDOWhKFihFPNhCLGGMbjlOJES80TRcCrRfDVFHXe3oCRaqHRCBqPoOEIGougqRA0o_amynzg21sq87Ug8xrMa9iOXdXf4jdd1dc5Al5uQqnabVt84K-BrBbH68arsZslLqp2zIVqt4p99OTMF53B9WMw0HtdHIUmNpRQgU2kgzDGLE6DVEmFhU5SBd62YP3CwWuu2yl6-c7vUNgpemb7YxB8F3y2C9IuAq-PAm_GIcbAV8cBxbCef-eGuR1ktbcj3ZNu2Mv7oFwLRXUEqqudrWwfnRhfvLxy98Cq7_1agZb30DxAli0UZQvv258Q9LMb44uuQdsXXePRt-eLyg7tOp_Z-FLFK_3Yl2_qq40r1ZlTfvOLV-WMmMHbl7WvzvJc2bzv0VcrVildnnal1OjOGX9Fiwu1X12py7wuzl547fSZYVFq763LJ8DtFB376yOQdopO_Pj5wRelL3wKstgAXxzq9A6BKBBkFkGmD_e5aMH_pxeHeMvfgH7ZAV5dg3zYwqhsYZS1wLNN8PXiuCrKe6_8Eh4EiKwzFlmJtkVWzni71zWhDiTGaRKTMDWahJGShqYRUzHHYaih8tPVP__54d8AAAD__4n-iIFABQAA HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 037832fa1a6957ab4a3eee9707f52f8f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/9e/5c/35/9e5c35385d0c5139cc819db9c5ec3f9c/1756656395.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/9e/5c/35/9e5c35385d0c5139cc819db9c5ec3f9c/1756656395.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65091\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:35 GMT\r\netag: \"68b4730b-fe43\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65091,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:17:27], progressive, precision 8, 300x250, components 3","md5":"026ecb9ebfc333b46de99a35ece1ed63","sha1":"4945bcedd091109a3c43834502a9301ff5009087","sha256":"02fdce35ad465cf23a8baac4d505a51a7756c6d865f5d311389734c5c601416b","sha512":"e4756406638971996514a6c286a7dfafefee9e4bc76f86f557104ed8aaf4d3a513d13229756cf689e23e7d4e41beb3ac3a0aa75d3789433c5442f387d3073279","ssdeep":"1536:HT8CEOavT8CEOa2GYL1Ql6B2mQmW4aO1R9snq7ji0kZsUdCWTkLNVUQBq3:z8C7u8C7sk1c6BfQmjaO1d7jijFYLNVS","tlshash":"7953e040e682cc32e9e6d8b990f5c2b573329e906af39e40f49e64427ff87d5ac48153","first_seen":"2025-09-02T19:57:23.459951Z","last_seen":"2026-04-03T08:46:56.914433Z","times_seen":906,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":90,"dns":14,"connect":21,"send":0,"wait":20,"receive":45,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2SQfH_kOHybiUebgQcWdrequ6h8GEdcYCcYkJpEcRKR-7pbT09V2dU9v9mIwGIIXF0HQW887s1nUIOpBvETCrLeAkPHiHrIo_gEiQrzKbBZWX6j3x_PU4XmLp66P6l0UQs13zr_q1m2W8SXWw90nL9tcucZ3z17qEtzDJ7qXbR7RE921eSqHz5KQ9vBT3Ze17LulABOMCSbdU7bUxq0t7bFgi1sp6aW4R4MeYRTWyn_Pvl4AzxdADXfRMbBq9v_fzBtg5RTywVcnte9XrnjmpUGd8cqVMFRbr-f93DU5DA5aU3bA5Fv7t8H5GUKfLIDLt_Y3ADeczDcAYWdo4bH7IPKtfZkghpsPlYoMdA5C_Q-a4RR0tg2WT0G6a2DVPQQgFZw9B_ng5llXNvzKQ5bP2Rk6_OBPsM0MHb7_KOSDL5czu9a96LK6si73sGZasGtTsCtTKOopVOsLYJttkNV7YNWPaOnBGcgHk3M-c2DVzhMqFTyNCFtMhQoWaZqmi5xhtUiiKME8DKNQkL0nsmYK3Hegnh_bgdp0oC46MFA7XYoTKgkPI5MqGWPKKVVa4DQJMOapjKGWc-0bUBUbILMNkOX7t-q3iiwIkyBMkmBEbhZqteoPJ1VZ60mdSz8Kth5CbA_bnGNsFEBRXoW-_egeO3bvyC9Q1nfAr-58G5Aw1iSQCcWSkFAYEwVMqJhSnTCOueRSpiyOQ0yYTknMqIoVEyxOIqOFNprjIIpNjA0NqTEs1UmKQxwzwqKYM21EwE3KQo0NjnXMsFCYx6kKRGC4MVRFMReGkZRyjjnBVHGNKU2p5DpknKQixlQnWpOUGWHCUIuUMPDqv-CrGeq89i4MVQuNRtB4BA1H0FgETYWgGbabKvOBb2-qzNeC7Ndgv4bt2FUrI77pqhWdI-DlBpSqndjiHX8NZHVovG68Grt54qJqx1yodlTsokfmdur0rx-Fvt7pYhqayDDCBDZUB2GE0ygJEiUVFjpOFHjbgvULeyZYtzP03O1fobAz9PjkQxB8G3y2DdIeAl4fAd6MQ4yBr44DhmE9_8YNctvPam-HuifdoJevgHItFNVhqK50RtkuOj6-cGn5zp7D3_y5Bi3vov0AWbZQlC28bX9AsJLdGF9wDZpccI1HX58rKjuw63zu_osVr_R_Pn9FX2lcqU6f9BufvSDnxLy9dUn76gzPlc1XPPpi2Sqly1OulBrdPu0va3G-9qvLdZnXxZnzL546PShK7b11-RS4naGjf3wA0s7Q8e8_3fvZ7OmPQRZXwRcHOr1DIAoEmUWQ6QOcixb8P2Zx0I_8DVgpO8Cra5APWhiWLQyzFni2Ab4-NK6K8u7zP4V7ASLrjEVWoonIyjlvd7om1IHEOIkjEiZGk5AqaVhCUxVxHIYaKj9b_f2v7_4OAAD___h7_gt3BQAA","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2SQfH_kOHybiUebgQcWdrequ6h8GEdcYCcYkJpEcRKR-7pbT09V2dU9v9mIwGIIXF0HQW887s1nUIOpBvETCrLeAkPHiHrIo_gEiQrzKbBZWX6j3x_PU4XmLp66P6l0UQs13zr_q1m2W8SXWw90nL9tcucZ3z17qEtzDJ7qXbR7RE921eSqHz5KQ9vBT3Ze17LulABOMCSbdU7bUxq0t7bFgi1sp6aW4R4MeYRTWyn_Pvl4AzxdADXfRMbBq9v_fzBtg5RTywVcnte9XrnjmpUGd8cqVMFRbr-f93DU5DA5aU3bA5Fv7t8H5GUKfLIDLt_Y3ADeczDcAYWdo4bH7IPKtfZkghpsPlYoMdA5C_Q-a4RR0tg2WT0G6a2DVPQQgFZw9B_ng5llXNvzKQ5bP2Rk6_OBPsM0MHb7_KOSDL5czu9a96LK6si73sGZasGtTsCtTKOopVOsLYJttkNV7YNWPaOnBGcgHk3M-c2DVzhMqFTyNCFtMhQoWaZqmi5xhtUiiKME8DKNQkL0nsmYK3Hegnh_bgdp0oC46MFA7XYoTKgkPI5MqGWPKKVVa4DQJMOapjKGWc-0bUBUbILMNkOX7t-q3iiwIkyBMkmBEbhZqteoPJ1VZ60mdSz8Kth5CbA_bnGNsFEBRXoW-_egeO3bvyC9Q1nfAr-58G5Aw1iSQCcWSkFAYEwVMqJhSnTCOueRSpiyOQ0yYTknMqIoVEyxOIqOFNprjIIpNjA0NqTEs1UmKQxwzwqKYM21EwE3KQo0NjnXMsFCYx6kKRGC4MVRFMReGkZRyjjnBVHGNKU2p5DpknKQixlQnWpOUGWHCUIuUMPDqv-CrGeq89i4MVQuNRtB4BA1H0FgETYWgGbabKvOBb2-qzNeC7Ndgv4bt2FUrI77pqhWdI-DlBpSqndjiHX8NZHVovG68Grt54qJqx1yodlTsokfmdur0rx-Fvt7pYhqayDDCBDZUB2GE0ygJEiUVFjpOFHjbgvULeyZYtzP03O1fobAz9PjkQxB8G3y2DdIeAl4fAd6MQ4yBr44DhmE9_8YNctvPam-HuifdoJevgHItFNVhqK50RtkuOj6-cGn5zp7D3_y5Bi3vov0AWbZQlC28bX9AsJLdGF9wDZpccI1HX58rKjuw63zu_osVr_R_Pn9FX2lcqU6f9BufvSDnxLy9dUn76gzPlc1XPPpi2Sqly1OulBrdPu0va3G-9qvLdZnXxZnzL546PShK7b11-RS4naGjf3wA0s7Q8e8_3fvZ7OmPQRZXwRcHOr1DIAoEmUWQ6QOcixb8P2Zx0I_8DVgpO8Cra5APWhiWLQyzFni2Ab4-NK6K8u7zP4V7ASLrjEVWoonIyjlvd7om1IHEOIkjEiZGk5AqaVhCUxVxHIYaKj9b_f2v7_4OAAD___h7_gt3BQAA HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 7\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 912977efd0a97bfac4ea12b7be62c61e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-04-04T09:06:35.652387Z","times_seen":980,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /da4057f56deac1caae7482053a78f1aa/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18420\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c134b1ae632677657eae1be3088e089b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"3b693df750500c1c31d6112a4ce61a62","sha1":"3ec2ab08164d3bf868cb91cc93e8f0223818bedc","sha256":"4d05a4b96b5c6030b831695f0d38ab137b30f4388612de99c3dea8c3a4c078ea","sha512":"ae56dda15902ac9c90a8f98a2f013b9bd845ec6d1f59c75d11cfb22941c8c591d57824555df77259cb11da0a20f68e32afd1d5b90ec1eb453d068b2bc865a0a7","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsjy2X:36rxKbk0CrQ+fdwNDba1lIlcPE02X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","first_seen":"2025-10-15T19:37:20.460727Z","last_seen":"2025-10-15T19:37:20.460727Z","times_seen":1,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ae/4f/16/ae4f166886c7a54e9ecb7ccf48991730/1756656280.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/ae/4f/16/ae4f166886c7a54e9ecb7ccf48991730/1756656280.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66195\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:04:40 GMT\r\netag: \"68b47298-10293\"\r\nexpires: Fri, 17 Oct 2025 19:36:26 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66195,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:48:07], progressive, precision 8, 160x600, components 3","md5":"9429f81326a9706d30bcef9a3f0e6c9e","sha1":"aeea6fc744dc94b8db9ded7375c15d660fa26f5b","sha256":"7fd8fc35f36cb82d01f1e4670de07121f92f381f6a99737f76d451790d042c4f","sha512":"e6d564c3968c2088962f125c5b6d1c7d267b0eaadce033737c77c83e67b53a38daa7071affd601136290e8b77c97b1ba2e6006d2216298f2be2d7aa5cef98c3c","ssdeep":"1536:QaRRaRvehmLP+rZmca79EJXAqbOTKaHaRZEYz5rR:FeimmrZm772J0pyEE5rR","tlshash":"0653f13dba924e21dee4823489e5ded327575f8893636a407c0d390ebbb17d4ce48ad4","first_seen":"2025-09-02T14:47:54.139132Z","last_seen":"2026-04-04T01:48:20.001212Z","times_seen":231,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=274","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=274 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=547","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=547 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.877918442879.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.877918442879.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.877918442879.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=4551ee3bdf30b6f7744dd2294f7a58b3628bb893a77eda9b9601b48cd230ec9581a16a23838a41e31113e8e07a0ce40b3c42576ea68da2608fc6b0de03c1b948aa842fc3d58fce71c1b0485ae05c8dc2d71af452833013a9988912\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 92070c131784a4c7461a900ba7235270\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4778,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTv28cRRSesxOKUCASRImuoACEzzM7s3u7RAhhQlBESEISlAJRzM_zcHs7y87ure3KIlIU0WBRkW79zokFRAgooAqKznSRkHw0uIgF4g9ACCm0aB1LhifNe9-bb4rvzXxzY7PaRxQqvnfpHbdm05Qvhj3cfeGazZSrfffC1S7BPXy6e81mETvdXWlTMX6FUNbDL3bf0nLoFgNMMCaYdM_aQhu3snjAgs3vJqSX4B4LeiRksFL8v_dVBzzvgBrvo5Ng1eypP8z7YOUUstE3Z7Qfli5_-c1RlfLSFTBW2-9lw8zVGYyOoCk6YLLtw9Pg_Ayhz-fAZduHE4Abb7UTgLAzNPfsQxDZ9qFMEOPbj5WKFHQGQj0J9XgKOt0By6cg3XWwahcBSAUXLkI2unPBFTVffczylp2hY4_-BlvP0LGHz0A2-noptSvdKy6tSusyDyumAbsyBTuYQl7tQLk2B7beAVl-DFb9jBYfnYdstHXRpw6s2nteJYInEQkXEqGCBZYkyQIPsVogURRjTmlEBTm4ImumwH0HqnbZDlSmA1XegZHa6zIcM0k4jUyiZB8zzpjSAidxgDFPZB8q2WrfgDLfAJlugCzWIS_WYWg_2w1P7h7_DYrqPvjlve8Z0YrFTOKIRXGUSBLiQBHDqAqVUkHEFI25pDHTCY0pFUEiSMwI68vYEEkJ4yqKE8YID5gxEekTpRKtME10LJWMQ2NIpOMwpJE2_cREfRkYYnQQCk5UxDEmiVGYxzFLtKbGMNWPsOjrOAmCiMY0NIQFfZUwzCTRMUsiQwV4NQ--nKHOu-swVg3UGkHtEdQcQW0R1CWCetzcVqkPfHNHpb4S5LAGh5U2E1cONvltVw50hoAXG1CoZsvmH_nrIMv5yZrxauLaxEXZTLhQzWa-j55ufdEZ3jgBQ73XxYyayIQkFNgwHdAIJ1EcxEoqLHQ_VuBtA9bPHbzmmp2hV-_9Drmdoee2PgXBd8CnOyDtPPDqOPB6QjEGvjwJQgxr2XdulNlhWnk71j3pRr1sAMo1kJfHoFztbKb76NTk8tWl-wdW_eDXVdDyAToMkEUDedHAh_YnBIP05uSyq9HWZVd79O3FvLQju8ZbG18peamf-PJtvVq7Qp074ze-eF22RAvvXtW-PM8zZbOBR18tWaV0cdYVUqN75_w1LS5VfnmpKrIqP3_pjbPnRnmhvbcumwK3M3Tir09A2hk69eOtgy8avnQLZL4OPj_S6R0CkSNILYJUH-1z0YD_Ty-O8Ka_CYOiA7y8DtmogXHRwDhtgKcb4Kv5SZkXD177hR4EiLQzEWmBtkRatLzd6xqqA4lx3I8IjY0mlClpwpglrScp1VD62fKf__zwbwAAAP__TJ1djEAFAAA=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTv28cRRSesxOKUCASRImuoACEzzM7s3u7RAhhQlBESEISlAJRzM_zcHs7y87ure3KIlIU0WBRkW79zokFRAgooAqKznSRkHw0uIgF4g9ACCm0aB1LhifNe9-bb4rvzXxzY7PaRxQqvnfpHbdm05Qvhj3cfeGazZSrfffC1S7BPXy6e81mETvdXWlTMX6FUNbDL3bf0nLoFgNMMCaYdM_aQhu3snjAgs3vJqSX4B4LeiRksFL8v_dVBzzvgBrvo5Ng1eypP8z7YOUUstE3Z7Qfli5_-c1RlfLSFTBW2-9lw8zVGYyOoCk6YLLtw9Pg_Ayhz-fAZduHE4Abb7UTgLAzNPfsQxDZ9qFMEOPbj5WKFHQGQj0J9XgKOt0By6cg3XWwahcBSAUXLkI2unPBFTVffczylp2hY4_-BlvP0LGHz0A2-noptSvdKy6tSusyDyumAbsyBTuYQl7tQLk2B7beAVl-DFb9jBYfnYdstHXRpw6s2nteJYInEQkXEqGCBZYkyQIPsVogURRjTmlEBTm4ImumwH0HqnbZDlSmA1XegZHa6zIcM0k4jUyiZB8zzpjSAidxgDFPZB8q2WrfgDLfAJlugCzWIS_WYWg_2w1P7h7_DYrqPvjlve8Z0YrFTOKIRXGUSBLiQBHDqAqVUkHEFI25pDHTCY0pFUEiSMwI68vYEEkJ4yqKE8YID5gxEekTpRKtME10LJWMQ2NIpOMwpJE2_cREfRkYYnQQCk5UxDEmiVGYxzFLtKbGMNWPsOjrOAmCiMY0NIQFfZUwzCTRMUsiQwV4NQ--nKHOu-swVg3UGkHtEdQcQW0R1CWCetzcVqkPfHNHpb4S5LAGh5U2E1cONvltVw50hoAXG1CoZsvmH_nrIMv5yZrxauLaxEXZTLhQzWa-j55ufdEZ3jgBQ73XxYyayIQkFNgwHdAIJ1EcxEoqLHQ_VuBtA9bPHbzmmp2hV-_9Drmdoee2PgXBd8CnOyDtPPDqOPB6QjEGvjwJQgxr2XdulNlhWnk71j3pRr1sAMo1kJfHoFztbKb76NTk8tWl-wdW_eDXVdDyAToMkEUDedHAh_YnBIP05uSyq9HWZVd79O3FvLQju8ZbG18peamf-PJtvVq7Qp074ze-eF22RAvvXtW-PM8zZbOBR18tWaV0cdYVUqN75_w1LS5VfnmpKrIqP3_pjbPnRnmhvbcumwK3M3Tir09A2hk69eOtgy8avnQLZL4OPj_S6R0CkSNILYJUH-1z0YD_Ty-O8Ka_CYOiA7y8DtmogXHRwDhtgKcb4Kv5SZkXD177hR4EiLQzEWmBtkRatLzd6xqqA4lx3I8IjY0mlClpwpglrScp1VD62fKf__zwbwAAAP__TJ1djEAFAAA= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7f1c2b9a13bb42d86602237a2c6113f4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/5c/a6/f9/5ca6f9517dd500f87e3a4b75cd9c0009/1756661718.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/5c/a6/f9/5ca6f9517dd500f87e3a4b75cd9c0009/1756661718.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76594\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:35:18 GMT\r\netag: \"68b487d6-12b32\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 14:55:59], progressive, precision 8, 320x240, components 3","md5":"69be0ae352649c5c4534bade7a52fcda","sha1":"52c5b614ab2213cd48b483e4336ed81b6c5c40c4","sha256":"637a6132b53002fd82f88455665944757438b103df6e9cac8eb21c9402faecb3","sha512":"2d324c37c48798431de06ce5d34f37b9ca477e02b793c743e8203abc5b2976912ca45ae8a22e55def5eae164752e24df805b327a8cae636debbc4122ed2cfbbd","ssdeep":"1536:Ye0NCH4JwffwHpxlCaw0pQYi64OAEseKD:YesIffwHs3/6VAEsn","tlshash":"1e73f130179b4d23d4d2f57849e9cbd26390f7b93f83a7427aac250173f03a26ca9196","first_seen":"2025-09-02T17:23:30.749389Z","last_seen":"2026-04-04T10:19:45.311856Z","times_seen":1289,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/ren.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3g384OdBjOJJZQ4eFNzZ_prOtEGCa4wsxiQmkSAepLqre7acmqq2qj8mK0IwEHJzczOeep6Z3fUjiHoTDIRZbwtCxtMesiD-AR6EeJWeHVh9od6Pep7D87711q1RcUg8FPTg0jtqkwtBVzttu_XSNS6ZqkzrwtWWY7ft061rXAb-6dawcbp81fH8tv1y660k7qtV13Zs27Gd1jmuk1QNV-coeHYvdNqh3fbdttPxMdT_rU3xPxhqgZWH5CQ4mz35R_oBeDyFHHx_NjH9XGWvvDkoBM2VRsl235N9qSqJwXGaagup3F2wocyMkC-WoOTuogOoctJ0gIjPyNKzjxDJ3YVMROX2kdJIIJGI2BOoyikSMQWnU8TqJjh7SICY4cJFyMHOBaUrev0IpQ06Iyce_wVezciJR89ADr5bE3zYuqJEkXMlDYZpDT6cgvemyIo95JtL4NUe4vwzcPYrWX18HnIwuWiEAmcHL7IwomHgdFbCiLkrfhiGK7RjsxUnCLo29bzAi5z5iHg6BTUWiuZwC0VqocgsDNhBy7e7fuxQL0hDFp-yfer7LInssOvaNg3jUyjiRvsW8mwLsdhCrG9PChmbUfBVxjbyful6k1wXyU5z6Xoj517xYSZcr-t6YRiMnN0jVmdO2m5InVFwzOl23ZGzc8SZU5DpG-jzOw87J6GLBzAbNQxrweQzYr37KUpWo0oIKkNQUYKKE1Q5QVXW20wY19Q7TJgichbRXUSvHqu8N6LbKu8lkoDqLWhWT3j2sbmJOF8eb6aGjVXjaJTXYxqxepQdkqeap7P6t-6inxy0Ypf6p8JOxBw3TGKvS2mUdtOuZ8deGISdAIbX4GZpPvBNPiOv3f8dGZ-RFyafI6J7MGIPMV8GLZ4HrWrQjRqb8kc1kLwvCsPLpB2rQVv2wFSNLD-B_Lo1Eofk6fHlq2sP5nv0fvQJknj_zE93G_sSsa6R6Rof8V8IeuL2-LKqyOSyqgz54WKW8wHfpM2OXclpnix_83ZyvVKarZ81W1-_HjdAk967mpj8PJWMy54h365xxhJ9Tuk4IffXzbUkulSYjbVCyyI7f-mNc-uDTCfGcCWnoHxG_l8_h5jPyMnhyvz_uDfWEWc3YLJjnUYRRJkFwQlEsk8WBhrVMP-qo-N8ZG6jpy3Q_CbkoEapa5SiBhVbMMXyOM_0_pnfvLkhEtY4EtqaREKLO0dzMvyg1XEjL-h2gyQNWOoxz_VY2LGT0Kdh4Id-B7mZbfz598__BAAA__8WPJr84gQAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3g384OdBjOJJZQ4eFNzZ_prOtEGCa4wsxiQmkSAepLqre7acmqq2qj8mK0IwEHJzczOeep6Z3fUjiHoTDIRZbwtCxtMesiD-AR6EeJWeHVh9od6Pep7D87711q1RcUg8FPTg0jtqkwtBVzttu_XSNS6ZqkzrwtWWY7ft061rXAb-6dawcbp81fH8tv1y660k7qtV13Zs27Gd1jmuk1QNV-coeHYvdNqh3fbdttPxMdT_rU3xPxhqgZWH5CQ4mz35R_oBeDyFHHx_NjH9XGWvvDkoBM2VRsl235N9qSqJwXGaagup3F2wocyMkC-WoOTuogOoctJ0gIjPyNKzjxDJ3YVMROX2kdJIIJGI2BOoyikSMQWnU8TqJjh7SICY4cJFyMHOBaUrev0IpQ06Iyce_wVezciJR89ADr5bE3zYuqJEkXMlDYZpDT6cgvemyIo95JtL4NUe4vwzcPYrWX18HnIwuWiEAmcHL7IwomHgdFbCiLkrfhiGK7RjsxUnCLo29bzAi5z5iHg6BTUWiuZwC0VqocgsDNhBy7e7fuxQL0hDFp-yfer7LInssOvaNg3jUyjiRvsW8mwLsdhCrG9PChmbUfBVxjbyful6k1wXyU5z6Xoj517xYSZcr-t6YRiMnN0jVmdO2m5InVFwzOl23ZGzc8SZU5DpG-jzOw87J6GLBzAbNQxrweQzYr37KUpWo0oIKkNQUYKKE1Q5QVXW20wY19Q7TJgichbRXUSvHqu8N6LbKu8lkoDqLWhWT3j2sbmJOF8eb6aGjVXjaJTXYxqxepQdkqeap7P6t-6inxy0Ypf6p8JOxBw3TGKvS2mUdtOuZ8deGISdAIbX4GZpPvBNPiOv3f8dGZ-RFyafI6J7MGIPMV8GLZ4HrWrQjRqb8kc1kLwvCsPLpB2rQVv2wFSNLD-B_Lo1Eofk6fHlq2sP5nv0fvQJknj_zE93G_sSsa6R6Rof8V8IeuL2-LKqyOSyqgz54WKW8wHfpM2OXclpnix_83ZyvVKarZ81W1-_HjdAk967mpj8PJWMy54h365xxhJ9Tuk4IffXzbUkulSYjbVCyyI7f-mNc-uDTCfGcCWnoHxG_l8_h5jPyMnhyvz_uDfWEWc3YLJjnUYRRJkFwQlEsk8WBhrVMP-qo-N8ZG6jpy3Q_CbkoEapa5SiBhVbMMXyOM_0_pnfvLkhEtY4EtqaREKLO0dzMvyg1XEjL-h2gyQNWOoxz_VY2LGT0Kdh4Id-B7mZbfz598__BAAA__8WPJr84gQAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=7; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5857915]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0004b8f4d80ff11e881693e74f0bd916\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1yTz4scxRvGq3f39P0exCieVObgwYA727-mt9sgwTVGgjGJSSSHHKS6qnu2nJ6qtqp7erMgBAMh4MENeDCeep6Z3fVHEPUigoEw6y0gZDztIQviH-BBiEelZxZWfaGrnuJT_fJUvW_dHJYHxENJ9y-8pTZFltGVTttuvXhFSK4q0zp3ueXYbftE64qQgX-itdEMevCy4_lt-3jrjYT11IprO7bt2E7rtNBJqjZWZhQivxs57chu-27b6fjY0P9em3IJhlrggwNyDIJPn_gtvQrBJpD9b04lpleo_KXX-2VGC6Ux4LvvyJ5UlUT_SKbaQip3D3dDmSkhny5Ayd3DE0ANxs0JEIspWXjmEWK5e2gT8WB77jTOkEjE_P-oBhMk2QSCTsDUDQj-kACM49x5yP7OOaUrem1OaUOnZOnxHxDVlCw9ehqy__VaJjZal1RWFkJJg420htiYQHQnyMs9FJsLENUeWPEhBP-ZrDw-C9kfnzeZguD7L_AoplHgdJajmLvLfhRFy7Rj82UnCEKbel7gxc7sikQ6ATUWyuYTFsrUQplb6PP9lm-HPnOoF6QRZ6u2T32fJ7Edha5t04itomSN9y0U-RZYtgWmP9opJTNuZ-jcLd_NMzfoeKEdREPn85yvF72B640LXSZz6IWuF0XB0NmZwxnabhJ0hu48kTd0xo0YervzPZ3__B-G7lHyOUSur6Mnbj_sHIMu78Os1zC8BVNMifX2BxjwGlVCUBmCihJUgqAqCKpBvc0z45p6h2emjJ3D2T2cvXqkiu6Qbquim0gCqregeT0W-fvmBlixONpMDR-pZqBxUY9ozOthfkCebAps9W7eQS_ZbzGX-qtRJ-aOGyXMCymN0zANPZt5URB1AhhRQ5iFWVk2xZS8cu9X5GJKnh9_jJjuwWR7YGIRtHwOtKpB12tsyu9UX4peVhoxSNpM9duyC65q5MUSimvWMDsgT40uXl67P-u2q8fvI2EPTv5wp4nPwHSNXNd4T_xE0M1ujS6qiowvqsqQb8_nheiLTdp04qWCFsnil28m1yql-ZlTZuuLV1kDGnn3cmKKs1RyIbuGfLUmOE_0aaVZQu6dMVeS-EJp1tdKLcv87IXXTp_p5zoxRig5ARVT8r_6WTAxJcf-uj17Zd4n34Pl12HyI59GEcS5hUwQZMkDchigcQ3zj3V8pIfmFrraAi1uQPZrDHSNQVaDZlsw5eKoyPWDk794s0CcWaM409Y4znR2e35PRuy3Ui9xmW2Hq4HjhWnieD5naSf0Ix5Q2_MSFGa6_vufP_4dAAD__yddb0AIBQAA","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1yTz4scxRvGq3f39P0exCieVObgwYA727-mt9sgwTVGgjGJSSSHHKS6qnu2nJ6qtqp7erMgBAMh4MENeDCeep6Z3fVHEPUigoEw6y0gZDztIQviH-BBiEelZxZWfaGrnuJT_fJUvW_dHJYHxENJ9y-8pTZFltGVTttuvXhFSK4q0zp3ueXYbftE64qQgX-itdEMevCy4_lt-3jrjYT11IprO7bt2E7rtNBJqjZWZhQivxs57chu-27b6fjY0P9em3IJhlrggwNyDIJPn_gtvQrBJpD9b04lpleo_KXX-2VGC6Ux4LvvyJ5UlUT_SKbaQip3D3dDmSkhny5Ayd3DE0ANxs0JEIspWXjmEWK5e2gT8WB77jTOkEjE_P-oBhMk2QSCTsDUDQj-kACM49x5yP7OOaUrem1OaUOnZOnxHxDVlCw9ehqy__VaJjZal1RWFkJJg420htiYQHQnyMs9FJsLENUeWPEhBP-ZrDw-C9kfnzeZguD7L_AoplHgdJajmLvLfhRFy7Rj82UnCEKbel7gxc7sikQ6ATUWyuYTFsrUQplb6PP9lm-HPnOoF6QRZ6u2T32fJ7Edha5t04itomSN9y0U-RZYtgWmP9opJTNuZ-jcLd_NMzfoeKEdREPn85yvF72B640LXSZz6IWuF0XB0NmZwxnabhJ0hu48kTd0xo0YervzPZ3__B-G7lHyOUSur6Mnbj_sHIMu78Os1zC8BVNMifX2BxjwGlVCUBmCihJUgqAqCKpBvc0z45p6h2emjJ3D2T2cvXqkiu6Qbquim0gCqregeT0W-fvmBlixONpMDR-pZqBxUY9ozOthfkCebAps9W7eQS_ZbzGX-qtRJ-aOGyXMCymN0zANPZt5URB1AhhRQ5iFWVk2xZS8cu9X5GJKnh9_jJjuwWR7YGIRtHwOtKpB12tsyu9UX4peVhoxSNpM9duyC65q5MUSimvWMDsgT40uXl67P-u2q8fvI2EPTv5wp4nPwHSNXNd4T_xE0M1ujS6qiowvqsqQb8_nheiLTdp04qWCFsnil28m1yql-ZlTZuuLV1kDGnn3cmKKs1RyIbuGfLUmOE_0aaVZQu6dMVeS-EJp1tdKLcv87IXXTp_p5zoxRig5ARVT8r_6WTAxJcf-uj17Zd4n34Pl12HyI59GEcS5hUwQZMkDchigcQ3zj3V8pIfmFrraAi1uQPZrDHSNQVaDZlsw5eKoyPWDk794s0CcWaM409Y4znR2e35PRuy3Ui9xmW2Hq4HjhWnieD5naSf0Ix5Q2_MSFGa6_vufP_4dAAD__yddb0AIBQAA HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv5=true; uncs5=2; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+738c57e32eabd4df8b4c412ead0cbb7f=5974464; expires=Thu, 16 Oct 2025 19:36:29 GMT; path=/; secure; SameSite=None\niprc_l:5974464=1; expires=Thu, 16 Oct 2025 19:36:29 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cec694e9ba3ce3af34c92460dc86e893\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1374062808963.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.1374062808963.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8SQfMkVjIuoV2tPLZJNg44l5ANmpGHpw1hTFdRDu8IU\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.1374062808963.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f4306706a8cddaec4355cf3b7809c0e33bcf1bfa1bc20f27012cf8ed248cbe8ae1ab60d050922ad9410a36ed373867eb23fc11e806b022dc896c586a2f071104b08ecf588d0bf2f4fa74b9e43336928a49a9f572a94e1155b8e80a\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c09f9f945e77eb32e919e666d10fb4c7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4722,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Oct 2025 00:02:45 GMT\r\nexpires: Thu, 15 Oct 2026 00:02:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 70420\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-04T11:49:34.862118Z","times_seen":135081,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa8501-3bd\"\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3buimFD5KeBEZMI13mMgXq4JG3epSEB3WrC%2BPgEJ6nwSXAdJd1%2FuVakmRl1Jf17VWPX6xtAmvvGC0TReusF7qx4v6w5YsR9ogkf9oRlD\"}]}\r\ncf-ray: 98f1c3ffdb82b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 79d041e959a6d8cb0b6aa2d0e00a5690\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"throbcrunchsurely.com/ntv.json?key=359ffd8d92c6d81781d68ca2cfcb4022\u0026vstc=4\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb=","fqdn":"throbcrunchsurely.com","domain":"throbcrunchsurely.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"throbcrunchsurely.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:35:19 GMT","end":"Wed, 31 Dec 2025 08:35:18 GMT"},"fingerprint":{"sha1":"50:72:94:2F:4C:52:0E:93:94:98:D2:04:39:34:0F:85:38:24:92:92","sha256":"A1:7D:09:0B:38:C0:E1:52:80:EB:94:D5:35:4F:7F:DC:F5:5E:0A:9C:B1:82:D5:82:DA:BE:C3:A1:97:1B:81:8D"}}},"request":{"raw":"GET /ntv.json?key=359ffd8d92c6d81781d68ca2cfcb4022\u0026vstc=4\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb= HTTP/1.1\r\nHost: throbcrunchsurely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/json\r\nContent-Length: 11332\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\npdhtkv49=true; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs49=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nu_pl23911790=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nnlec359ffd8d92c6d81781d68ca2cfcb4022=[5941311]; expires=Wed, 15 Oct 2025 19:36:32 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 23\r\nHost: throbcrunchsurely.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a7c5de6287b525f210c85924132095cc\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16370,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4b7f70e9d52940d96a6c04a5c7650099","sha1":"1e787b05a5d5a959b2483696f4f3583d4c41545d","sha256":"1c5e4638642101545bed59cb4699d2a269bcb2f63f72de624803de511f824e35","sha512":"e4ed287c5c663178126c5fb169f87988b24be5b8db586bd1c0754d8c36790686f2dd291bbb96993bd4d079b6c2b691100578f5df5bf22b3cd0cda64b05f98d08","ssdeep":"384:arlmoFs23A3djaml8KWevcC5yhQVRRUEsjLVt29Hd2jgXXM:aQoFs23A9plvV5y2VRuTjLVg99Xc","tlshash":"a872c0ba627cc29b7719c2bc6dce9c5d6d2b3097d91d9a4a143cdd90183b3a0127f089","first_seen":"2025-10-15T19:37:20.472121Z","last_seen":"2025-10-15T19:37:20.472121Z","times_seen":1,"resource_available":false,"data":null}},"time_used":729,"timings":{"blocked":306,"dns":27,"connect":91,"send":0,"wait":117,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 315ea2464f6bfb761309d8e1782642f2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18423\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 395b1fe2e3ce9f48cbd1bcbe104d6552\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ab/a2/97/aba297cff4266d9fb7ec988528d0887c/1756656441.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/ab/a2/97/aba297cff4266d9fb7ec988528d0887c/1756656441.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97898\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:21 GMT\r\netag: \"68b47339-17e6a\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 11:15:21], progressive, precision 8, 300x250, components 3","md5":"8ddff86b7f75e18fcb8f849d3ab9e957","sha1":"410e8f061eacba5fd620fe6316a455e60c27738e","sha256":"3816ac755104818fdfc87a99629189d669324599556861836c3c7846cbf0806f","sha512":"3df550019f616aa453bdc57ad072e45a4ab535f55ba08f5278ff8f5094c2df02cb3c23d7edca1709ffd2a710264a316d396c7e7b8c51d62030b251a73d06f7b0","ssdeep":"1536:M5m3qTN5m3qT2VNz9zM5v848ga9bMAP8OdUccEJEUsP/rNtUy+AWFE8mu+DRP:MI6TNI6TsNz9otZ8gWbMROdXJR6NtUyT","tlshash":"1ba301a5bdc40c21d9e0d738d142c1f262738748ab9363d6bd0f695abfa3acb4d05216","first_seen":"2025-09-02T15:14:42.041484Z","last_seen":"2026-04-04T11:42:40.807218Z","times_seen":925,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/96/34/ac/9634acb83fcdf3e17fdfeff8277050ef/1756656422.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/96/34/ac/9634acb83fcdf3e17fdfeff8277050ef/1756656422.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88669\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:03 GMT\r\netag: \"68b47327-15a5d\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88669,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 09:52:12], progressive, precision 8, 300x250, components 3","md5":"9bd84ed26d2194b5474eeb4a7853a5f4","sha1":"c15dd30cc3a2fdc855ab4a8cde307cd3d5e0aea3","sha256":"582568b484f7fea73c21631b5982cce91c3ac935d48b14a371919ccc9e07f15f","sha512":"856e3f19d718039e9544e3d86d9ef183678f50d4ca010b3f004a5e908108707af6690c2d375edfd8df61cef98f8367c04cb7358d830ef810d4233d54098c58f8","ssdeep":"1536:Pd+Rw6RTyFd+Rw6RTy4hMWYL1ZrR6PPaYSe0QZWFnbAVwNhyrvJ6S2bnm9+:PsDRTyFsDRTyfBL1Z16XXSe0QMFbiXJS","tlshash":"9e83f1606a688f2ae4a59b7872e8d3f76337a76dc3e35991784c7d123f302600d4d2d2","first_seen":"2025-09-02T16:16:24.150956Z","last_seen":"2026-04-03T17:23:29.965887Z","times_seen":933,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78672\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:44 GMT\r\netag: \"68b47314-13350\"\r\nexpires: Fri, 17 Oct 2025 19:36:26 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78672,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:40:19], progressive, precision 8, 300x250, components 3","md5":"066e20100222b78fe9405d18539da6e4","sha1":"aa5e3d971a8d26f99b7fdc0ddacc61c062cd1776","sha256":"0af13aebc4a03fef7e5e9050db1d797bb81bf9f64227866392cb7b97ec045085","sha512":"5c6c20ab83609a25576880ddf9b35f93481a165e6ddd174dd086022bd660d9b1936b8edb37c46d7f0cdbbcd77cbf9753bb7d8b8757692266d45c64dceebb02b0","ssdeep":"1536:BHEqIkq/HEqIkq7lE6c/Fs27oxQhHXNFv3fEH3j0sF6:Bk1kq/k1kqp74HhHv38H3/6","tlshash":"e773f158bb45ee23f8d35b730873e7875a13ae24a3971e90708c7520f7f5b54080e616","first_seen":"2025-09-02T19:16:52.557605Z","last_seen":"2026-04-04T11:42:40.800923Z","times_seen":1066,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/b9/8c/d4/b98cd432afc578f38e130090d8dd2e36/1756656887.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/b9/8c/d4/b98cd432afc578f38e130090d8dd2e36/1756656887.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52997\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:47 GMT\r\netag: \"68b474f7-cf05\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52997,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 13:22:08], progressive, precision 8, 728x90, components 3","md5":"98891a02b8d068a38c187d776f6abd61","sha1":"359e9d3adc37a95813cf2b4f30cadc89e215ade2","sha256":"9148b6b42c957be2274b3cc4018dd486e2b7f1fd0d3dd4176d33d4d30b6a7ad9","sha512":"698cfa3669de0bc924dbb3dc47d88061063ac186fafb515f9f2500b125ee3c0dfc7e082437845db7c2cf9b684d327ab1bd498acc4b4749e1b57a7335d53f2c8e","ssdeep":"768:6SvdlisvdGLwMYyWsDeRST7HSiz+9Hpy9oM0Bfg9T/VAISAmGC9ar5bN:6S10jSItSHAOM0Bfg9LVAhAKwdZ","tlshash":"9833c035a173dd13f9f41a388522ef516b668e1ba2cb766e348d10437bb4b84dc9e013","first_seen":"2025-09-02T16:16:24.154419Z","last_seen":"2026-04-04T01:48:19.957501Z","times_seen":627,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6c29f758a8a2e085d10c3cf6ab73a07e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400,400i,500,700%7CLato:400,400i,700,700i,900%7CRighteous","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Roboto:400,400i,500,700%7CLato:400,400i,700,700i,900%7CRighteous HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 15 Oct 2025 19:36:22 GMT\r\ndate: Wed, 15 Oct 2025 19:36:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26439,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"c7f990408328b49ff03a6a94f00d01c9","sha1":"40ede4da57a7496c0fe6111779162d396f8f70a6","sha256":"54dbf71df880c6da86a292693e7e24ee4f7f5a57ff8676004e02ccb1ac41fe5e","sha512":"1a0778a63ae5ff64a7ae1d1dee9ced2e3eaa630903aeda9abe579624690707b8e281d0bddb16d07389d65787cb8420e49053590b6a9bf928a66ca13e46b20525","ssdeep":"768:WCrrSJ+0qEN9th6XU/9ffQiqGr8vkSfEQNVR1GJuofOQjLXR:WCniMo1","tlshash":"5ac21ca1081b500097835cd223ce7e30fe4fa2507145d075abfd9babfddaca6926936d","first_seen":"2025-10-15T19:37:20.482726Z","last_seen":"2025-11-03T12:21:11.239847Z","times_seen":6,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":159,"dns":1,"connect":20,"send":0,"wait":37,"receive":0,"ssl":144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7a6d4fc23f81089509820ddfbf93a8c9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1381819334900.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1381819334900.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://rashcolonizeexpand.com/watch.1381819334900.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2137e12c840c113bff625bd744e85a0acacc95773015e91754d7d5b5786febefea0267f70f434ff59e89030751567a5efb2af953e0f07e750bd0a79d2b2faff4d67abf5194aa0a104dae04494cae35a19b704e8ee195fbf33eb915\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1f87e40ec17e7b124329ebe683fa34f3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.68266351502.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=bd4a9bae923fd153186209e631bdfc18f93f61c8d7a9f202b07a444ab38a51d40ae1e89f1498ec998489ba7206afc222f5b6827fa47f8a0ba871c8355be86cf1c76760ff28fa1f14021b06182ee61ec16ba6dff41f12075bfc73b8\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.68266351502.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=bd4a9bae923fd153186209e631bdfc18f93f61c8d7a9f202b07a444ab38a51d40ae1e89f1498ec998489ba7206afc222f5b6827fa47f8a0ba871c8355be86cf1c76760ff28fa1f14021b06182ee61ec16ba6dff41f12075bfc73b8\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3398\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=3; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=3; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e6652c1d81282964a362f17a182b1b84\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3890)","md5":"350bdf0628fbbcfab5f947efb23e18bd","sha1":"eab7a92e244b954dcaa5fcf8f7f2c3ff3f0df14a","sha256":"eee84e16a1f3b66893f75b80940b6a05be3d92715d4d478afc106798cdfb37ab","sha512":"70d4548c9a1c83fab4328e206300fea997c93feb95a3d0db8b50726a2ce5cb17b73a5243e474e982d68dced4d3db74a09b6b8d7834f99cce5a84ef3d9872b63b","ssdeep":"96:yoz+0LVuoM8coT4tk/jVJzB27Sqyw1ZDWCfMEDaH:vzNCoMtkxJBZoVWCkCaH","tlshash":"6da11ab87e855138d82574ae837766003f10a60bba41df8ab58ce654af40bf00e289ac","first_seen":"2025-10-15T19:37:20.48644Z","last_seen":"2025-10-15T19:37:20.48644Z","times_seen":1,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.128980453908.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=896d4ef970551211b4126aeef9a7b2ac37a74aa7bceff894e758b4166c5075895a60c91b04d84c1c940a28077bd024e4e90e766dd88471dacdac3042f788b2d5fa35279952232187a1f7a67becfa7e25cc49bc877086f1fde2b058\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.128980453908.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=896d4ef970551211b4126aeef9a7b2ac37a74aa7bceff894e758b4166c5075895a60c91b04d84c1c940a28077bd024e4e90e766dd88471dacdac3042f788b2d5fa35279952232187a1f7a67becfa7e25cc49bc877086f1fde2b058\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 3196\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 6\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 617ef7e4a7db72b2d092f072e37a22ae\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3738)","md5":"93a9c685328d0e69ddef8e9c8681bb35","sha1":"ca10cfd9718d58e990852f028c94763771ac3fe4","sha256":"e1c5426d3c1741cbddeca331d3a3d02a834e4c4306266bb1321f61090a0bbc2d","sha512":"c23504bbcccab48953b982447de0e14c75f46554cda7ecffcab202ccc1ecf900011e91f8b361496d96c16eef53975f5ee136e39c1c1f643a61fea49d4e3a781a","ssdeep":"96:yozE07GGkVJWEloNAiukiVIuk/puyI1ZDWCfMEDaH:vzPGvT+n9iVIukRuhVWCkCaH","tlshash":"cf9118ab6f416178ac9ef86fa9b632153f70d02e1b00d902f84cd2102f10a955fb9ca9","first_seen":"2025-10-15T19:37:20.492134Z","last_seen":"2025-10-15T19:37:20.492134Z","times_seen":1,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":274,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTS4scVRS-PZm4iKCYiEvphQsVp-c-6mkQcYyRYExiEslCRO6rZq5dXbesW9XVmY3BQAhuHFzFXfXpnhkfQdSFuImEHncBIe3GWWRQ_AEiQtxK9wyMXqjz-L5v8Z3inBvDag8xqPjuhTftuklTvux3cPvZKyZTtnbtc5fbBHfwyfYVkwXeyfZgFor-i4R5Hfxc-3Utu3aZYoIxwaR92hQ6sYPlOQsmvx2TTow7Hu0Q34NB8f_eVYvg-CKo_h46DkZNH_8jeQeMnEDW--aUdt3S5i-81qtSXtoC-mr77ayb2TqD3mGZFC1Isu0DNVg3RejWAths-2ACsP3xbAIQZooWnnoAIts-sAmiv7nvVKSgMxDqUaj7E9DpDhg-AWmvg1H3EYBUcO48ZL2tc7ao-dV9ls_YKVp8-DeYeooWHzwJWe_rldQM2pdsWpXGZg4GSQNmMAGzOoG8mkC5vgCm3gFZfgRG_YyWH56FrDc-71ILRu0-o2LB44D4S7FQdMmL43iJ-1gtkSCIMGcsYILMf5FJJsBdC6rZZ1pQJS2o8hb01G7bw5EnCWdBEisZYo97ntICxxHFmMcyhErOvG9AmW-ATDdAFjdvV-_lKWURZXEcDMl2rtbKbt8fl0WlN6tMOn_IDjVRRIdka18zl4xnkiH7fB-ibA5uzUDKhgTy4hp0zaf3_eP3j_4GRXUX3Nru9yqICYtY4HksCgWTgUw8nwgpI6qVL33PE5gyxbWXhJ5PAxULL_EiP1JKJkLHhHkBV17oxX6EE665iqWkIffDOGGaJj71JfEJozyJBJM8DmlC44QnWkU81qGgkU8IVxSHisVJrEOFQxUqlhAtPOxTHBJKCYkjof2QchZFPtfg1GPgyilqvfUh9FUDtUZQOwQ1R1AbBHWJoO43myp11DVbKnWVIAeZHmTWjGy5OuSbtlzVGQJebEChmrHJP3DXQZZHRuuJUyM7C1yUzYgL1QzzPfTEbOla3RvHoKt329hjSZD4xBc48TRlAY6DiEZKKix0GClwpgHjFuarsm6m6KU7v0Nupujp8Scg-A64dAekOQK8Ogq8HjGMga-NqI9hPfvO9jLTTStn-rojba-TrYKyDeTlIpRXW8N0D50YXby8cnd-B-_-OgAt76GDB7JoIC8aeN_8hGA1vTm6aGs0vmhrh749n5emZ9b57EYulbzUj3z5hr5a20KdOeU2vnhFzohZefuyduVZnimTrTr01YpRShenbSE1unPGXdHiQuXWVqoiq_KzF149faaXF9o5Y7MJcDNFx_76GKSZohM_fja_f__5WyDza-DyQ5_OIhA5gtQgSPUhzkUD7j-9OKyH7iasFi3g5XXIeg30iwb6aQM83QBXHRmVeXHv5V_Y_IFIWyORFmgs0mLGm932bDklxlEYEBYlmjBPycSPvFgFHDOmoXTTtT__-eHfAAAA__8ruUHSnQUAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTS4scVRS-PZm4iKCYiEvphQsVp-c-6mkQcYyRYExiEslCRO6rZq5dXbesW9XVmY3BQAhuHFzFXfXpnhkfQdSFuImEHncBIe3GWWRQ_AEiQtxK9wyMXqjz-L5v8Z3inBvDag8xqPjuhTftuklTvux3cPvZKyZTtnbtc5fbBHfwyfYVkwXeyfZgFor-i4R5Hfxc-3Utu3aZYoIxwaR92hQ6sYPlOQsmvx2TTow7Hu0Q34NB8f_eVYvg-CKo_h46DkZNH_8jeQeMnEDW--aUdt3S5i-81qtSXtoC-mr77ayb2TqD3mGZFC1Isu0DNVg3RejWAths-2ACsP3xbAIQZooWnnoAIts-sAmiv7nvVKSgMxDqUaj7E9DpDhg-AWmvg1H3EYBUcO48ZL2tc7ao-dV9ls_YKVp8-DeYeooWHzwJWe_rldQM2pdsWpXGZg4GSQNmMAGzOoG8mkC5vgCm3gFZfgRG_YyWH56FrDc-71ILRu0-o2LB44D4S7FQdMmL43iJ-1gtkSCIMGcsYILMf5FJJsBdC6rZZ1pQJS2o8hb01G7bw5EnCWdBEisZYo97ntICxxHFmMcyhErOvG9AmW-ATDdAFjdvV-_lKWURZXEcDMl2rtbKbt8fl0WlN6tMOn_IDjVRRIdka18zl4xnkiH7fB-ibA5uzUDKhgTy4hp0zaf3_eP3j_4GRXUX3Nru9yqICYtY4HksCgWTgUw8nwgpI6qVL33PE5gyxbWXhJ5PAxULL_EiP1JKJkLHhHkBV17oxX6EE665iqWkIffDOGGaJj71JfEJozyJBJM8DmlC44QnWkU81qGgkU8IVxSHisVJrEOFQxUqlhAtPOxTHBJKCYkjof2QchZFPtfg1GPgyilqvfUh9FUDtUZQOwQ1R1AbBHWJoO43myp11DVbKnWVIAeZHmTWjGy5OuSbtlzVGQJebEChmrHJP3DXQZZHRuuJUyM7C1yUzYgL1QzzPfTEbOla3RvHoKt329hjSZD4xBc48TRlAY6DiEZKKix0GClwpgHjFuarsm6m6KU7v0Nupujp8Scg-A64dAekOQK8Ogq8HjGMga-NqI9hPfvO9jLTTStn-rojba-TrYKyDeTlIpRXW8N0D50YXby8cnd-B-_-OgAt76GDB7JoIC8aeN_8hGA1vTm6aGs0vmhrh749n5emZ9b57EYulbzUj3z5hr5a20KdOeU2vnhFzohZefuyduVZnimTrTr01YpRShenbSE1unPGXdHiQuXWVqoiq_KzF149faaXF9o5Y7MJcDNFx_76GKSZohM_fja_f__5WyDza-DyQ5_OIhA5gtQgSPUhzkUD7j-9OKyH7iasFi3g5XXIeg30iwb6aQM83QBXHRmVeXHv5V_Y_IFIWyORFmgs0mLGm932bDklxlEYEBYlmjBPycSPvFgFHDOmoXTTtT__-eHfAAAA__8ruUHSnQUAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2a2bd6348a49bf602721a6803999054f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu2Xwc8jv8MBFPInPwoOLOVnVVf5RBxDVGgjGJSSQHEamvni2np7vt6p7eLAjBQAheXARBbz3vzO76EUQ9eJFImPUWEHa8uIcsin-AiBCvMrMLqwX9fjzPc3je5n1vDas9RKESu5dey9Zskoglv4PbT12zqc5q175wtU1wB59uX7NpwE63V2ehGDxHKOvgp9uvGNXLljxMMCaYtM_awsTZ6tKcBZvf4aTDcYd5HeIzWC3-27vqODhxHPRgD50Eq6f__z1-E6yaQNr_-oxxvTLLn325XyWizAoY6K030l6a1Sn0D8u4aEGcbh2oIXNThD5ZgCzdOpgAssF4NgFIO0ULjz0AmW4d2AQ52Nh3KhMwKUj9P6gHEzDJNlgxAZXdBKt3EIDScOEipP3NC1lRi-v7rJixU3T04V9g6yk6-uBRSPtfLSd2tX0lS6rSZqmD1bgBuzoB251AXk2gXFsAW2-DKt8Hq39CSw_PQ9ofX3RJBlbvPqm5FDwg_iKX2ltknPNF4WO9SIIgwoLSgEoy_0U2noBwLahmn21BFbegylvQ17tthiOmiKBBzLUKMROMaSMxjzyMBVchVGrmfR3KfB1Usg6quL2Z65WyNxiXRWXGVarc0P9sH_LoHNycgR4dkjvV23ni0cijnAdDsrWv8ueijZnIH_qHmijyhgTy4gb07Ec7_smdY79CUd0Dt7L7HfFIGEZMYuoFSgQBltJ4XiQ0ISpkBEfKZ8TEAeVxSLCRAfU496JAsJAzrpjkQeQzLQJphGeECKKA-qHHRCiDkIuI-MI3EeeKR4RhzGKijJRc65DEwuMBjWNGRWx8pWQcchn5XsywFyhfECYiFsYR15HANIiYR7VkMlYiBqcfB1dOUev192CgG6gNgtohqAWC2iKoSwT1oNnQifNcs6kTV0lykL2DTJtRVnaHYiMruyZFIIp1KHQztvm77iao8shoLXZ6lM2CkGUzElI3w3wPPTJbulbv1gnomd02ZjQOYp_4EsfMeDTAPIi8SCuNpQkjDc42YN3CfFXW7BQ9f_c3yO0UPTH-EKTYBpdsg7JHQFTHQNQjijGIlZHnY1hLv836qe0llbMD01FZv5N2QWcN5OVRKK-3hskeOjW6fHX53vwO3vqlAqPuo4MHqmggLxp4x_6IoJvcHl3OajS-nNUOfXMxL23fronZjVwpRWmOf_GquV5nhT53xq1__qKaEbPyzlXjyvMi1TbtOvTlstXaFGezQhl095y7ZuSlyq0sV0Va5ecvvXT2XD8vjHM2Sycg7BSd-PMDUHaKTv3w6fz-_Wc-BpXfAJcf-nQZApkjSCyCxBziQjbg_tXLw3robkO3aIEob0Lab2BQNDBIGhDJOrjqyKjMi_sv_EznD2TSGsmkQGOZFDPe7rZjajyFcRQGhEaxIZRpFfsR4zoQmFIDpZuu_PH39_8EAAD___ZdhEidBQAA","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu2Xwc8jv8MBFPInPwoOLOVnVVf5RBxDVGgjGJSSQHEamvni2np7vt6p7eLAjBQAheXARBbz3vzO76EUQ9eJFImPUWEHa8uIcsin-AiBCvMrMLqwX9fjzPc3je5n1vDas9RKESu5dey9Zskoglv4PbT12zqc5q175wtU1wB59uX7NpwE63V2ehGDxHKOvgp9uvGNXLljxMMCaYtM_awsTZ6tKcBZvf4aTDcYd5HeIzWC3-27vqODhxHPRgD50Eq6f__z1-E6yaQNr_-oxxvTLLn325XyWizAoY6K030l6a1Sn0D8u4aEGcbh2oIXNThD5ZgCzdOpgAssF4NgFIO0ULjz0AmW4d2AQ52Nh3KhMwKUj9P6gHEzDJNlgxAZXdBKt3EIDScOEipP3NC1lRi-v7rJixU3T04V9g6yk6-uBRSPtfLSd2tX0lS6rSZqmD1bgBuzoB251AXk2gXFsAW2-DKt8Hq39CSw_PQ9ofX3RJBlbvPqm5FDwg_iKX2ltknPNF4WO9SIIgwoLSgEoy_0U2noBwLahmn21BFbegylvQ17tthiOmiKBBzLUKMROMaSMxjzyMBVchVGrmfR3KfB1Usg6quL2Z65WyNxiXRWXGVarc0P9sH_LoHNycgR4dkjvV23ni0cijnAdDsrWv8ueijZnIH_qHmijyhgTy4gb07Ec7_smdY79CUd0Dt7L7HfFIGEZMYuoFSgQBltJ4XiQ0ISpkBEfKZ8TEAeVxSLCRAfU496JAsJAzrpjkQeQzLQJphGeECKKA-qHHRCiDkIuI-MI3EeeKR4RhzGKijJRc65DEwuMBjWNGRWx8pWQcchn5XsywFyhfECYiFsYR15HANIiYR7VkMlYiBqcfB1dOUev192CgG6gNgtohqAWC2iKoSwT1oNnQifNcs6kTV0lykL2DTJtRVnaHYiMruyZFIIp1KHQztvm77iao8shoLXZ6lM2CkGUzElI3w3wPPTJbulbv1gnomd02ZjQOYp_4EsfMeDTAPIi8SCuNpQkjDc42YN3CfFXW7BQ9f_c3yO0UPTH-EKTYBpdsg7JHQFTHQNQjijGIlZHnY1hLv836qe0llbMD01FZv5N2QWcN5OVRKK-3hskeOjW6fHX53vwO3vqlAqPuo4MHqmggLxp4x_6IoJvcHl3OajS-nNUOfXMxL23fronZjVwpRWmOf_GquV5nhT53xq1__qKaEbPyzlXjyvMi1TbtOvTlstXaFGezQhl095y7ZuSlyq0sV0Va5ecvvXT2XD8vjHM2Sycg7BSd-PMDUHaKTv3w6fz-_Wc-BpXfAJcf-nQZApkjSCyCxBziQjbg_tXLw3robkO3aIEob0Lab2BQNDBIGhDJOrjqyKjMi_sv_EznD2TSGsmkQGOZFDPe7rZjajyFcRQGhEaxIZRpFfsR4zoQmFIDpZuu_PH39_8EAAD___ZdhEidBQAA HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=6; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8d67de788e16e3eee90d70bbad5f49b4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":285,"dns":1,"connect":93,"send":0,"wait":99,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Fri, 17 Oct 2025 19:36:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-04-04T09:06:35.652387Z","times_seen":980,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/ren.gif?sid=H4sIAAAAAAAC_1STzYscxRvHq3dz-PHzIEbxpDKCBwPubL9N77RBgmuMBGMSk0gOOUh1V_dsOTVVbVW_bBaEYCDk5gY8GE8935nd9SWIehHBQJj1tiBkPO0hC-If4EGIR6VnB1Yf6Krn4fs5fJ-nn7o1LA6Ih4LuX3xHbXAh6HKnbbdevsolU5Vpnb_Scuy2fbJ1lcvAP9labw5dvup4fts-0Xoriftq2bUd23Zsp3WG6yRV68szFTy7Fzrt0G77btvp-FjX_61N8T8YaoGVB-Q4OJs--Xt6DTyeQA6-PZ2Yfq6yV94cFILmSqNkO-_JvlSVxOAoTbWFVO7MaSgzJeSzBSi5M-8Aqhw3HSDiU7Lw7CNEcmduE1G5deg0EkgkIvYEqnKCREzA6QSxugnOHhIgZjh_AXKwfV7pil4_VGmjTsmxx3-CV1Ny7NEzkINvVgVfb11Wosi5kgbraQ2-PgHvTZAVu8g3FsCrXcT5x-DsF7L8-BzkYHzBCAXO9l9iYUTDwOkshRFzl_wwDJdox2ZLThB0bep5gRc5sxHxdAJqLBTNxy0UqYUiszBg-y3f7vqxQ70gDVm8YvvU91kS2WHXtW0axiso4sb7JvJsE7HYRKxvf5Gxtbxfut4410WyXcjYuN7QuVe8nwnX67peGAZDZ-eQ6sygrQbqDFeOmG7XHTrbh8wMGTfIcAWZvoE-v_Owcxy6eACzVsOwF2HyKbHe_Qglq1ElBJUhqChBxQmqnKAq6y0mjGvqbSZMETnz253fXj1SeW9It1TeSyQB1ZvQrB7z7ENzE3G-ONpIDRup5qBRXo9oxOphdkCean6d1b91F_1kvxW71F8JOxFz3DCJvS6lUdpNu54de2EQdgIYXoObhdnAN_iUvHb_N2R8Sl4Yf4KI7sKIXcR8EbR4HrSqQddqbMjv1UDyvigML5N2rAZt2QNTNbL8GPLr1lAckKdHl66sPpjt0bUTD5DEe6d-vNvE54h1jUzX-ID_TNATt0eXVEXGl1RlyHcXspwP-AZtduxyTvNk8au3k-uV0uzsabP55etxIzTpvSuJyc9RybjsGfL1Kmcs0WeUjhNy_6y5mkQXC7O2WmhZZOcuvnHm7CDTiTFcyQkon5L_188h5lNy_O87s_fjffoD4uwGTHbk0yiCKLMgOIFI9sg8QKMa5l91dJQPzW30tAWa34Qc1Ch1jVLUoGITplgc5ZneO_WrNwtEwhpFQlvjSGhx53BOhu-3Om7kBd1ukKQBSz3muR4LO3YS-jQM_NDvIDfTtT_--umfAAAA__-R6V0S4gQAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1STzYscxRvHq3dz-PHzIEbxpDKCBwPubL9N77RBgmuMBGMSk0gOOUh1V_dsOTVVbVW_bBaEYCDk5gY8GE8935nd9SWIehHBQJj1tiBkPO0hC-If4EGIR6VnB1Yf6Krn4fs5fJ-nn7o1LA6Ih4LuX3xHbXAh6HKnbbdevsolU5Vpnb_Scuy2fbJ1lcvAP9labw5dvup4fts-0Xoriftq2bUd23Zsp3WG6yRV68szFTy7Fzrt0G77btvp-FjX_61N8T8YaoGVB-Q4OJs--Xt6DTyeQA6-PZ2Yfq6yV94cFILmSqNkO-_JvlSVxOAoTbWFVO7MaSgzJeSzBSi5M-8Aqhw3HSDiU7Lw7CNEcmduE1G5deg0EkgkIvYEqnKCREzA6QSxugnOHhIgZjh_AXKwfV7pil4_VGmjTsmxx3-CV1Ny7NEzkINvVgVfb11Wosi5kgbraQ2-PgHvTZAVu8g3FsCrXcT5x-DsF7L8-BzkYHzBCAXO9l9iYUTDwOkshRFzl_wwDJdox2ZLThB0bep5gRc5sxHxdAJqLBTNxy0UqYUiszBg-y3f7vqxQ70gDVm8YvvU91kS2WHXtW0axiso4sb7JvJsE7HYRKxvf5Gxtbxfut4410WyXcjYuN7QuVe8nwnX67peGAZDZ-eQ6sygrQbqDFeOmG7XHTrbh8wMGTfIcAWZvoE-v_Owcxy6eACzVsOwF2HyKbHe_Qglq1ElBJUhqChBxQmqnKAq6y0mjGvqbSZMETnz253fXj1SeW9It1TeSyQB1ZvQrB7z7ENzE3G-ONpIDRup5qBRXo9oxOphdkCean6d1b91F_1kvxW71F8JOxFz3DCJvS6lUdpNu54de2EQdgIYXoObhdnAN_iUvHb_N2R8Sl4Yf4KI7sKIXcR8EbR4HrSqQddqbMjv1UDyvigML5N2rAZt2QNTNbL8GPLr1lAckKdHl66sPpjt0bUTD5DEe6d-vNvE54h1jUzX-ID_TNATt0eXVEXGl1RlyHcXspwP-AZtduxyTvNk8au3k-uV0uzsabP55etxIzTpvSuJyc9RybjsGfL1Kmcs0WeUjhNy_6y5mkQXC7O2WmhZZOcuvnHm7CDTiTFcyQkon5L_188h5lNy_O87s_fjffoD4uwGTHbk0yiCKLMgOIFI9sg8QKMa5l91dJQPzW30tAWa34Qc1Ch1jVLUoGITplgc5ZneO_WrNwtEwhpFQlvjSGhx53BOhu-3Om7kBd1ukKQBSz3muR4LO3YS-jQM_NDvIDfTtT_--umfAAAA__-R6V0S4gQAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3f724b16f46fa19971598977fa6a5f16\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159526\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ab/a2/97/aba297cff4266d9fb7ec988528d0887c/1756656441.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/ab/a2/97/aba297cff4266d9fb7ec988528d0887c/1756656441.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97898\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:21 GMT\r\netag: \"68b47339-17e6a\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 11:15:21], progressive, precision 8, 300x250, components 3","md5":"8ddff86b7f75e18fcb8f849d3ab9e957","sha1":"410e8f061eacba5fd620fe6316a455e60c27738e","sha256":"3816ac755104818fdfc87a99629189d669324599556861836c3c7846cbf0806f","sha512":"3df550019f616aa453bdc57ad072e45a4ab535f55ba08f5278ff8f5094c2df02cb3c23d7edca1709ffd2a710264a316d396c7e7b8c51d62030b251a73d06f7b0","ssdeep":"1536:M5m3qTN5m3qT2VNz9zM5v848ga9bMAP8OdUccEJEUsP/rNtUy+AWFE8mu+DRP:MI6TNI6TsNz9otZ8gWbMROdXJR6NtUyT","tlshash":"1ba301a5bdc40c21d9e0d738d142c1f262738748ab9363d6bd0f695abfa3acb4d05216","first_seen":"2025-09-02T15:14:42.041484Z","last_seen":"2026-04-04T11:42:40.807218Z","times_seen":925,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=469","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=469 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.523065044251.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=41ed484c0646869c1502d1f43d5ddd264d38ac384e93833b29b184147c8f1c314ad689441a24ff6171dd9ed039e8cdc85ff16e85536ef79f67c2f1fe25ba1d6a0019fd0a8849ee3ff4d760b7e892263835f1427d9404c1e8496f3b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.523065044251.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=41ed484c0646869c1502d1f43d5ddd264d38ac384e93833b29b184147c8f1c314ad689441a24ff6171dd9ed039e8cdc85ff16e85536ef79f67c2f1fe25ba1d6a0019fd0a8849ee3ff4d760b7e892263835f1427d9404c1e8496f3b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 3200\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 13\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7f6fe594fa05ba1a9ddf339aeca11c94\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3738)","md5":"48617e06d07c79fb99abdfb674c12bf3","sha1":"1912ce16d5ab0471809aae4e6815d93d3c7a7521","sha256":"582662d613dcd1f0a16a436c87aca376af45b138049138e1706aed7e2cd97efc","sha512":"61e61650b9737708fa99b2ed7176b312311ccf986779648081aa44ee16b60fa560e221b3b8a2dbf077ffa41347d7e44ca63fa8ede17530ae24265a0cf6345b02","ssdeep":"96:yozE0o6SGxoeWfBKSGxl3v2xBbck/ND1uPjbDNHnLr1ZDWCfMEDaH:vzU6SleWfBZG33v2xik8vVWCkCaH","tlshash":"4b915cb53f47b13848a7b1be2671790c3f91a0070b14a781b89dea419f207e84dedcd8","first_seen":"2025-10-15T19:37:20.495872Z","last_seen":"2025-10-15T19:37:20.495872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.742655511332.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=47f7b2493cd0351967f5ad57ba5d4a59257d8eaa52f5b45ae56f72dd888ab14d9826debd160d7ce6390846ef8a225817d831c4be5549ee15fa4ec63beddbb9a0a2c94ea8f121f179a1f13699733d91a5e9bd1fff9a68507ecea7d1\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.742655511332.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=47f7b2493cd0351967f5ad57ba5d4a59257d8eaa52f5b45ae56f72dd888ab14d9826debd160d7ce6390846ef8a225817d831c4be5549ee15fa4ec63beddbb9a0a2c94ea8f121f179a1f13699733d91a5e9bd1fff9a68507ecea7d1\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 2256\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7ab74075b8367be9333e7b45459b5bec\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3738)","md5":"faf87e8e6742f864cd22d2615f9efb98","sha1":"59d888ab176ea0909b9a0e54aa200391d4e911a0","sha256":"23ea062a9aa92f9cc22b52e4bac2ec8bf58786bce8982a28507c4dba02e52243","sha512":"ae41a15aa4d581187eb6473afe93d8ba7a72008aed68db6412525f1ff987e257eb52ea7704dca1f472e143d7cee8c72b826d74f818b46b40177e1eabb44e8a88","ssdeep":"96:yoz/s0oxDnIAMf9EPqk/YnIAMf9EPj1ZDWCfMEDaH:vz/cxDIA46SkAIA46ZVWCkCaH","tlshash":"c591f894aed59a28a847303f55bb505e3f66920e1a05cb83fd4cda852f307e94df48bc","first_seen":"2025-10-15T19:37:20.500495Z","last_seen":"2025-10-15T19:37:20.500495Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1441157358012.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1441157358012.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://rashcolonizeexpand.com/watch.1441157358012.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=64bce124e58d071f210e2be949cb82eb5fdcd349abeaa99b01658213f9b717fd4529e1a69ce282b876ffcf68189dac168cc0171392f6c166a67b0b16645a03593fd1e3f0469cf8227d75c842cb30797e5a3965952d40037950b91b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; expires=Wed, 15 Oct 2025 19:37:25 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 28d0a7015558a62e9d773bca7ca2cbb2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.383821726150.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.383821726150.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.w_88Kt97WnEIprWAD2hQ69_2zkWEdKyBUQ-LnfpS0YI; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://skinnycrawlinglax.com/watch.383821726150.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=d9946e0c366ab46a1907a5c129f031afe026ec63374220edf5f9c9b8e2dee916c2d7ebe1689d20a7acab8311b1e5ef4c9f66def1336e1e71f0dba1edb6656bdd8d64463d324af7e2af22bb21cae3f493a38e24b76ded0f37d98df7\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MywiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.-jRzJ9aO6K9rZOmsLfBRn6sTJ3wkA7s8DUgaU_y_ovg; expires=Wed, 15 Oct 2025 19:37:27 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dabecf4c208c7e349e676d634f721437\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/f9/ac/55/f9ac551b25c9b589fc97d44eaf092491adc1b8251ef433b7cb57256a5f74dc77.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/f9/ac/55/f9ac551b25c9b589fc97d44eaf092491adc1b8251ef433b7cb57256a5f74dc77.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 54201\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 16 Mar 2025 03:27:50 GMT\r\netag: \"67d64536-d3b9\"\r\nexpires: Fri, 17 Oct 2025 19:36:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54201,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"138819c70190c8244c8cbb88bf5a26fc","sha1":"a7a17f536fc942b5332a0f1556cf2210947e5729","sha256":"9f12ddd2a0009b4d719e46811f092d292a164c7da194883dd8917bf562c7d0c0","sha512":"60ef6d7f2bbb9d8bf2359d2ae305a11ddffc2923e9101e6b4f082fa0468cbe19d2111129375c0e47e87946a77632ceb2bbafe6e6ff3174470fdfbabcc750656e","ssdeep":"1536:R7e+o+T73Zz8/xSuLYzkciRGp6nliYjXmP5MZmZz7:5V1uxSQwkLRGpuiYjXyMy","tlshash":"713302233f284267e03925730aade1969b7eb7ae733494d7b70d01c98b442c71177b86","first_seen":"2025-04-17T19:54:42.308233Z","last_seen":"2026-01-06T02:07:44.480608Z","times_seen":359,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/b9/8c/d4/b98cd432afc578f38e130090d8dd2e36/1756656887.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/b9/8c/d4/b98cd432afc578f38e130090d8dd2e36/1756656887.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52997\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:47 GMT\r\netag: \"68b474f7-cf05\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52997,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 13:22:08], progressive, precision 8, 728x90, components 3","md5":"98891a02b8d068a38c187d776f6abd61","sha1":"359e9d3adc37a95813cf2b4f30cadc89e215ade2","sha256":"9148b6b42c957be2274b3cc4018dd486e2b7f1fd0d3dd4176d33d4d30b6a7ad9","sha512":"698cfa3669de0bc924dbb3dc47d88061063ac186fafb515f9f2500b125ee3c0dfc7e082437845db7c2cf9b684d327ab1bd498acc4b4749e1b57a7335d53f2c8e","ssdeep":"768:6SvdlisvdGLwMYyWsDeRST7HSiz+9Hpy9oM0Bfg9T/VAISAmGC9ar5bN:6S10jSItSHAOM0Bfg9LVAhAKwdZ","tlshash":"9833c035a173dd13f9f41a388522ef516b668e1ba2cb766e348d10437bb4b84dc9e013","first_seen":"2025-09-02T16:16:24.154419Z","last_seen":"2026-04-04T01:48:19.957501Z","times_seen":627,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":131,"dns":30,"connect":19,"send":0,"wait":43,"receive":12,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4sdxRauO8l7i_cWYiK6k7twoeLcqerqru42iDjGSDAmMYlkIS5O_eiZcvp2tV3dtyeDi8FACCI4uNJdz7mTDGoQdaGrSLjjLiDkunEWGRT_ABEhbuVOBkYP1Dnfqa8W36n66tpms0c4NrB7_nW3ZvMcFqIB7T992Rbatb5_9lKf0QE90b9sCxGe6K_OUjV6nvFwQJ_pv2rUilsIKKOUUdY_ZSuTudWFfRZteStlg5QOwmDAohBXq3_3vumhhx7q0R45hlZPH_ktewutmmAx_Oqk8Su1K597ZdjkULsKR3r7zWKlcG2Bw0OYVT3Miu2D0-j8lJBP5tAV2wcToBttzSZAaadk7vH7KIvtA5koRzceKpU5mgKl_j-2owmafActTFC5q2j1PYKoNJ49h8Xw5llXtXDlIQszdkqOPvgTbTslR-8_hsXwy8XcrvYvuryprSs8rmYd2tUJ2qUJls0O1mtzaNsdVPX7aPWPZOHBGSyGW-d87tDq3ad0KiEVLJpPpQ7mwzRN5yGiep4JkVDgXHDJ9q_IZhME38NmtmwPm6yHTdnDod7thzQJFQMuslSrmIYQhtpImiYBpZCqGBs1076BdbmBKt9AVa1jWa3jiv34XnTs3n9-waq5g35591saMh5IEYhYhUCp4hmPVRgkEGRBFqvQxExqnkoQEVM05lpmJgAdZkKmIfAk48CZTAQIFsaCM2kClYhMC2VUEmmZsIyySMXaZABRHApJjc6YyaSShmc0igSDNBYm4bGRCpRUgoowFIZxpoNEyDDiMmaxolQACAlgDEev59DXU9J7Yx1HusPWEGw9wRYItpZgWxNsR90NnfvAdzd17hvJDmpwUHk3dvXSJtxw9ZIpCEK1gZXutmz5rr-Kqj4yXsu8HrtZAll3Y5C62yz3yKMzX_RWrr2HK2a3ryGkUZxFQhtQTAGYOEwCGnGIk4wBoLcdWj-3_5prdkpeuP0rlnZKntz6CCXsoM93UNkjCM0TCO04DhKEZUwprhXfuGFhV_LG25EZKDccFEuoXYdlfRTrK73NfI8cH1-4tHhn36lv__whGnWXHASqqsOy6vAd-wPBpfz6-IJrydYF13ry9bmytkO7BjMXX6yhNv_9_DVzpXWVPn3Sb3z2kpoRM3jrkvH1GSi0LZY8-WLRam2qU65Shtw-7S8beb7xy4tNVTTlmfMvnzo9LCvjvXXFBMFOyf_--ACVnZLj33-6_0OjZ2-hKtfRl4c6vSMoS4K5JZibw32QHfp_9PIQb_rruFT1EOqrWAw7HFUdjvIOId9A3xwZ12V198Wf-H6gzHtjmVdkS-bVjLe7_YybQFGaxILxJDOMh1plURKmWgDl3GDtp8u___Xd3wEAAP__2LGpcD8FAAA=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4sdxRauO8l7i_cWYiK6k7twoeLcqerqru42iDjGSDAmMYlkIS5O_eiZcvp2tV3dtyeDi8FACCI4uNJdz7mTDGoQdaGrSLjjLiDkunEWGRT_ABEhbuVOBkYP1Dnfqa8W36n66tpms0c4NrB7_nW3ZvMcFqIB7T992Rbatb5_9lKf0QE90b9sCxGe6K_OUjV6nvFwQJ_pv2rUilsIKKOUUdY_ZSuTudWFfRZteStlg5QOwmDAohBXq3_3vumhhx7q0R45hlZPH_ktewutmmAx_Oqk8Su1K597ZdjkULsKR3r7zWKlcG2Bw0OYVT3Miu2D0-j8lJBP5tAV2wcToBttzSZAaadk7vH7KIvtA5koRzceKpU5mgKl_j-2owmafActTFC5q2j1PYKoNJ49h8Xw5llXtXDlIQszdkqOPvgTbTslR-8_hsXwy8XcrvYvuryprSs8rmYd2tUJ2qUJls0O1mtzaNsdVPX7aPWPZOHBGSyGW-d87tDq3ad0KiEVLJpPpQ7mwzRN5yGiep4JkVDgXHDJ9q_IZhME38NmtmwPm6yHTdnDod7thzQJFQMuslSrmIYQhtpImiYBpZCqGBs1076BdbmBKt9AVa1jWa3jiv34XnTs3n9-waq5g35591saMh5IEYhYhUCp4hmPVRgkEGRBFqvQxExqnkoQEVM05lpmJgAdZkKmIfAk48CZTAQIFsaCM2kClYhMC2VUEmmZsIyySMXaZABRHApJjc6YyaSShmc0igSDNBYm4bGRCpRUgoowFIZxpoNEyDDiMmaxolQACAlgDEev59DXU9J7Yx1HusPWEGw9wRYItpZgWxNsR90NnfvAdzd17hvJDmpwUHk3dvXSJtxw9ZIpCEK1gZXutmz5rr-Kqj4yXsu8HrtZAll3Y5C62yz3yKMzX_RWrr2HK2a3ryGkUZxFQhtQTAGYOEwCGnGIk4wBoLcdWj-3_5prdkpeuP0rlnZKntz6CCXsoM93UNkjCM0TCO04DhKEZUwprhXfuGFhV_LG25EZKDccFEuoXYdlfRTrK73NfI8cH1-4tHhn36lv__whGnWXHASqqsOy6vAd-wPBpfz6-IJrydYF13ry9bmytkO7BjMXX6yhNv_9_DVzpXWVPn3Sb3z2kpoRM3jrkvH1GSi0LZY8-WLRam2qU65Shtw-7S8beb7xy4tNVTTlmfMvnzo9LCvjvXXFBMFOyf_--ACVnZLj33-6_0OjZ2-hKtfRl4c6vSMoS4K5JZibw32QHfp_9PIQb_rruFT1EOqrWAw7HFUdjvIOId9A3xwZ12V198Wf-H6gzHtjmVdkS-bVjLe7_YybQFGaxILxJDOMh1plURKmWgDl3GDtp8u___Xd3wEAAP__2LGpcD8FAAA= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c70e5bf422dd32d384ef201a60531b3a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTTYscVRe-PUneF_IuXkzEpfTChYrTcz-qqqsMIo4xEoxJTCJZiMj97Ll2dd2yblXXZFbBYAhuHMSF7qpPd2b8CKIuxE0k9LgLCGk3ziKD4g8QEeJWujMweqDOx_OcxXOK514fVXuIQcV3z7_qNmya8pWwg9tPXraZcrVvn73UJriDT7Qv2ywKTrTX56kYPktY0MFPtV_Wsu9WKCYYE0zap2yhjVtfWbBg81sJ6SS4E9AOCQNYL_49-6oFnrdADffQMbBq9v_fzBtg5RSywVcnte-XLn_mpUGV8tIVMFTbr2f9zNUZDA5aU7TAZNv72-D8DKGPl8Bl2_sXgBtO5heAsDO09Nh9ENn2vkwQw5sPlYoUdAZC_Q_q4RR0ugOWT0G6a2DVPQQgFZw9B9lg66wran7lIcvn7AwdfvAn2HqGDt9_FLLBl6upXW9fdGlVWpd5WDcN2PUp2N4U8moHyo0lsPUOyPJdsOpHtPLgDGSDyTmfOrBq9wmVCJ5EJFxOhKLLQZIkyzzEaplEUYw5YxETZPGLrJkC9y2o5p9tQWVaUOUtGKjddoDjQBLOIpMo2cUBDwKlBU5iijFPZBcqOde-CWW-CTLdBFm8t1Vl0lM2Ireqt_KUspiyJIlGZCtXa2V_OCmLSk_mOyPy6UOIsgUIeXEV-vbDe-Gxe0d-gaK6A35t91sTMBx1ccRjqRTXMmBhKA0T3RgnEmvGhDREGE6EpNjQLiZUmlgrGsRS6JhrwkWEFQ5xQilXSUAwZ5FWrMviqKsFZUYSomMcCUypknESyTCOODW4SwgOBI61NGEcKywMNYHh3UAkOmCMRQmNeZDwxIRdypNAExKGItYx5uDVf8GXM9R67SoMVQO1RlB7BDVHUFsEdYmgHjY3Veqpb7ZU6itB9ivdr6wZu7I34jdd2dMZAl5sQqGaic3f8ddAlofGG8arsZsnLspmzIVqRvkeemRuqFb_-lHo6902DpiJTEhCgU2gKYtwEsU0VlJhobuxAm8bsH5pYYMNO0PP3f4VcjtDj08-AMF3wKc7IO0h4NUR4PWYYQx8bUxDDBvZN26Q2X5aeTvUHekGnawHyjWQl4ehvNIapXvo-PjCpdU7C4-_-XMJWt5F-wGyaCAvGnjb_oCgl94YX3A1mlxwtUdfn8tLO7AbfO7_iyUv9X8-f0VfqV2hTp_0m5-9IOfEvL11SfvyDM-UzXoefbFqldLFKVdIjW6f9pe1OF_5tdWqyKr8zPkXT50e5IX23rpsCtzO0NE_3gdpZ-j4958s3nb49Ecg86vg8wOd3iEQOYLUIkj1Ac5FA_4fszjoR_4G9IoW8PIaZIMGhkUDw7QBnm6Crw6Ny7y4-_xPbBEg0tZYpAWaiLSY83a3bZimEuO4GxEWG01YoOY2DBIVccyYhtLP1n7_67u_AwAA__9XlHmxeQUAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTTYscVRe-PUneF_IuXkzEpfTChYrTcz-qqqsMIo4xEoxJTCJZiMj97Ll2dd2yblXXZFbBYAhuHMSF7qpPd2b8CKIuxE0k9LgLCGk3ziKD4g8QEeJWujMweqDOx_OcxXOK514fVXuIQcV3z7_qNmya8pWwg9tPXraZcrVvn73UJriDT7Qv2ywKTrTX56kYPktY0MFPtV_Wsu9WKCYYE0zap2yhjVtfWbBg81sJ6SS4E9AOCQNYL_49-6oFnrdADffQMbBq9v_fzBtg5RSywVcnte-XLn_mpUGV8tIVMFTbr2f9zNUZDA5aU7TAZNv72-D8DKGPl8Bl2_sXgBtO5heAsDO09Nh9ENn2vkwQw5sPlYoUdAZC_Q_q4RR0ugOWT0G6a2DVPQQgFZw9B9lg66wran7lIcvn7AwdfvAn2HqGDt9_FLLBl6upXW9fdGlVWpd5WDcN2PUp2N4U8moHyo0lsPUOyPJdsOpHtPLgDGSDyTmfOrBq9wmVCJ5EJFxOhKLLQZIkyzzEaplEUYw5YxETZPGLrJkC9y2o5p9tQWVaUOUtGKjddoDjQBLOIpMo2cUBDwKlBU5iijFPZBcqOde-CWW-CTLdBFm8t1Vl0lM2Ireqt_KUspiyJIlGZCtXa2V_OCmLSk_mOyPy6UOIsgUIeXEV-vbDe-Gxe0d-gaK6A35t91sTMBx1ccRjqRTXMmBhKA0T3RgnEmvGhDREGE6EpNjQLiZUmlgrGsRS6JhrwkWEFQ5xQilXSUAwZ5FWrMviqKsFZUYSomMcCUypknESyTCOODW4SwgOBI61NGEcKywMNYHh3UAkOmCMRQmNeZDwxIRdypNAExKGItYx5uDVf8GXM9R67SoMVQO1RlB7BDVHUFsEdYmgHjY3Veqpb7ZU6itB9ivdr6wZu7I34jdd2dMZAl5sQqGaic3f8ddAlofGG8arsZsnLspmzIVqRvkeemRuqFb_-lHo6902DpiJTEhCgU2gKYtwEsU0VlJhobuxAm8bsH5pYYMNO0PP3f4VcjtDj08-AMF3wKc7IO0h4NUR4PWYYQx8bUxDDBvZN26Q2X5aeTvUHekGnawHyjWQl4ehvNIapXvo-PjCpdU7C4-_-XMJWt5F-wGyaCAvGnjb_oCgl94YX3A1mlxwtUdfn8tLO7AbfO7_iyUv9X8-f0VfqV2hTp_0m5-9IOfEvL11SfvyDM-UzXoefbFqldLFKVdIjW6f9pe1OF_5tdWqyKr8zPkXT50e5IX23rpsCtzO0NE_3gdpZ-j4958s3nb49Ecg86vg8wOd3iEQOYLUIkj1Ac5FA_4fszjoR_4G9IoW8PIaZIMGhkUDw7QBnm6Crw6Ny7y4-_xPbBEg0tZYpAWaiLSY83a3bZimEuO4GxEWG01YoOY2DBIVccyYhtLP1n7_67u_AwAA__9XlHmxeQUAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f5014331be7f1e37a03120893b1b6860\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f28a1198c98b94df67a70edb79176a48/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f28a1198c98b94df67a70edb79176a48/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18419\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 32f1a998192b9e33928828826a2112d3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46240,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46240), with no line terminators","md5":"1b6f63485a13de76db800d7d0ed6ed47","sha1":"8110d51a96beeae63596712c53df0a45b5f95d22","sha256":"a102811c1c6873636fdb6b660487b3e75803287c8541812e38a6a476f057ce9f","sha512":"0c41518a97277358e27e2d01f1fcaabde821a1b5ae339b2a6760339e6b7eb0a919a378007efb8d8203a3226dfdb5e136cb6fdf9e10d211e05fc4c8b53abd0afd","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yyb4j7NT:36rxKbk0CrQ+fdwNDba1lIlcPEVNT","tlshash":"3623c48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.506616Z","last_seen":"2025-10-15T19:37:20.506616Z","times_seen":1,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1217046057123.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=e116b3bf754b037e99d8e037b58765b20d712e55fa3cb98dbd49f35910a5b9e268e8c3620b1eabbf13f0053fdf435de26a1fe40c2b896490576d733939ae3d84865956a4c0c4474abeed8d7e93f231920f059f133a9b5ab97f8d77\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1217046057123.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=e116b3bf754b037e99d8e037b58765b20d712e55fa3cb98dbd49f35910a5b9e268e8c3620b1eabbf13f0053fdf435de26a1fe40c2b896490576d733939ae3d84865956a4c0c4474abeed8d7e93f231920f059f133a9b5ab97f8d77\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 3419\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs=3; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f74b51a2cb15bcaad02ebb402045eb61\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4812,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3936)","md5":"bba12283ebf67cf2fa77956088ff6689","sha1":"58dbc82924a16221667ecc3a2cc90a4fd0c7d2f3","sha256":"e2e1069d76c03bc9dc06bf2b57f49808f6c957f54fd74924a1496f2b82109884","sha512":"a8d1c73337c7d19306882bb3b67c434b629ee7aa321d7ef54d54d0a708c68a9a6471a07c450bddbcad525a812c85dc6b9636c4a9ae09b2137390f629e4475c45","ssdeep":"96:yoz3t069Ibt1IPXdqZd5yET7RnKk/y8B2ifg2KllTKWa1eAa1ZDWCfMEDaH:vzLmGMdcEvRnKkRIygt3AuVWCkCaH","tlshash":"dda16db12f8973b42c95b43e453b616c2f6252073a20e6867f9de7502f202fc263c5a9","first_seen":"2025-10-15T19:37:20.510803Z","last_seen":"2025-10-15T19:37:20.510803Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/feeds/posts/default/-/?orderby=published\u0026alt=json-in-script\u0026callback=labelthumbs","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /feeds/posts/default/-/?orderby=published\u0026alt=json-in-script\u0026callback=labelthumbs HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 15 Oct 2025 19:36:21 GMT\r\nserver: Blogger Render Server 1.0\r\ncontent-length: 193\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":193,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"83b482393f028e6de91b032e7fae746b","sha1":"50bad14cd7b4602d7b9f1ef6d769288588594fc8","sha256":"031cbc91f964c96aa1975380c3bd66f5fe254439f3281bf0e06bc385c3912aa2","sha512":"513a494d65834c6f9adcb789c4406362fb314ad6b6df2614476a39c491c13b10ea5f090a07bb19dd8266f4b0c012681b98c8e07bf5515faf3d165ef5cd7689be","ssdeep":"","tlshash":"eac0227a147e08c151801cfaa1a8602d0ad83805b8870cf8802dea28b4e0180c0803c6","first_seen":"2023-03-12T23:39:14Z","last_seen":"2026-03-30T00:42:48.723978Z","times_seen":870,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1154506335423.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.1154506335423.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.1154506335423.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=04132b6267c4a00c3f37c428a2f2f7c4e71bd39ba651c073dbfe2ad4f6b94a38f3a31b86a6147631be2c86fd6cec85db81f015c7defaa5746b0edf1efbcbe3f05561a976e837ebcacbc606446e131d286b453b717c006aa6baaee3\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8SQfMkVjIuoV2tPLZJNg44l5ANmpGHpw1hTFdRDu8IU; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fe875072b973c2e34c080e5e8cea5432\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4612,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":652,"timings":{"blocked":269,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RUz4scRRSu2U08xIOaiEeZgwcVd7Z-dPdUG0RcYyQYk5hEchCR-tW75fR0tV3d05u9GAyG4MXFi3rreTObRQ2iHgQPkTDrLSBkvLiHLIp_gIgQrzKThdUH_X58Xx--V3xV14bVHmJQid1zr7sNm6ZiOezg9tOXbKZd7dtnLrYJ7uDj7Us2i4Lj7fVZKgbPExZ08DPtV43quWWKCcYEk_ZJW5jErS_PWbD5zZh0YtwJaIeEAawX_599tQheLIIe7KGjYPX0kT-St8CqCWT9b04Y3ytd_twr_SoVpStgoLffzHqZqzPoH7RJ0YIk297_G5yfIvTZArhse38DcIPxbAOQdooWnrgHMtvelwlysPVAqUzBZCD1w1APJmDSHbBiAspdBavvIgCl4cxZyPo3zriiFpcfsGLGTtGh-3-Drafo0L3HIet_vZLa9fYFl1aldZmH9aQBuz4BuzqBvJpAubEAtt4BVX4AVv-Mlu-fhqw_PutTB1bvPqVjKeKIhEux1HQpiON4SYRYL5Eo4lgwFjFJ5kdkkwkI34Jq9tkWVEkLqrwFfb3bDjAPFBEsSmKtujgQQaCNxDGnGItYdaFSM-2bUOaboNJNUMWHN3K9VvYG47KozLjKlB_S7QdQOMe2Zlg4pDerd_KUMk4Z53RIIC-uQM9-cjc8evfwb1BUt8Gv7X6vIp3giLMuljLgCSWcBSKMmSQRT7pdSQMjNGFShIRwqRPaDRNMiNAqkQwHTNFYURZKyo2WXSG6XPGgG8RRxEPDYkZERIWOVSg5FVoZThUOGReSxdToQJMkiZQmsqsZjTiRzAgSRYqFAcUJNUIYZnjX4IRyGdBAMRwktAtePwq-nKLWG-_DQDdQGwS1R1ALBLVFUJcI6kGzpVNPfXNDp76SZL_S_cqakStXh2LLlasmQyCKTSh0M7b5e_4qqHJxtJF4PXKzJGTZjITUzTDfQ4_N7NTqXTsCPbPbxgFLoiQkocRJYCiLcBxxyrXSWJou1-BtA9YvzE2wYafohVu_Q26n6MnxxyDFDvh0B5RdBFEdBlGPGMYg1kY0xLCRfef6me2llbcD01Gu38lWQbsG8vIQlJdbw3QPHRudv7hye-7wt3-twag7aD9AFQ3kRQPv2p8QrKbXR-ddjcbnXe3Rt2fz0vbthpi5_0IpSvPQl6-Zy7Ur9KkTfvOLl9SMmLU3LxpfnhaZttmqR1-tWK1NcdIVyqBbp_wlI89Vfm2lKrIqP33u5ZOn-nlhvLcum4CwU3Tkr49A2Sk69uPn85sdPvspqPwK-PxAp3cIZI4gtQhSc4AL2YD_zywP-qG_DqtFC0R5FbJ-A4OigUHagEg3Z8_VqMyLOy_-wuYBMm2NZFqgsUyLGW932wkzVGHMuxFhPDGEBVolIQ9iHQnMmIHST9f-_OeHfwMAAP__bLK6hHcFAAA=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RUz4scRRSu2U08xIOaiEeZgwcVd7Z-dPdUG0RcYyQYk5hEchCR-tW75fR0tV3d05u9GAyG4MXFi3rreTObRQ2iHgQPkTDrLSBkvLiHLIp_gIgQrzKThdUH_X58Xx--V3xV14bVHmJQid1zr7sNm6ZiOezg9tOXbKZd7dtnLrYJ7uDj7Us2i4Lj7fVZKgbPExZ08DPtV43quWWKCcYEk_ZJW5jErS_PWbD5zZh0YtwJaIeEAawX_599tQheLIIe7KGjYPX0kT-St8CqCWT9b04Y3ytd_twr_SoVpStgoLffzHqZqzPoH7RJ0YIk297_G5yfIvTZArhse38DcIPxbAOQdooWnrgHMtvelwlysPVAqUzBZCD1w1APJmDSHbBiAspdBavvIgCl4cxZyPo3zriiFpcfsGLGTtGh-3-Drafo0L3HIet_vZLa9fYFl1aldZmH9aQBuz4BuzqBvJpAubEAtt4BVX4AVv-Mlu-fhqw_PutTB1bvPqVjKeKIhEux1HQpiON4SYRYL5Eo4lgwFjFJ5kdkkwkI34Jq9tkWVEkLqrwFfb3bDjAPFBEsSmKtujgQQaCNxDGnGItYdaFSM-2bUOaboNJNUMWHN3K9VvYG47KozLjKlB_S7QdQOMe2Zlg4pDerd_KUMk4Z53RIIC-uQM9-cjc8evfwb1BUt8Gv7X6vIp3giLMuljLgCSWcBSKMmSQRT7pdSQMjNGFShIRwqRPaDRNMiNAqkQwHTNFYURZKyo2WXSG6XPGgG8RRxEPDYkZERIWOVSg5FVoZThUOGReSxdToQJMkiZQmsqsZjTiRzAgSRYqFAcUJNUIYZnjX4IRyGdBAMRwktAtePwq-nKLWG-_DQDdQGwS1R1ALBLVFUJcI6kGzpVNPfXNDp76SZL_S_cqakStXh2LLlasmQyCKTSh0M7b5e_4qqHJxtJF4PXKzJGTZjITUzTDfQ4_N7NTqXTsCPbPbxgFLoiQkocRJYCiLcBxxyrXSWJou1-BtA9YvzE2wYafohVu_Q26n6MnxxyDFDvh0B5RdBFEdBlGPGMYg1kY0xLCRfef6me2llbcD01Gu38lWQbsG8vIQlJdbw3QPHRudv7hye-7wt3-twag7aD9AFQ3kRQPv2p8QrKbXR-ddjcbnXe3Rt2fz0vbthpi5_0IpSvPQl6-Zy7Ur9KkTfvOLl9SMmLU3LxpfnhaZttmqR1-tWK1NcdIVyqBbp_wlI89Vfm2lKrIqP33u5ZOn-nlhvLcum4CwU3Tkr49A2Sk69uPn85sdPvspqPwK-PxAp3cIZI4gtQhSc4AL2YD_zywP-qG_DqtFC0R5FbJ-A4OigUHagEg3Z8_VqMyLOy_-wuYBMm2NZFqgsUyLGW932wkzVGHMuxFhPDGEBVolIQ9iHQnMmIHST9f-_OeHfwMAAP__bLK6hHcFAAA= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fa743bcb1025b7be747c5df5b144b9c0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pl24184826.cpmrevenuegate.com/26/04/4c/26044c9034d41067e4eeac3c8b2a25ba.js","fqdn":"pl24184826.cpmrevenuegate.com","domain":"cpmrevenuegate.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpmrevenuegate.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 Aug 2025 22:51:56 GMT","end":"Sat, 15 Nov 2025 22:51:55 GMT"},"fingerprint":{"sha1":"A5:EC:DF:72:70:00:89:A8:4D:E9:01:D9:7D:24:9F:D7:5E:65:53:18","sha256":"75:22:77:90:37:3E:ED:61:45:92:0A:57:C6:6C:43:66:2E:0B:69:F2:02:A1:B0:64:49:8E:21:AB:35:E7:BA:71"}}},"request":{"raw":"GET /26/04/4c/26044c9034d41067e4eeac3c8b2a25ba.js HTTP/1.1\r\nHost: pl24184826.cpmrevenuegate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38388\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 8\r\nHost: pl24184826.cpmrevenuegate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d338d31b51d2cb03f80962d6eee43a47\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":106648,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"69207f466930d91deddf3a6379360ae0","sha1":"ac54f8641b2f85b71dd58dd89ec0a4e5277dd689","sha256":"89bcb6d94c758ffb15fe08bdcaf5bc59558a63cb59afbfc856dad7dd80a29fbe","sha512":"e77e533d8d3a83e8ceb7f2912ac978000866ff8c36b62da73c4ad62594a21528f6f60ad59c70ebba57f477f0829070737ec26bd69978441d3000b1f29006708f","ssdeep":"1536:99TDYewwZykXTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9N9rvQ:fnDT9RCgZ0eQp29N9rvQ","tlshash":"41a3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","first_seen":"2025-10-15T19:37:20.52022Z","last_seen":"2025-10-15T19:37:20.52022Z","times_seen":1,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LIxWHScSnlvAI6j%2FphqQUKK1%2FYaPKwDIRkqrwXV1g1r7e3fuHcYm2FloYIAnd91lFzC%2Bs%2B8CS7Clg1G%2BupElcLEz92ZBt8rrDGFyL6Hu\"}]}\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98f1c3fedb79b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.383821726150.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=d9946e0c366ab46a1907a5c129f031afe026ec63374220edf5f9c9b8e2dee916c2d7ebe1689d20a7acab8311b1e5ef4c9f66def1336e1e71f0dba1edb6656bdd8d64463d324af7e2af22bb21cae3f493a38e24b76ded0f37d98df7\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.383821726150.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=d9946e0c366ab46a1907a5c129f031afe026ec63374220edf5f9c9b8e2dee916c2d7ebe1689d20a7acab8311b1e5ef4c9f66def1336e1e71f0dba1edb6656bdd8d64463d324af7e2af22bb21cae3f493a38e24b76ded0f37d98df7\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MywiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.-jRzJ9aO6K9rZOmsLfBRn6sTJ3wkA7s8DUgaU_y_ovg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 3426\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs=3; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nu_pl23823996=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 17\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bc45906ff71379795882d09716c0566f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3886)","md5":"2351c6658cf3334bd5f12818bf978e42","sha1":"3c173bb467975641971a7f0f0e0bdcc84d2e7b5d","sha256":"9d19f309f5e54bd149221a5dd5554d89a578375edc08132b69f4ffe42b4e6cd8","sha512":"f6a527a45bf23cc3afbc95118508daa8091b5852d14ab289785face11ccfd81c8e2cc6cee770a2a24d8af97f8c779cca8b0e436edbabf5ad8a9829de482af245","ssdeep":"96:woziGTMxipJd50IzqgxBhLk/wWJdbXf+teqbnnrLogA1ZDeCfMEDaH:ZzM8d50nqBhLkVba4qjnrLx4VeCkCaH","tlshash":"66a14bf66f69217da432a1b925379e883da0420f1d20ee41bd5cd2641f20bf45ba9dcd","first_seen":"2025-10-15T19:37:20.52986Z","last_seen":"2025-10-15T19:37:20.52986Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XX5l0cR3Db1KoqU3y42fqzUrJsnrV8eguVGHnKC2Ny%2FeWo7Kf7GYpF%2B8KV9dZrlY1RVKTmoO%2FKIg0DJXJTi5u4xdoJTxJg27T7tsuR1w\"}]}\r\ncf-ray: 98f1c3fc6cbb568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1SUz4scRRTHa3YTD_EgJuJR5uBBxZ2tH909XQYR1xgJxiQmkRxEpH71bDk93W1X9_TunoKBELy4eDK3njezu_4Ioh7ESyTMegsIGS_uIYviHyAixKv07MJqQdd7r7-fw_c17_XNUbmPGJRi79Jb6YaNY7Hsd3D7uWs20Wnl2heutgnu4NPtazYJvNPttebKhy8R5nXw8-03jOqnyxQTjAkm7bM2N1G6tjxXwWZ3OOlw3PFoh_gerOX_r125CE4sgh7uo5Ng9eyJP6J3waopJINvzhjXL9LsxdcHZSyKNIeh3nkn6SdplcDgKI3yFkTJziENqZsh9NkCpMnOYQeQDidNByDtDC08_RBksnNoE-Rw68CpjMEkIPXjUA2nYOJdsGIKKr0BVj9AAErDhYuQDLYvpHkl1g9U0agzdOzR32CrGTr28ClIBl-vxHatfSWNy8KmiYO1qAa7NgXbm0JWTqHYWABb7YIqPgKrf0bLj85DMphcdHEKVu89q7kUPCD-EpeaLnmc8yXhY71EgiDEgrGASTL_RDaagnAtKJvHtqCMWlBmLRjovbaHQ08RwYKIa9XFnvA8bSTmIcVYcNWFUjXeN6HINkHFm6DyW59nerXoDymbFHlptstEOcpG5E75fhZTFlLGeTAiOweUP4e2Gsgf0SMmDOmIbB8wc2TSICMKWX4d-vbTB_7JB8d_g7y8B25173vSlcSnGMuQRITKSHWZ4FFoImoCHQSSh34Qaa0CrXXQ5aHnB12qpPECoylTlKuQ-9RXwjDfqDAifiQkJd2ux4kKlNBEKhN4OiJCB6IbRT71DJfMYz6lCvMAS-MT4inJQhb5Shtf8i6XyuPK4ABjTj0aYcI0lTjgHg609iU4fQJcMUOtt6_DUNdQGQSVQ1AJBJVFUBUIqmG9pWNHXb2tY1dKchjpYWT1OC16I7GVFj2TIBD5JuS6ntjsQ3cDVLE43oicHqfNJWRRj4XU9SjbR082Q9fq3zwBfbPXxh6LgsgnvsSRZygLMA9CGmqlsTTdUIOzNVi3MB-VDTtDL9_9HTI7Q89MPgEpdsHFu6DsIojyOIhqzDAGsTqmPoaN5Lt0kNh-XDo7NB2VDjpJD3RaQ1Ycg2K9NYr30anx5asr9-Z78N6v62DUfXR4QOU1ZHkNH9ifEPTiW-PLaYUml9PKoW8vZoUd2A3R7MiVQhTmsS_fNOtVmutzZ9zmF6-qRmjSO1eNK86LRNuk59BXK1Zrk59Nc2XQ3XPumpGXSre6UuZJmZ2_9NrZc4MsN87ZNJmCsDN04q-PQdkZOvXj7fn--y_cBpVdB5cd-XQpApkhiC2C2By9F7IG959aHuUjdwt6eQtEcQOSQQ3DvIZhXIOIN5uf2rjI8vuv_MLmB2TcGss4RxMZ541u99oRM1RhHHYDwsLIEOZpFfmhx3UgMGMGCjdb_fOfH_4NAAD__1VwMFmdBQAA","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1SUz4scRRTHa3YTD_EgJuJR5uBBxZ2tH909XQYR1xgJxiQmkRxEpH71bDk93W1X9_TunoKBELy4eDK3njezu_4Ioh7ESyTMegsIGS_uIYviHyAixKv07MJqQdd7r7-fw_c17_XNUbmPGJRi79Jb6YaNY7Hsd3D7uWs20Wnl2heutgnu4NPtazYJvNPttebKhy8R5nXw8-03jOqnyxQTjAkm7bM2N1G6tjxXwWZ3OOlw3PFoh_gerOX_r125CE4sgh7uo5Ng9eyJP6J3waopJINvzhjXL9LsxdcHZSyKNIeh3nkn6SdplcDgKI3yFkTJziENqZsh9NkCpMnOYQeQDidNByDtDC08_RBksnNoE-Rw68CpjMEkIPXjUA2nYOJdsGIKKr0BVj9AAErDhYuQDLYvpHkl1g9U0agzdOzR32CrGTr28ClIBl-vxHatfSWNy8KmiYO1qAa7NgXbm0JWTqHYWABb7YIqPgKrf0bLj85DMphcdHEKVu89q7kUPCD-EpeaLnmc8yXhY71EgiDEgrGASTL_RDaagnAtKJvHtqCMWlBmLRjovbaHQ08RwYKIa9XFnvA8bSTmIcVYcNWFUjXeN6HINkHFm6DyW59nerXoDymbFHlptstEOcpG5E75fhZTFlLGeTAiOweUP4e2Gsgf0SMmDOmIbB8wc2TSICMKWX4d-vbTB_7JB8d_g7y8B25173vSlcSnGMuQRITKSHWZ4FFoImoCHQSSh34Qaa0CrXXQ5aHnB12qpPECoylTlKuQ-9RXwjDfqDAifiQkJd2ux4kKlNBEKhN4OiJCB6IbRT71DJfMYz6lCvMAS-MT4inJQhb5Shtf8i6XyuPK4ABjTj0aYcI0lTjgHg609iU4fQJcMUOtt6_DUNdQGQSVQ1AJBJVFUBUIqmG9pWNHXb2tY1dKchjpYWT1OC16I7GVFj2TIBD5JuS6ntjsQ3cDVLE43oicHqfNJWRRj4XU9SjbR082Q9fq3zwBfbPXxh6LgsgnvsSRZygLMA9CGmqlsTTdUIOzNVi3MB-VDTtDL9_9HTI7Q89MPgEpdsHFu6DsIojyOIhqzDAGsTqmPoaN5Lt0kNh-XDo7NB2VDjpJD3RaQ1Ycg2K9NYr30anx5asr9-Z78N6v62DUfXR4QOU1ZHkNH9ifEPTiW-PLaYUml9PKoW8vZoUd2A3R7MiVQhTmsS_fNOtVmutzZ9zmF6-qRmjSO1eNK86LRNuk59BXK1Zrk59Nc2XQ3XPumpGXSre6UuZJmZ2_9NrZc4MsN87ZNJmCsDN04q-PQdkZOvXj7fn--y_cBpVdB5cd-XQpApkhiC2C2By9F7IG959aHuUjdwt6eQtEcQOSQQ3DvIZhXIOIN5uf2rjI8vuv_MLmB2TcGss4RxMZ541u99oRM1RhHHYDwsLIEOZpFfmhx3UgMGMGCjdb_fOfH_4NAAD__1VwMFmdBQAA HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dcfcb3887a2bfaf41697f9e673aaec0b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1198720135834.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1198720135834.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://rashcolonizeexpand.com/watch.1198720135834.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=a38e85413cec1014f138e4bf1725680c6d5b682f8c34b684af8addacbcb3e6c4f89c5df3a7188dfeb60360f1990e63015e55e57f4b8f6e8d5becbb609e58a5545c93dd6b5941badec2e868af64e9da7a2d2df5ffef41b4ce089061\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6NSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.sVUirNfr4Ltpj0Z3GqQ0BCi2gkLbL9Esm3prFTHJNos; expires=Wed, 15 Oct 2025 19:37:25 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 71bb508bf2ad797146a4f2b954d55fca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4724,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6c/7d/80/6c7d8051aa19f2f3e631e0fe383ba962/1756656863.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/6c/7d/80/6c7d8051aa19f2f3e631e0fe383ba962/1756656863.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66898\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:23 GMT\r\netag: \"68b474df-10552\"\r\nexpires: Fri, 17 Oct 2025 19:36:26 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 11:35:12], progressive, precision 8, 728x90, components 3","md5":"e580467987c1c30c4ffb17f7ae11f3c0","sha1":"610b07f423750aa257acca2366c4eb17a73c5505","sha256":"2e86c96ad78da3f4820110f2ce0a383d60e49982673d7ebed82f5043c1586d7b","sha512":"6d995ed6eaf343a2c706a3bf86055ab4ad7b885060e5c8621110de3501bf494197511e2111d9e99e49afd8888e0b4af6a2e811c0114885c93f034045a1a5559a","ssdeep":"768:3igBYyTIoQh9x8pLcbxvnd+n5OtUhs1NmyQv8brypNoQD2Gsa2xP/lfGOp+BtrEs:bBUhj8a855hs2Ivyp+m26clTp+BEc","tlshash":"7b63f189eb52cd23eed11e349cc1e5e24152cd60a2a3626578adfe407fb63f59d0c20b","first_seen":"2025-09-02T14:53:06.163646Z","last_seen":"2026-04-04T11:48:03.930608Z","times_seen":635,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl23924524.highratecpm.com/c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js","fqdn":"pl23924524.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highratecpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 22:56:35 GMT","end":"Fri, 19 Dec 2025 22:56:34 GMT"},"fingerprint":{"sha1":"09:55:75:01:0C:70:AF:6F:8E:56:01:66:32:02:9A:D6:5C:2B:32:FD","sha256":"30:C5:C8:19:3B:E4:B4:FE:41:DF:58:D4:1F:26:4C:E7:D5:8D:50:5B:F5:CE:9E:9B:DD:50:00:7B:A4:D8:92:29"}}},"request":{"raw":"GET /c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js HTTP/1.1\r\nHost: pl23924524.highratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32686\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: pl23924524.highratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8b60fd88568b62cc27d96272b0c17af1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84192,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d07896cde6c5b83b9653ffc65d936778","sha1":"8278ae430118bca21474878ee72710d82bb6f597","sha256":"498e30887af7da7e12b3be1b5f7d73cd7383ae593e55f9af90636fc1aeca10f4","sha512":"b199b0c6710c578cc18b398dc8c3d84800dc6fe735634e1ae6e29f2c3cb49bbbe2db66b0d22067214e32732fd10c8e1b289e43e5bea6b4bf2431b3147de834d2","ssdeep":"1536:UkzsDEFAkM9IWf3pDTf0zpxftTgA4VEIaU44Ru37oIXDWeGXMtb4cnSzB:ODxk4+BgA4VEIaU44McBeGXMtb4/","tlshash":"9b83f848bb82b869425630ba332ff01af15a4c421de8d454dc57f8d96fb8b1de637e24","first_seen":"2025-10-15T19:37:20.538555Z","last_seen":"2025-10-15T19:37:20.538555Z","times_seen":1,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 15 Oct 2025 19:36:28 GMT\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"aa770992960d5d36cf6ba4357f990aa9","sha1":"46cce46df4f47c159c31632cfb45ca0f0144ff0f","sha256":"ea95379db9e2554185ea2a578330b742412ef90d2ccd704a76ed133d990f052b","sha512":"42a66305d9a2990560ee0468c3a36e4b4a1b1ca98cf0922717b9519d17760c63930cb21fe7258671a873a4f9a1bfa520778ce2f002bfba120c99e3f5db00ebea","ssdeep":"768:DDADRDYDKDf4DQLDDDXDfc70afUQRptmJKBLfhQE8YtCR6UfaQ7zfTYHw+fQQVN7:+2Biad","tlshash":"afc2eda1041740009b839ce223cebf35fe5f92117141d0b9abfd9b6badcbc66526936d","first_seen":"2025-09-09T03:39:37.780899Z","last_seen":"2025-11-18T23:25:50.567773Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb1KY4I5Ql-5_lULGyBdZKZk5EhFtNZPG9kVvnjHS1NsEjaoC4WN0F7RNTN8XurV12oWZICTDiD7M76HdJ9kSfts6qKuBUR1XEqWVxGwvaE7D0WSR7u-fZx8SzGa1rI3HRd4Q8SkbbrPCuJVNFZ36lpXek64DnTn9wItHcoir7eGfRVx9zZsGXOpY5e2E/s1600/FUHSO%20Remedial%20Admission%202025\u00262026%20Form.jpeg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhb1KY4I5Ql-5_lULGyBdZKZk5EhFtNZPG9kVvnjHS1NsEjaoC4WN0F7RNTN8XurV12oWZICTDiD7M76HdJ9kSfts6qKuBUR1XEqWVxGwvaE7D0WSR7u-fZx8SzGa1rI3HRd4Q8SkbbrPCuJVNFZ36lpXek64DnTn9wItHcoir7eGfRVx9zZsGXOpY5e2E/s1600/FUHSO%20Remedial%20Admission%202025\u00262026%20Form.jpeg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v15ee\"\r\nexpires: Thu, 16 Oct 2025 19:36:30 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"FUHSO Remedial Admission 2025\u00262026 Form.jpeg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\nserver: fife\r\ncontent-length: 11083\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11083,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 213x230, components 3","md5":"05f7ac5bb94afbe398a1f88ba14c4238","sha1":"aacea216f22658cde42feef7eeab89eabe85bff5","sha256":"4e8171860c5126939511c8beb3b0dc86685f451655777a6822f51146b3f514b9","sha512":"67131be704e9fa36bd797f157562e4839b7fc86cf191e2c833b4bd2c9839550dabe5142334a791e8ce1c690cc816149d9d3124c27053fc9692892c1c6cc652f4","ssdeep":"192:6x9s4jlkKOUvzpVaHb8TbzRCr4BwUan2NBZlBnfUCKG9/pH4BTQlWnrZ4zH4DI:6x9s+JLvz+w3lRB4n29lAGppHMRrazHN","tlshash":"f132cf0e1d756138cb74d8b9e1a767c9a0693cb2665507f388d35e8a11b8b7fde2c018","first_seen":"2025-10-15T19:37:20.548781Z","last_seen":"2025-10-15T19:37:20.548781Z","times_seen":1,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1bcaa7f0d6e1a0f271c77d3e149f9a05\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":786,"timings":{"blocked":290,"dns":15,"connect":95,"send":0,"wait":95,"receive":92,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.128980453908.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.128980453908.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://torchfriendlypay.com/watch.128980453908.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=896d4ef970551211b4126aeef9a7b2ac37a74aa7bceff894e758b4166c5075895a60c91b04d84c1c940a28077bd024e4e90e766dd88471dacdac3042f788b2d5fa35279952232187a1f7a67becfa7e25cc49bc877086f1fde2b058\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7d6146175b20f170ff3bcebafe8e89d2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":685,"timings":{"blocked":292,"dns":1,"connect":93,"send":0,"wait":101,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18421\r\nConnection: close\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 34d36bc1f781cd600781dbb2b7cdd76a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46239), with no line terminators","md5":"df0ff3ba37d0ca6a8aae23bda437656f","sha1":"3e4a8916e2c9c2ae37ab0cd6e7d0e1b1c56e14a2","sha256":"a9be9cb9cb5a289fba70791060a8cf1fb569eb9a28492afa013da566e5fef5af","sha512":"8e7c98dcae69b194fb1c6bab0785c929f019520a42cf584fbc7bc798b6c1ed91dd56fec516b8796ceffa0ba828ed42d27a7ca98d4b9cd013a16d1dfc4a20c537","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej7Nk:36rxKbk0CrQ+fdwNDba1lIlcPEzNk","tlshash":"d423c48e3f71f15866867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.323673Z","last_seen":"2025-10-15T19:37:20.323673Z","times_seen":1,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTy4sc1Re-PXks8lv8MBE3gvTChYrTcx_1ugYRxxgJxiQmkSxE5L6q59rVVWXdqq6ZWUgwEIIbB1dmV326Z8ZHEHXhRiKhx11ASLtxFhkU_wARIW6lewZGL9Q953zfV_Cdyzk3h9UeYlCJ3UtvZOs2ScSS38HtZ67ZVGe1a1-42ia4g0-3r9k08E63V2dXMXiBMK-Dn22_ZlQvW6KYYEwwaZ-1hYmz1aU5Cza_w0mH445HO8T3YLX4b-2q4-DEcdCDPXQSrJ7-__f4bbBqAmn_6zPG9cosf_7VfpWIMitgoLffSntpVqfQP0zjogVxun2ghsxNEfp0AbJ0-6ADyAbjWQcg7RQtPPEQZLp9YBPkYHPfqUzApCD1_6AeTMAkO2DFBFR2A6x-gACUhgsXIe1vXciKWqzts2LGTtHRR3-Brafo6MPHIe1_tZzY1faVLKlKm6UOVuMG7OoEbHcCeTWBcn0BbL0DqvwQrP4JLT06D2l_fNElGVi9-7TmUvCA-Itcarrocc4XhY_1IgmCCAvGAibJ_IlsPAHhWlDNPtuCKm5Blbegr3fbHo48RQQLYq5ViD3hedpIzCOKseAqhErNvG9AmW-ASjZAFbe2c71S9gb-uCwqs1mlyvlD_071bp5QFlEWRXRItvY1c8l4Jhn6n-1DlM3BrRlI2ZAc_sh5MCSQF9ehZz954J98cOxXKKp74FZ2v6MxE1oHMiDMEzz2WBwrGmHOcWQIjYNQKKl1qLAUROMwIpHxGVcC69gElATCV740WnGmjOaaRx7GkpKQxlIGPmOxR0PBTchJTAkLlaLGwwGJQi82gefHwmOSBCElnER-wAwzLNQmioT2QkFopDmWXAWRjLn0cRAEOgopBaefBFdOUevND2CgG6gNgtohqAWC2iKoSwT1oNnUiaOu2dKJqyQ5iPQgsmaUld2h2MzKrkkRiGIDCt2Mbf6-uwGqPDJaj50eZbNLyLIZCambYb6HHpsNXat38wT0zG4beywOYp_4EseeoSzAPIhopJXG0oSRBmcbsG5hPirrdopevPsb5HaKnhp_DFLsgEt2QNkjIKpjIOoRwxjEyoj6GNbTb7N-antJ5ezAdFTW76Rd0FkDeXkUyrXWMNlDp0aXry7fm-_BO7-sgVH30cEBVTSQFw28Z39E0E1ujS5nNRpfzmqHvrmYl7Zv18VsR66UojTHv3jdrNVZoc-dcRufv6xmxCy9c9W48rxItU27Dn25bLU2xdmsUAbdPeeuGXmpcivLVZFW-flLr5w9188L45zN0gkIO0Un_vwIlJ2iUz_cnu-__9xtUPl1cPmhT5chkDmCxCJIzCEuZAPuX7U8zIfuFnSLFojyBqT9BgZFA4OkAZFsgKuOjMq8uP_Sz2x-QCatkUwKNJZJMePtbjtmhiqMozAgLIoNYZ5WsR95XAcCM2agdNOVP_7-_p8AAAD__7X8iuydBQAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTy4sc1Re-PXks8lv8MBE3gvTChYrTcx_1ugYRxxgJxiQmkSxE5L6q59rVVWXdqq6ZWUgwEIIbB1dmV326Z8ZHEHXhRiKhx11ASLtxFhkU_wARIW6lewZGL9Q953zfV_Cdyzk3h9UeYlCJ3UtvZOs2ScSS38HtZ67ZVGe1a1-42ia4g0-3r9k08E63V2dXMXiBMK-Dn22_ZlQvW6KYYEwwaZ-1hYmz1aU5Cza_w0mH445HO8T3YLX4b-2q4-DEcdCDPXQSrJ7-__f4bbBqAmn_6zPG9cosf_7VfpWIMitgoLffSntpVqfQP0zjogVxun2ghsxNEfp0AbJ0-6ADyAbjWQcg7RQtPPEQZLp9YBPkYHPfqUzApCD1_6AeTMAkO2DFBFR2A6x-gACUhgsXIe1vXciKWqzts2LGTtHRR3-Brafo6MPHIe1_tZzY1faVLKlKm6UOVuMG7OoEbHcCeTWBcn0BbL0DqvwQrP4JLT06D2l_fNElGVi9-7TmUvCA-Itcarrocc4XhY_1IgmCCAvGAibJ_IlsPAHhWlDNPtuCKm5Blbegr3fbHo48RQQLYq5ViD3hedpIzCOKseAqhErNvG9AmW-ASjZAFbe2c71S9gb-uCwqs1mlyvlD_071bp5QFlEWRXRItvY1c8l4Jhn6n-1DlM3BrRlI2ZAc_sh5MCSQF9ehZz954J98cOxXKKp74FZ2v6MxE1oHMiDMEzz2WBwrGmHOcWQIjYNQKKl1qLAUROMwIpHxGVcC69gElATCV740WnGmjOaaRx7GkpKQxlIGPmOxR0PBTchJTAkLlaLGwwGJQi82gefHwmOSBCElnER-wAwzLNQmioT2QkFopDmWXAWRjLn0cRAEOgopBaefBFdOUevND2CgG6gNgtohqAWC2iKoSwT1oNnUiaOu2dKJqyQ5iPQgsmaUld2h2MzKrkkRiGIDCt2Mbf6-uwGqPDJaj50eZbNLyLIZCambYb6HHpsNXat38wT0zG4beywOYp_4EseeoSzAPIhopJXG0oSRBmcbsG5hPirrdopevPsb5HaKnhp_DFLsgEt2QNkjIKpjIOoRwxjEyoj6GNbTb7N-antJ5ezAdFTW76Rd0FkDeXkUyrXWMNlDp0aXry7fm-_BO7-sgVH30cEBVTSQFw28Z39E0E1ujS5nNRpfzmqHvrmYl7Zv18VsR66UojTHv3jdrNVZoc-dcRufv6xmxCy9c9W48rxItU27Dn25bLU2xdmsUAbdPeeuGXmpcivLVZFW-flLr5w9188L45zN0gkIO0Un_vwIlJ2iUz_cnu-__9xtUPl1cPmhT5chkDmCxCJIzCEuZAPuX7U8zIfuFnSLFojyBqT9BgZFA4OkAZFsgKuOjMq8uP_Sz2x-QCatkUwKNJZJMePtbjtmhiqMozAgLIoNYZ5WsR95XAcCM2agdNOVP_7-_p8AAAD__7X8iuydBQAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=6; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b443b81202a8fde71c92c1280bcd7f72\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gv2mXfkr%2B5BZbI0sisEWN0TWdumofiBVj0HpFytQwp22AoLew2RJFqd0wP35VLHJMxaajRgZygCd2m0Zo4CsO6e7nxsjp2hJHqopWTgV\"}]}\r\ncf-ray: 98f1c3fb9c18568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-04T10:49:57.044251Z","times_seen":10533,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":74,"dns":6,"connect":1,"send":0,"wait":460,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mscCcLu%2BzGB3bm%2BVpCl0iwAEfvLGACZonvGskLMbh8ZPfKTfIlFwOPRi0kVJEz0MrLs2HMrqwZUskMwaZemgNHcGAHbXRGKUTLQPguUY\"}]}\r\ncf-ray: 98f1c3fb8c0c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":64,"dns":4,"connect":3,"send":0,"wait":493,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiw4z_6tN3UBSb6bo9Duwkhv9jcb3fhlZ_mlokx4uqDYR92ZD0idC5qfK8Cf81CkP3P2h0S3Z0I_hkWsNtmC8338jiyyS4otJx7iHCCFinzOn-pDIvFi91U5q2FdluF1aE9stbnx3fWXLChdh8llHbNQJOsUZXVQidox4LHMyLWYZ79rl3rzrdgoYiBDEk/w306-h320/ED-JOHN%20Institute%20of%20Mgt%20and%20Tech%20ND%20Admission%20Form.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiw4z_6tN3UBSb6bo9Duwkhv9jcb3fhlZ_mlokx4uqDYR92ZD0idC5qfK8Cf81CkP3P2h0S3Z0I_hkWsNtmC8338jiyyS4otJx7iHCCFinzOn-pDIvFi91U5q2FdluF1aE9stbnx3fWXLChdh8llHbNQJOsUZXVQidox4LHMyLWYZ79rl3rzrdgoYiBDEk/w306-h320/ED-JOHN%20Institute%20of%20Mgt%20and%20Tech%20ND%20Admission%20Form.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v15e8\"\r\nexpires: Thu, 16 Oct 2025 19:36:31 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"ED-JOHN Institute of Mgt and Tech ND Admission Form.png\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:31 GMT\r\nserver: fife\r\ncontent-length: 14454\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14454,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 286 x 299, 8-bit colormap, non-interlaced","md5":"daec1c1240df42c19e0b505ebc590f27","sha1":"f18f203209f4a63c9d821b4713fd5dd3b14ac135","sha256":"e2271b8398256681659ebdfde394b5d0b5d3169360fcba874ca7888a0387a596","sha512":"2b4721c7593512d06d24dc831a18c15b6444d8821769cc3e04038ea41ff605237ca05ced81f203987f2683efed8b80d393b7623827a4f71e4c302e5b3413b57f","ssdeep":"384:McN7M4x/D3S6YEmT2/SftVVTRbIhf1qX7fxs:Lpr3SvxTMebV6htqrfu","tlshash":"5d52cfd388937a9409356499c6b64df2e777fe5faf11b3fd01172839228ab9434b0a01","first_seen":"2025-10-15T19:37:20.553664Z","last_seen":"2025-10-15T19:37:20.553664Z","times_seen":1,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":859,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18423\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 03acba5948ec829866dbf029bf3998cf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"resource_available":true,"data":null}},"time_used":892,"timings":{"blocked":349,"dns":7,"connect":96,"send":0,"wait":96,"receive":93,"ssl":248},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/9e/5c/35/9e5c35385d0c5139cc819db9c5ec3f9c/1756656395.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/9e/5c/35/9e5c35385d0c5139cc819db9c5ec3f9c/1756656395.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65091\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:35 GMT\r\netag: \"68b4730b-fe43\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65091,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:17:27], progressive, precision 8, 300x250, components 3","md5":"026ecb9ebfc333b46de99a35ece1ed63","sha1":"4945bcedd091109a3c43834502a9301ff5009087","sha256":"02fdce35ad465cf23a8baac4d505a51a7756c6d865f5d311389734c5c601416b","sha512":"e4756406638971996514a6c286a7dfafefee9e4bc76f86f557104ed8aaf4d3a513d13229756cf689e23e7d4e41beb3ac3a0aa75d3789433c5442f387d3073279","ssdeep":"1536:HT8CEOavT8CEOa2GYL1Ql6B2mQmW4aO1R9snq7ji0kZsUdCWTkLNVUQBq3:z8C7u8C7sk1c6BfQmjaO1d7jijFYLNVS","tlshash":"7953e040e682cc32e9e6d8b990f5c2b573329e906af39e40f49e64427ff87d5ac48153","first_seen":"2025-09-02T19:57:23.459951Z","last_seen":"2026-04-03T08:46:56.914433Z","times_seen":906,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18423\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aa8a5d1ac2e3eb1b15322cd88d45d936\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2WQ9xIOYqEeZgwcVd7aqu6u72iDiGiPBmMQkkoOI1K-eLaenq-3qnt7sxWAgBC8uXtRbz5vZXX8EUQ-Ch0iY9RYQMl7cQxbFP0BEiFeZ2YXVgq733vd9Dd8r3rsxrPaQDxXfvfC6XTdpypdpB7efvmIyZWvXPne5TXAHn2xfMVkYnGyvza5i8Dzxgw5-pv2qlj277GGCMcGkfdoUOrFry3MWTH4rJp0YdwKvQ2gAa8X_a1ctguOLoAZ76DgYNX3kj-QtMHICWf-bU9r1Sps_90q_SnlpCxio7TezXmbrDPqHaVK0IMm2D9Rg3RShTxfAZtsHHYAdjGcdgDBTtPDEfRDZ9oFNEIPNfaciBZ2BUA9DPZiATnfA8AlIex2MuocApIJz5yHrb52zRc2v7rN8xk7R0Qd_g6mn6Oj9xyDrf72SmrX2JZtWpbGZg7WkAbM2AdOdQF5NoFxfAFPvgCw_AKN-RssPzkLWH593qQWjdp9SseBxSOhSLJS3FMRxvMQpVkskDBnmvh_6gsyfyCQT4K4F1ewzLaiSFlR5C_pqtx1gFkjC_TCJlYxwwINAaYFj5mHMYxlBJWfeN6DMN0CmGyCLm5tVJh0dBreqd_LU85nnM-YNyVauVsveYFwWlR7PJMPg833I8-fg1gz0_CE5_DGOwyHZ3lfRuQjy4hr0zMf36PF7i79BUd0Bt7r7PY5jGjMdM-X5MaNMK6UVpUqqiHNJVKAw8zkjxBOJDFjEqU99wrAIIx6EAY-V1JFMREwljWKhMeUJ1jjQShGtPS6FJ2SkFBU0kpxL7gVK-lp7LCIeC4OIBIQQLUJMfD9iXPDAS1gcel6MQ8bDSBIZ04BSprEkIgmY1hSDU4-DK6eo9cb7MFAN1BpB7RDUHEFtENQlgnrQbKrUea7ZUqmrBDmI3kH0m5Etu0O-acuuzhDwYgMK1YxN_p67DrI8MlpPnBrZ2cVF2Yy4UM0w30OPzoau1btxDHp6t40DPwkTSqjASaA9P8RxyDympMJCR0yBMw0YtzAflXUzRS_c_h1yM0VPjj8CwXfApTsgzRHg1SLweuRjDHx15FEM69l3tp-ZXlo5M9AdafudrAvKNpCXR6G82hqme-jE6OLllTvzPXj71xq0vIsODsiigbxo4F3zE4JuenN00dZofNHWDn17Pi9N36zz2Y5cKnmpH_ryNX21toU6c8ptfPGSnBGz9NZl7cqzPFMm6zr01YpRShenbSE1un3GXdHiQuVWV6oiq_KzF14-faafF9o5Y7MJcDNFx_76EKSZohM_fjbff_rsJyDza-DyQ5_OIhA5gtQgSPUhzkUD7j-1OMyH7iZ0ixbw8jpk_QYGRQODtAGeboCrjozKvLj74i_-_IBIWyORFmgs0mLGm9124mtPYsyikPgs0cQPlEwoC2IVcuz7Gko3Xf3znx_-DQAA__9CZ6ZnnQUAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2WQ9xIOYqEeZgwcVd7aqu6u72iDiGiPBmMQkkoOI1K-eLaenq-3qnt7sxWAgBC8uXtRbz5vZXX8EUQ-Ch0iY9RYQMl7cQxbFP0BEiFeZ2YXVgq733vd9Dd8r3rsxrPaQDxXfvfC6XTdpypdpB7efvmIyZWvXPne5TXAHn2xfMVkYnGyvza5i8Dzxgw5-pv2qlj277GGCMcGkfdoUOrFry3MWTH4rJp0YdwKvQ2gAa8X_a1ctguOLoAZ76DgYNX3kj-QtMHICWf-bU9r1Sps_90q_SnlpCxio7TezXmbrDPqHaVK0IMm2D9Rg3RShTxfAZtsHHYAdjGcdgDBTtPDEfRDZ9oFNEIPNfaciBZ2BUA9DPZiATnfA8AlIex2MuocApIJz5yHrb52zRc2v7rN8xk7R0Qd_g6mn6Oj9xyDrf72SmrX2JZtWpbGZg7WkAbM2AdOdQF5NoFxfAFPvgCw_AKN-RssPzkLWH593qQWjdp9SseBxSOhSLJS3FMRxvMQpVkskDBnmvh_6gsyfyCQT4K4F1ewzLaiSFlR5C_pqtx1gFkjC_TCJlYxwwINAaYFj5mHMYxlBJWfeN6DMN0CmGyCLm5tVJh0dBreqd_LU85nnM-YNyVauVsveYFwWlR7PJMPg833I8-fg1gz0_CE5_DGOwyHZ3lfRuQjy4hr0zMf36PF7i79BUd0Bt7r7PY5jGjMdM-X5MaNMK6UVpUqqiHNJVKAw8zkjxBOJDFjEqU99wrAIIx6EAY-V1JFMREwljWKhMeUJ1jjQShGtPS6FJ2SkFBU0kpxL7gVK-lp7LCIeC4OIBIQQLUJMfD9iXPDAS1gcel6MQ8bDSBIZ04BSprEkIgmY1hSDU4-DK6eo9cb7MFAN1BpB7RDUHEFtENQlgnrQbKrUea7ZUqmrBDmI3kH0m5Etu0O-acuuzhDwYgMK1YxN_p67DrI8MlpPnBrZ2cVF2Yy4UM0w30OPzoau1btxDHp6t40DPwkTSqjASaA9P8RxyDympMJCR0yBMw0YtzAflXUzRS_c_h1yM0VPjj8CwXfApTsgzRHg1SLweuRjDHx15FEM69l3tp-ZXlo5M9AdafudrAvKNpCXR6G82hqme-jE6OLllTvzPXj71xq0vIsODsiigbxo4F3zE4JuenN00dZofNHWDn17Pi9N36zz2Y5cKnmpH_ryNX21toU6c8ptfPGSnBGz9NZl7cqzPFMm6zr01YpRShenbSE1un3GXdHiQuVWV6oiq_KzF14-faafF9o5Y7MJcDNFx_76EKSZohM_fjbff_rsJyDza-DyQ5_OIhA5gtQgSPUhzkUD7j-1OMyH7iZ0ixbw8jpk_QYGRQODtAGeboCrjozKvLj74i_-_IBIWyORFmgs0mLGm9124mtPYsyikPgs0cQPlEwoC2IVcuz7Gko3Xf3znx_-DQAA__9CZ6ZnnQUAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=5; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4fd21be740190320cfdf353c29d6ad92\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/60/3f/91/603f91173713a91903969684a0fc202aac8fec2ad2f0ae163ffa378d91bb419c.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/60/3f/91/603f91173713a91903969684a0fc202aac8fec2ad2f0ae163ffa378d91bb419c.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 16 Mar 2025 03:11:56 GMT\r\netag: \"67d6417c-3b2f\"\r\nexpires: Fri, 17 Oct 2025 19:36:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24184826.cpmrevenuegate.com/26/04/4c/26044c9034d41067e4eeac3c8b2a25ba.js","fqdn":"pl24184826.cpmrevenuegate.com","domain":"cpmrevenuegate.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpmrevenuegate.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 Aug 2025 22:51:56 GMT","end":"Sat, 15 Nov 2025 22:51:55 GMT"},"fingerprint":{"sha1":"A5:EC:DF:72:70:00:89:A8:4D:E9:01:D9:7D:24:9F:D7:5E:65:53:18","sha256":"75:22:77:90:37:3E:ED:61:45:92:0A:57:C6:6C:43:66:2E:0B:69:F2:02:A1:B0:64:49:8E:21:AB:35:E7:BA:71"}}},"request":{"raw":"GET /26/04/4c/26044c9034d41067e4eeac3c8b2a25ba.js HTTP/1.1\r\nHost: pl24184826.cpmrevenuegate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38388\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 8\r\nHost: pl24184826.cpmrevenuegate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 71f6a365e48b354c671803a913552978\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":106648,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"69207f466930d91deddf3a6379360ae0","sha1":"ac54f8641b2f85b71dd58dd89ec0a4e5277dd689","sha256":"89bcb6d94c758ffb15fe08bdcaf5bc59558a63cb59afbfc856dad7dd80a29fbe","sha512":"e77e533d8d3a83e8ceb7f2912ac978000866ff8c36b62da73c4ad62594a21528f6f60ad59c70ebba57f477f0829070737ec26bd69978441d3000b1f29006708f","ssdeep":"1536:99TDYewwZykXTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9N9rvQ:fnDT9RCgZ0eQp29N9rvQ","tlshash":"41a3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","first_seen":"2025-10-15T19:37:20.52022Z","last_seen":"2025-10-15T19:37:20.52022Z","times_seen":1,"resource_available":true,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":23,"connect":92,"send":0,"wait":106,"receive":93,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24184826.cpmrevenuegate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2WS_Q77Dx5eIeJI5eFBxZ6u6-lcZRFxjJBiTmERyEJH61bPl9HS1Xd3Tu3uQYCAELy6ezK3nndldfwRRDx6ESJj1FhAyXtxDFsU_QESIV5nZhdWCrvd9n-dpeN7ifW8Oq31EoeJ7l163GyZN-XLQwe2nr5lM2dq1L1xtE9zBp9vXTBb6p9trs6sYPE-o38HPtF_VsmeXPUwwJpi0z5pCJ3Ztec6Cye8w0mG443sdEviwVvy7dtUiOL4IarCPToJR0__9lrwFRk4g6391RrteafPnXulXKS9tAQO182bWy2ydQf8oTYoWJNnOoRqsmyL0yQLYbOewA7CD8awDEGaKFh5_CCLbObQJYrB14FSkoDMQ6r9QDyag010wfALS3gCjHiAAqeDCRcj62xdsUfP1A5bP2Ck6_uhPMPUUHX_4GGT9L1dSs9a-YtOqNDZzsJY0YNYmYLoTyKsJlBsLYOpdkOUHYNSPaPnRecj644sutWDU3lOKCc5CEiwxobwlnzG2xAOslkgYxphTGlJB5k9kkglw14Jq9pkWVEkLqrwFfbXX9nHsS8JpmDAlI-xz31daYBZ7GHMmI6jkzPsmlPkmyHQTZHHrTvVOnno09mgce0OynavVsjcYl0Wlx1Um3dD_9ADy6BzcnoEeHZKjHxkLh2TnQBXMRVszUTD0IS-uQ898_CA4-WDxFyiqe-BW974VTARCKe5RxRinUciVF3IeYE9Fni9jTyge-QxHsQ6ZmqkJI5h6gscqwswLsKSxYlRz5nNNeKBDyQIiI5_GigaMsDAmxAsojQlWJCA-jTH3SOB7Okw8nyiFMQ68JIl9wWQsoighjPKYCx3gJOYaB5RGYUQ0ET6jkfBlmIBTT4Arp6j1xvswUA3UGkHtENQcQW0Q1CWCetBsqdR5rtlWqasEOYzeYaTNyJbdId-yZVdnCHixCYVqxiZ_z90AWR4bbSROjezs4qJsRlyoZpjvo__Phq7Vu3kCenqvjX2ahElAAoETX3s0xCyMvVhJhYWOYgXONGDcwnxUNswUvXD3V8jNFD05_ggE3wWX7oI0x4BXi8DrEcUY-OrICzBsZN_YfmZ6aeXMQHek7XeyLijbQF4eh3K9NUz30anR5asr9-Z78PbP66DlfXR4QBYN5EUD75ofEHTTW6PLtkbjy7Z26OuLeWn6ZoPPduRKyUv9n89f0-u1LdS5M27zs5fkjJild65qV57nmTJZ16EvVoxSujhrC6nR3XPumhaXKre6UhVZlZ-_9PLZc_280M4Zm02Amyk68ceHIM0Unfr-9nz_g2dvg8yvg8uPfDqLQOQIUoMg1Uc4Fw24f9TiKB-6W9AtWsDLG5D1GxgUDQzSBni6Ca46Nirz4v6LP9H5AZG2RiIt0FikxYw3e-2Eak9iHEchoXGiCfWVTILYZyrkmFINpZuu_v7Xd38HAAD__2DkvZedBQAA","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRuu2WS_Q77Dx5eIeJI5eFBxZ6u6-lcZRFxjJBiTmERyEJH61bPl9HS1Xd3Tu3uQYCAELy6ezK3nndldfwRRDx6ESJj1FhAyXtxDFsU_QESIV5nZhdWCrvd9n-dpeN7ifW8Oq31EoeJ7l163GyZN-XLQwe2nr5lM2dq1L1xtE9zBp9vXTBb6p9trs6sYPE-o38HPtF_VsmeXPUwwJpi0z5pCJ3Ztec6Cye8w0mG443sdEviwVvy7dtUiOL4IarCPToJR0__9lrwFRk4g6391RrteafPnXulXKS9tAQO182bWy2ydQf8oTYoWJNnOoRqsmyL0yQLYbOewA7CD8awDEGaKFh5_CCLbObQJYrB14FSkoDMQ6r9QDyag010wfALS3gCjHiAAqeDCRcj62xdsUfP1A5bP2Ck6_uhPMPUUHX_4GGT9L1dSs9a-YtOqNDZzsJY0YNYmYLoTyKsJlBsLYOpdkOUHYNSPaPnRecj644sutWDU3lOKCc5CEiwxobwlnzG2xAOslkgYxphTGlJB5k9kkglw14Jq9pkWVEkLqrwFfbXX9nHsS8JpmDAlI-xz31daYBZ7GHMmI6jkzPsmlPkmyHQTZHHrTvVOnno09mgce0OynavVsjcYl0Wlx1Um3dD_9ADy6BzcnoEeHZKjHxkLh2TnQBXMRVszUTD0IS-uQ898_CA4-WDxFyiqe-BW974VTARCKe5RxRinUciVF3IeYE9Fni9jTyge-QxHsQ6ZmqkJI5h6gscqwswLsKSxYlRz5nNNeKBDyQIiI5_GigaMsDAmxAsojQlWJCA-jTH3SOB7Okw8nyiFMQ68JIl9wWQsoighjPKYCx3gJOYaB5RGYUQ0ET6jkfBlmIBTT4Arp6j1xvswUA3UGkHtENQcQW0Q1CWCetBsqdR5rtlWqasEOYzeYaTNyJbdId-yZVdnCHixCYVqxiZ_z90AWR4bbSROjezs4qJsRlyoZpjvo__Phq7Vu3kCenqvjX2ahElAAoETX3s0xCyMvVhJhYWOYgXONGDcwnxUNswUvXD3V8jNFD05_ggE3wWX7oI0x4BXi8DrEcUY-OrICzBsZN_YfmZ6aeXMQHek7XeyLijbQF4eh3K9NUz30anR5asr9-Z78PbP66DlfXR4QBYN5EUD75ofEHTTW6PLtkbjy7Z26OuLeWn6ZoPPduRKyUv9n89f0-u1LdS5M27zs5fkjJild65qV57nmTJZ16EvVoxSujhrC6nR3XPumhaXKre6UhVZlZ-_9PLZc_280M4Zm02Amyk68ceHIM0Unfr-9nz_g2dvg8yvg8uPfDqLQOQIUoMg1Uc4Fw24f9TiKB-6W9AtWsDLG5D1GxgUDQzSBni6Ca46Nirz4v6LP9H5AZG2RiIt0FikxYw3e-2Eak9iHEchoXGiCfWVTILYZyrkmFINpZuu_v7Xd38HAAD__2DkvZedBQAA HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=5; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 07ef47e0c325a17943e553669236ff03\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T6OuA%2Bf4M6pC%2Bx%2FCPZsH87DitW8EhhU23FXokU8aRkM1mVt%2BM%2B4QzlukA1aunCdmJVVLNsWC19emK1GNaabLjFfIRTpwE4T92cccdhno\"}]}\r\nage: 1698097\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 98f1c3fbdc5c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-04T11:42:40.852245Z","times_seen":8740,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa8501-4ff\"\r\nage: 1698098\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rWFhnbEvgealM9XHCRYM0sQ2L%2FM11HDk5WbRkIpYqBeLrS4mNPPTP7D9IaY4ZbiqxgL2N7bSOwwoCrfh4V4e3p7OIsfhYA7cGm8ETpn2\"}]}\r\ncf-ray: 98f1c3ff8b80b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-04T11:42:40.852245Z","times_seen":8740,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/feeds/posts/default?alt=json-in-script\u0026callback=jQuery111001300496830480642_1760556982650\u0026_=1760556982651","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /feeds/posts/default?alt=json-in-script\u0026callback=jQuery111001300496830480642_1760556982650\u0026_=1760556982651 HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"57f0f711cdb8b91fe8f78cf1a61e6be758b6ca05738b4671555ae9598cb16895\"\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nserver: blogger-renderd\r\nexpires: Wed, 15 Oct 2025 19:36:31 GMT\r\ncache-control: public, must-revalidate, proxy-revalidate, max-age=1\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 28755\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":181265,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (65508)","md5":"165f15b582e1c0d80ec7f19b59c8c134","sha1":"12be86b50df4b71531ba30676bf4d4e392046773","sha256":"268ac4a684b0df1568ce026dff40e65bf451838f1a190769556b82607668d664","sha512":"9309a6afb57bbbf4e267db6466e992e1ace53e4e54fef1b28434989972b1a84bc576b754e192a11151d22b6f4ebabc1e50fa41bb63810dd0322e6e75ae839b40","ssdeep":"1536:Mo2V6B4gED2lXPP6BLkBm+Qtl6rdKSa3jcDYa0z933PCbrhwXPouQ:MTV6BASpkL3pnFaKN3PC3hUPA","tlshash":"a004a5e3a384e62185074694cc72fb9ea575e91b172de8b5cc3f4c2ec16815413ae3be","first_seen":"2025-10-15T19:37:20.564905Z","last_seen":"2025-10-15T19:37:20.564905Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1138,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 03:23:24 GMT","end":"Mon, 08 Dec 2025 04:23:14 GMT"},"fingerprint":{"sha1":"2D:94:96:D6:08:54:E8:A2:4A:A9:D7:90:E4:75:91:6B:AC:CB:AA:24","sha256":"24:50:0C:86:73:A4:E6:6C:AD:20:57:80:86:4E:19:B1:E9:76:7F:2A:BE:CC:E9:75:B2:07:67:62:FA:9B:E7:8D"}}},"request":{"raw":"GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:21 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 98f1c3d14c045696-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"4fbd15cb6047af93373f4f895639c8bf\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:54 GMT\r\ncdn-cachedat: 12/09/2024 23:20:39\r\ncdn-proxyver: 1.06\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1075\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 4f338739bd75b634e7f3517bf2e1f433\r\ncdn-cache: HIT\r\nage: 509483\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27466,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (27303)","md5":"4fbd15cb6047af93373f4f895639c8bf","sha1":"12d6861075de8e293265ff6ff03b1f3adcb44c76","sha256":"ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5","sha512":"f8be32cba15170319b5c9f663c6f0c4ffdd4083cf047d80f7b214d302b489eca25fbee66ddb9366d758a7598efc9b9a886b02c9f751ae71f207cb9db1356243a","ssdeep":"384:Qi5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:Dlr+Klk3YlKfwYUf8l8yQ/T","tlshash":"3bc230f8e54c01d66731c48bff81b36862b6f73dd5814d99f01f690c29d22a522c5bba","first_seen":"2023-04-05T07:46:17Z","last_seen":"2026-04-04T11:19:03.173675Z","times_seen":35315,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":74,"dns":0,"connect":1,"send":0,"wait":18,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.968022194519.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.968022194519.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.968022194519.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=18ab4ec74da305a807a4565ab8245742a0297ba9b631acc1fc60927247951226538596e62747eeeb9e6f3b34221866eeef289ec1f1e71ed62e22f39e030216b13b526344ca941f5b0c9a9faefeb58aea399370964504b48d042736\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5f39b1d751e0daf5361a141d040f1f8a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.873337017745.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=099598e98d239858edded55dcd7aac1d4d083a8112bfc487a5353180b67a464a9dce7cfb95c579be05af0e04edd1ee2acb2bc7dd5b57caaca24dc3ee28712864714111eb6013378aba42f896229068a67c1c954558e0c1bf48ee50\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.873337017745.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=099598e98d239858edded55dcd7aac1d4d083a8112bfc487a5353180b67a464a9dce7cfb95c579be05af0e04edd1ee2acb2bc7dd5b57caaca24dc3ee28712864714111eb6013378aba42f896229068a67c1c954558e0c1bf48ee50\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo1LCJhdSI6NSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.lFahlx6nhlrcb6lwQ_TRktKbZQEzgEScKbK1EH3hj9Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 3444\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs=5; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs5=5; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0d1cd69c5c0dcac353ab524ae007616f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3890)","md5":"3d18365e62c3a6d79e822eb3ffddb17e","sha1":"50a14272394342eeeb831744ccf35850001d164a","sha256":"00352d3fb3171f11d7506fdbc0c0ead3fd23bcee0103c797a57c99119eb83dcb","sha512":"c4fd9bbb36a95b5ecd9a07c6ec06cd5ad42ca8f73f4afe1586b024d1b932b977cf56e72fc43b0551995ef28537d24841683ac8c4d7d377b78f3c1986b4398eed","ssdeep":"96:yozN0Y+DTdcdqJPiJKGsIlk/4hpLERrQt3TKiw1ZDWCfMEDaH:vz/O42CkgfL+rQtpoVWCkCaH","tlshash":"ffa14be52ec6526cd85f70bba07b75643f22111f1a40c64ab68cf5950fa47f8483aeec","first_seen":"2025-10-15T19:37:20.573634Z","last_seen":"2025-10-15T19:37:20.573634Z","times_seen":1,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":204,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gavedeliverknee.com/pixel/nvwbdp?key=359ffd8d92c6d81781d68ca2cfcb4022","fqdn":"gavedeliverknee.com","domain":"gavedeliverknee.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gavedeliverknee.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:36:21 GMT","end":"Wed, 31 Dec 2025 08:36:20 GMT"},"fingerprint":{"sha1":"75:DC:0F:E0:EB:3B:DF:68:4D:B2:EB:07:4B:09:A7:9E:92:8C:CC:98","sha256":"BF:DA:04:92:58:71:91:95:BE:E3:6F:C6:BE:21:B2:66:C2:48:42:D3:7D:16:E4:20:97:B8:97:F3:06:39:21:B5"}}},"request":{"raw":"GET /pixel/nvwbdp?key=359ffd8d92c6d81781d68ca2cfcb4022 HTTP/1.1\r\nHost: gavedeliverknee.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: gavedeliverknee.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":676,"timings":{"blocked":292,"dns":14,"connect":91,"send":0,"wait":92,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"gavedeliverknee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"gavedeliverknee.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa8501-15d94\"\r\nage: 1480950\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d%2Fa41YPMKWdHuUVncs82gA%2FfK1pjdU1S%2BLzigtq4iKNOEO%2Fy8Wpwd0P4hmmMLVVFtx8W8ONQbcm%2Bx3AzZvpJ1rTEcKneD%2FB0hWeE15Rs\"}]}\r\ncf-ray: 98f1c3ff8b81b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T19:36:20.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /2024/02/certificate-of-origin-how-to-get-it.html HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Wed, 15 Oct 2025 19:36:21 GMT\r\ndate: Wed, 15 Oct 2025 19:36:21 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\netag: W/\"6e9d0af05e5c27a5815a6360c69edcaa647a779ce6f50d354ef03a2d93101f17\"\r\nx-robots-tag: all,noodp\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 36458\r\nserver: GSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Blogger","description":"Blogger is a blog-publishing service that allows multi-user blogs with time-stamped entries.","website":"https://www.blogger.com","common_platform_enumeration":"","icon":"Blogger.png","categories":["Blogs"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.11.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":251794,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (39350)","md5":"01124cf302df1bf840413eb5a6415756","sha1":"a5673d2105888e344df5642aaae61b32c715d96b","sha256":"03490c56732bca0d1f73e4d37c57e1089b50facacb143726803a0ececfe12f02","sha512":"f708e643cc081ba8dd7e3b89dd349d59252677219ac9ab4995f1f22b8854a9ebe5e55afce8d9bc23f79617cebcca8b7c3acd90be54a5b5bd93a7f5d152ccbb6e","ssdeep":"1536:F1T7Vm8ua/GQCwNlzKNtPLT1/9FVziXpRmvY+fm52iBJnsqaYIrZf1EAYXDPAPS6:F1T7kklzytPLHFCRmvY+fmHBJFPAPSh+","tlshash":"ec34a8f17243820bea7d4853ad557ba992fab55391c0f193d0f8ba0f068a98fd07d9c4","first_seen":"2025-10-15T19:37:20.5777Z","last_seen":"2025-10-15T19:37:20.5777Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1876,"timings":{"blocked":469,"dns":129,"connect":22,"send":0,"wait":893,"receive":45,"ssl":316},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.1711124793345.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.1711124793345.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.1711124793345.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=33f44395a31b8af80c59fad3fb6344a5f7a71904a4ca7c51ce119bd20d4aea5b2d1b0b9f7d9de7b78b34e06397bf5e64d8c6a81831efc6c14066d4c24a35bf8d30b76fd96800b8ba56b26d4eb4195ef4e8ec01dec3bdc6e4d63559\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8SQfMkVjIuoV2tPLZJNg44l5ANmpGHpw1hTFdRDu8IU; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f1a033b60f8953c91d578dabf2fafb57\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4612,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":712,"timings":{"blocked":305,"dns":26,"connect":92,"send":0,"wait":97,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1e93265b3f1d683b5be76774fdc7c304\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6f0beec3ae2f5a830298804231491ede\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y9eyt6ZqutGicolIqdbbonEf617%2BNuASQgMOWTjazdpSt7snY1If9BD152JygPqcySiE%2Fonrfxvj%2Bn5YY83YuCScWP3FWw%2BG%2F553EZE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98f1c3fb08aeb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb1KY4I5Ql-5_lULGyBdZKZk5EhFtNZPG9kVvnjHS1NsEjaoC4WN0F7RNTN8XurV12oWZICTDiD7M76HdJ9kSfts6qKuBUR1XEqWVxGwvaE7D0WSR7u-fZx8SzGa1rI3HRd4Q8SkbbrPCuJVNFZ36lpXek64DnTn9wItHcoir7eGfRVx9zZsGXOpY5e2E/s100/FUHSO%20Remedial%20Admission%202025\u00262026%20Form.jpeg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhb1KY4I5Ql-5_lULGyBdZKZk5EhFtNZPG9kVvnjHS1NsEjaoC4WN0F7RNTN8XurV12oWZICTDiD7M76HdJ9kSfts6qKuBUR1XEqWVxGwvaE7D0WSR7u-fZx8SzGa1rI3HRd4Q8SkbbrPCuJVNFZ36lpXek64DnTn9wItHcoir7eGfRVx9zZsGXOpY5e2E/s100/FUHSO%20Remedial%20Admission%202025\u00262026%20Form.jpeg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v15ee\"\r\nexpires: Thu, 16 Oct 2025 19:36:30 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"FUHSO Remedial Admission 2025\u00262026 Form.jpeg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\nserver: fife\r\ncontent-length: 6249\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6249,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 93x100, components 3","md5":"ac9837589c67fd744dd14db6ba196863","sha1":"c74074b6224056f65f71ad115a316b7c52a80c37","sha256":"8cac1c3524dd15a5d5bd20dae73866a90e3e3aa1f3614e9a57d6570ba23890b9","sha512":"9fb9e62dfb2e3f78644b40c2d29649de00bfb8a5252aa9212e8fb5e0a06e20737c7fefb567ab49a26e076a38ffd9037ec0f69fec3f5a7d18d520e25d3b0cf2a7","ssdeep":"192:0EVygK552SKg/ii1HijTyGyMDe7K1r+9oiw6uubcYWbC+O:0EV5K5nKySTRTi7Hpuub5WbC+O","tlshash":"a6d18001e9d3926deb362630f3863112df4dac38a3e836f4644b59e435cd1e98863603","first_seen":"2025-10-15T19:37:20.583229Z","last_seen":"2025-10-15T19:37:20.583229Z","times_seen":1,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/4128112664-css_bundle_v2.css","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:27 GMT","end":"Mon, 15 Dec 2025 08:40:26 GMT"},"fingerprint":{"sha1":"58:46:3F:C8:CA:4C:E8:4A:99:AA:61:86:67:DA:60:F0:B9:30:41:02","sha256":"D8:B8:F0:37:14:79:13:C0:3C:E5:D1:5D:E9:71:56:44:42:27:47:58:CB:5C:D1:8C:47:36:FC:1A:52:AC:78:14"}}},"request":{"raw":"GET /static/v1/widgets/4128112664-css_bundle_v2.css HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 7900\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 10:01:34 GMT\r\nexpires: Tue, 13 Oct 2026 10:01:34 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sun, 12 Oct 2025 08:49:28 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 207288\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36490,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36489)","md5":"66844e0a3681139d568bc448652a35b3","sha1":"1f98e48e7a03be6444a3568cc9137b8470e673d7","sha256":"614d30d4dc372edb61fa68ef73b5529fea70822a0626e9ea43e776207f68028a","sha512":"05a1ff7a6279895536e26fbdf3ae9023d11d4f26670528bd1b920e7e1023cd63e4965489f72c497a679c0dfd410d2fcc9ea260412820ea53658e95d471bdb4ef","ssdeep":"384:YN90OhFqDg3A2VysImDyPWquJMpx/SCYW0h8+Rl9yaZwuJ86YKSQCNL/J69nKg9f:YN90OhIsJnIm6IvW0trVJw1gngRLFr2","tlshash":"16f2c9719590342df127d726b893ba8d3224d563e3634eeee516b6b8cec5ada003331d","first_seen":"2025-09-12T00:20:33.061322Z","last_seen":"2026-01-12T23:05:08.582193Z","times_seen":10533,"resource_available":false,"data":null}},"time_used":467,"timings":{"blocked":217,"dns":1,"connect":15,"send":0,"wait":17,"receive":1,"ssl":208},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1381819334900.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2137e12c840c113bff625bd744e85a0acacc95773015e91754d7d5b5786febefea0267f70f434ff59e89030751567a5efb2af953e0f07e750bd0a79d2b2faff4d67abf5194aa0a104dae04494cae35a19b704e8ee195fbf33eb915\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1381819334900.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2137e12c840c113bff625bd744e85a0acacc95773015e91754d7d5b5786febefea0267f70f434ff59e89030751567a5efb2af953e0f07e750bd0a79d2b2faff4d67abf5194aa0a104dae04494cae35a19b704e8ee195fbf33eb915\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 2331\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 10\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 533593bdb4099f13c626a96d642f7662\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4718,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3842)","md5":"609b240f21e4d50e2f3cf816d36186d2","sha1":"1ab9ffe357c689f9860f51d8c7ad2edf3d2221ac","sha256":"341646d0290f7c4a7ac29add424f79efba0c7947c40aee9b35a861b6951b2b65","sha512":"1bdbd04b2215d141ab15c67312bc57b250273fb695bf951d26ed3b0131fc7df12d81ff9d2ed5a04f756297dcfaeb9b3a5dc8035005e3ed005f5c9280a5b89c49","ssdeep":"96:yoz3t0ouc4ZrTHZvn6gdsuuk/h4ZrTH6vn6gdsuo1ZDWCfMEDaH:vzxuc+nZvnouukp+n6vnouwVWCkCaH","tlshash":"36a14b25fd844109e62834ed1d7f72066e553a0b2419cf0a7a9dcb503fb0eb41b3c88a","first_seen":"2025-10-15T19:37:20.594027Z","last_seen":"2025-10-15T19:37:20.594027Z","times_seen":1,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/db/3f/4e/db3f4e9bb2563c5d90aa30fa2047a623/1756661871.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/db/3f/4e/db3f4e9bb2563c5d90aa30fa2047a623/1756661871.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82015\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:37:51 GMT\r\netag: \"68b4886f-1405f\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82015,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:56:38], progressive, precision 8, 320x240, components 3","md5":"a5e99008dec3cc78ac2ef712db916e71","sha1":"1727aa543c5a16969ae1c767b2b488f7deedc7c0","sha256":"809ba0ce4ca09a627e04907b7b4b850651bb1bc6fbe8c3fa28e95649a89ffa58","sha512":"6621cc914d11088d1b4b4ef9f59d0452217bd3886d95a7a6d6ae3a133b909eb1977797657d398380c9b036387c4361d783d77e0f5a6150a90a0a32de2b55f323","ssdeep":"1536:0f4FYf4FJxFgOsbKS46bxlW8k0rn2rcV4Kbf9FieN5LjS6:0IYIDUbPRxPvreOf9FierN","tlshash":"f783f1207fd6ac11f7eca178095cc7a4e7a09e667e17225ab8fc72a53730391eac144d","first_seen":"2025-09-02T18:27:26.453754Z","last_seen":"2026-04-04T12:17:30.423676Z","times_seen":1242,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78672\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:44 GMT\r\netag: \"68b47314-13350\"\r\nexpires: Fri, 17 Oct 2025 19:36:27 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78672,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:40:19], progressive, precision 8, 300x250, components 3","md5":"066e20100222b78fe9405d18539da6e4","sha1":"aa5e3d971a8d26f99b7fdc0ddacc61c062cd1776","sha256":"0af13aebc4a03fef7e5e9050db1d797bb81bf9f64227866392cb7b97ec045085","sha512":"5c6c20ab83609a25576880ddf9b35f93481a165e6ddd174dd086022bd660d9b1936b8edb37c46d7f0cdbbcd77cbf9753bb7d8b8757692266d45c64dceebb02b0","ssdeep":"1536:BHEqIkq/HEqIkq7lE6c/Fs27oxQhHXNFv3fEH3j0sF6:Bk1kq/k1kqp74HhHv38H3/6","tlshash":"e773f158bb45ee23f8d35b730873e7875a13ae24a3971e90708c7520f7f5b54080e616","first_seen":"2025-09-02T19:16:52.557605Z","last_seen":"2026-04-04T11:42:40.800923Z","times_seen":1066,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=274","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=274 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":560,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 15 Oct 2025 19:36:29 GMT\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"aa770992960d5d36cf6ba4357f990aa9","sha1":"46cce46df4f47c159c31632cfb45ca0f0144ff0f","sha256":"ea95379db9e2554185ea2a578330b742412ef90d2ccd704a76ed133d990f052b","sha512":"42a66305d9a2990560ee0468c3a36e4b4a1b1ca98cf0922717b9519d17760c63930cb21fe7258671a873a4f9a1bfa520778ce2f002bfba120c99e3f5db00ebea","ssdeep":"768:DDADRDYDKDf4DQLDDDXDfc70afUQRptmJKBLfhQE8YtCR6UfaQ7zfTYHw+fQQVN7:+2Biad","tlshash":"afc2eda1041740009b839ce223cebf35fe5f92117141d0b9abfd9b6badcbc66526936d","first_seen":"2025-09-09T03:39:37.780899Z","last_seen":"2025-11-18T23:25:50.567773Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2UQPehAT0ZvMwYOKO1s1Vf3LIOIaI8GYhCSSg3ion7PldHe1Xd3Tm8VDMBCCF5ec9Nb7ZpNFDaI56CkSZr0FhIwX95BF8Q8QEeJVerOw-qDf-15_BfW9qq-ubtS7iELNd86-69ZsmvKlYID7L160uXKN75--0Cd4gI_1L9o8ZMf6q10qJ68Sygb4pf7bWo7d0hATjAkm_RO21MatLu2xYItbCRkkeMCGAxIwWC3_3_u6B573QE120RGwav7UH-Z9sHIGefbtce3HlSteeSurU165EiZq6718nLsmh-wAmrIHJt_aXw3OzxH6fAFcvrU_AbjJZjcBCDtHC88-AJFv7csEMbnxSKlIQecg1JPQTGag022wfAbSXQGr7iMAqeD0Gcizm6dd2fBLj1jesXN0-OHfYJs5OvzgGcizb5ZTu9o_79K6si73sGpasKszsKMZFPU2VGsLYJttkNUnYNXPaOnhKcizzTM-dWDVzgsqETwJSbCYCDVcZEmSLPIAq0UShjHmlIZUkL0jsmYG3Peg7j7bg9r0oC56kKmdPsMxk4TT0CRKRphxxpQWOImHGPNERlDLTvs6VMU6yHQdZHkZivIyjO31-8GR-4_9BmV9F_zKzveUGsZoEnBKRMxNjGWQGK6oESFljAcm4hFJui0kj2RApCakk44V45oHYqiIwCIxkUqUjkQUC8o0DmkSCRPokKlYhjwmMSXayFAShsNQMTlknAbCxIpiEYVGJWGMsYgFD0IxDBXTgpEk0IbpWEtMlJZUKBlqpkIaBAl41QNfIZioFhqNoPEIGo6gsQiaCkEzaW-o1A99e1OlvhZkvw73K22nrhpt8BuuGukcAS_XoVTtpi0-8ldAVoema8arqesSF1U75UK1G8UuerrzRG989WMY652-4gwHkQlCpbkkknMdsXiIA8qj2BDOwdsWrF_Yu8k1O0ev3fkdCjtHz29-BoJvg0-3QdpDwOvngDfTaBgDX4EEw1p-22W5Hae1txM9kC4b5CNQroWiOgzVpd5GuouOTs9dWL6759IPfr0OWt5D-wGybKEoW_jQ_oRglF6bnnMN2jznGo--O1NUNrNrvHPw-YpX-vGv3tGXGleqk8f9-pdvyI7o4K0L2leneK5sPvLo62WrlC5PuFJqdOekv6jF2dqvLNdlXhenzr554mRWlNp76_IZcDtHT_z1KUg7R0d__GLvdQYv3wZZXAZfHOj0DoEoEKQWQaoP_nPRgv9PLw7whr8Go7IHvLoCedbCpGxhkrbA03Xw9aFpVZT3Xv-F7gWItDcVaYk2RVp2vN3pG6qHEuM4CgmNjSaUKWmCmCUq5JhSDZWfr_z5zw__BgAA___UZZhqOwUAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2UQPehAT0ZvMwYOKO1s1Vf3LIOIaI8GYhCSSg3ion7PldHe1Xd3Tm8VDMBCCF5ec9Nb7ZpNFDaI56CkSZr0FhIwX95BF8Q8QEeJVerOw-qDf-15_BfW9qq-ubtS7iELNd86-69ZsmvKlYID7L160uXKN75--0Cd4gI_1L9o8ZMf6q10qJ68Sygb4pf7bWo7d0hATjAkm_RO21MatLu2xYItbCRkkeMCGAxIwWC3_3_u6B573QE120RGwav7UH-Z9sHIGefbtce3HlSteeSurU165EiZq6718nLsmh-wAmrIHJt_aXw3OzxH6fAFcvrU_AbjJZjcBCDtHC88-AJFv7csEMbnxSKlIQecg1JPQTGag022wfAbSXQGr7iMAqeD0Gcizm6dd2fBLj1jesXN0-OHfYJs5OvzgGcizb5ZTu9o_79K6si73sGpasKszsKMZFPU2VGsLYJttkNUnYNXPaOnhKcizzTM-dWDVzgsqETwJSbCYCDVcZEmSLPIAq0UShjHmlIZUkL0jsmYG3Peg7j7bg9r0oC56kKmdPsMxk4TT0CRKRphxxpQWOImHGPNERlDLTvs6VMU6yHQdZHkZivIyjO31-8GR-4_9BmV9F_zKzveUGsZoEnBKRMxNjGWQGK6oESFljAcm4hFJui0kj2RApCakk44V45oHYqiIwCIxkUqUjkQUC8o0DmkSCRPokKlYhjwmMSXayFAShsNQMTlknAbCxIpiEYVGJWGMsYgFD0IxDBXTgpEk0IbpWEtMlJZUKBlqpkIaBAl41QNfIZioFhqNoPEIGo6gsQiaCkEzaW-o1A99e1OlvhZkvw73K22nrhpt8BuuGukcAS_XoVTtpi0-8ldAVoema8arqesSF1U75UK1G8UuerrzRG989WMY652-4gwHkQlCpbkkknMdsXiIA8qj2BDOwdsWrF_Yu8k1O0ev3fkdCjtHz29-BoJvg0-3QdpDwOvngDfTaBgDX4EEw1p-22W5Hae1txM9kC4b5CNQroWiOgzVpd5GuouOTs9dWL6759IPfr0OWt5D-wGybKEoW_jQ_oRglF6bnnMN2jznGo--O1NUNrNrvHPw-YpX-vGv3tGXGleqk8f9-pdvyI7o4K0L2leneK5sPvLo62WrlC5PuFJqdOekv6jF2dqvLNdlXhenzr554mRWlNp76_IZcDtHT_z1KUg7R0d__GLvdQYv3wZZXAZfHOj0DoEoEKQWQaoP_nPRgv9PLw7whr8Go7IHvLoCedbCpGxhkrbA03Xw9aFpVZT3Xv-F7gWItDcVaYk2RVp2vN3pG6qHEuM4CgmNjSaUKWmCmCUq5JhSDZWfr_z5zw__BgAA___UZZhqOwUAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 647b2567c43a72f9e3dde5a7d79c8ace\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/c8/94/cc/c894ccad032c11990b8570c24074d6bc/1756656403.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78672\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:44 GMT\r\netag: \"68b47314-13350\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78672,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:40:19], progressive, precision 8, 300x250, components 3","md5":"066e20100222b78fe9405d18539da6e4","sha1":"aa5e3d971a8d26f99b7fdc0ddacc61c062cd1776","sha256":"0af13aebc4a03fef7e5e9050db1d797bb81bf9f64227866392cb7b97ec045085","sha512":"5c6c20ab83609a25576880ddf9b35f93481a165e6ddd174dd086022bd660d9b1936b8edb37c46d7f0cdbbcd77cbf9753bb7d8b8757692266d45c64dceebb02b0","ssdeep":"1536:BHEqIkq/HEqIkq7lE6c/Fs27oxQhHXNFv3fEH3j0sF6:Bk1kq/k1kqp74HhHv38H3/6","tlshash":"e773f158bb45ee23f8d35b730873e7875a13ae24a3971e90708c7520f7f5b54080e616","first_seen":"2025-09-02T19:16:52.557605Z","last_seen":"2026-04-04T11:42:40.800923Z","times_seen":1066,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/jsbin/52802623-lbx.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:31.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:27 GMT","end":"Mon, 15 Dec 2025 08:40:26 GMT"},"fingerprint":{"sha1":"58:46:3F:C8:CA:4C:E8:4A:99:AA:61:86:67:DA:60:F0:B9:30:41:02","sha256":"D8:B8:F0:37:14:79:13:C0:3C:E5:D1:5D:E9:71:56:44:42:27:47:58:CB:5C:D1:8C:47:36:FC:1A:52:AC:78:14"}}},"request":{"raw":"GET /static/v1/jsbin/52802623-lbx.js HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 123305\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 05:12:01 GMT\r\nexpires: Tue, 13 Oct 2026 05:12:01 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 08 Oct 2025 00:55:01 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 224670\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":387681,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2395)","md5":"2cb2604f6e8c5c4715bbb3401711e08f","sha1":"85a4215479c9cc541653da6b55bbe729ea4f87fb","sha256":"df6b83c99121e5df678aab766bb62d562a622744dc6068006b19acf13599be53","sha512":"7e4b2e06386ff2bb76bb60207e99824d6ff72d938a3683b1e1bce8af7be47595c76166538bbbc4c15d0d6e5ba473b30a717500c053751af9cb5ef2d8654d7c8d","ssdeep":"3072:d/Sefkdhs7Ot3qS7YeLXiDQfaa7XqxE9rJVLOAzhhMt2QlhCP9a7svmmKhMh2V4j:d/bcL15XQULZfMLlhCP95NIlwH","tlshash":"058461deb292b4569263f0b4483f014aa37bbc99e4484a6cb58ddcd26e7481c513ff78","first_seen":"2025-10-01T10:03:02.644115Z","last_seen":"2025-10-16T22:42:25.316417Z","times_seen":431,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:26 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ren.gif?sid=H4sIAAAAAAAC_1yTzYscxRvHq3f39PsdxCieVObgwYA72--ZNkhwjZFgTGISySEHqe7qni2npqqt6p7eLAjBQAh4cAMejKee78zu-hJEvYhgIMx6WxAynvaQBfEP8CDEo9IzC6s-0FVP8Xn64VvP89StYXlAPJR0_-JbaoMLQVeCtt168SqXTFWmdf5Ky7Hb9snWVS5D_2RrvVn04GXH89v28dYbadJTK67t2LZjO60zXKeZWl-ZUfD8XuS0I7vtu20n8LGu_3025RIMtcAGB-QYOJs-8Vt2DTyZQPa_OZ2aXqHyl17vl4IWSmPAdt6RPakqif6Rm2kLmdw5jIYyU0I-XYCSO4c3gBqMmxsg5lOy8MwjxHLnUCbiwdZcaSyQSsTs_6gGE6RiAk4nSNRNcPaQAAnD-QuQ_e3zSlf0-pzShk7J0uM_wKspWXr0NGT_61XB11uXlSgLrqTBelaDr0_AuxPk5S6KjQXwahdJ8SE4-5msPD4H2R9fMEKBs_0XWBTTKHSC5Shm7rIfRdEyDWy27IRhx6aeF3qxMysRzyagxkLZfNxCmVkocwt9tt_y7Y6fONQLs4glJ2yf-j5LYzvquLZNo-QEyqTRvoki30QiNpHoj8alTMzQ28nZWtEbBONCl-m98t1cuF7H9Todd-h8PmfuHG43P7jB0JlHhYHXscPoKMr7T4ooCofO9hzO0FaTIBi680Te0EGub6DH7zwMjkGXD2DWahjWgimmxHr7AwxYjSolqAxBRQkqTlAVBNWg3mLCuKbeZsKUsXO4u4e7V49U0R3SLVV0U0lA9SY0q8c8f9_cRFIsjjYyw0aqWWhc1CMas3qYH5AnmwZbvVt30Uv3W4lL_RNREDPHjdLE61AaZ52s49mJF4VREMLwGtwszNqywafklfu_IudT8vz4Y8R0F0bsIuGLoOVzoFUNulZjQ36n-pL3RGn4IG0nqt-WXTBVIy-WUFy3huKAPDW6dGX1wWzarh1_gDTZO_XD3cY-Q6Jr5LrGe_wngq64PbqkKjK-pCpDvr2QF7zPN2gziZcLWqSLX76ZXq-UZmdPm80vXk0a0Lj3rqSmOEcl47JryFernLFUn1E6Scn9s-ZqGl8szdpqqWWZn7v42pmz_VynxnAlJ6B8Sv5XP4uET8mxv-7MXpn3yfdI8hsw-ZFOowji3ILgBCLdI4cGGtcw_zjHR_7Q3EZXW6DFTch-jYGuMRA1qNiEKRdHRa73Tv3izQyxsEax0NY4FlrcmdfJ8P1W4MZe2OmEaRayzGOe67EosNPIp1HoR36AwkzXfv_zx78DAAD__33o654IBQAA","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1yTzYscxRvHq3f39PsdxCieVObgwYA72--ZNkhwjZFgTGISySEHqe7qni2npqqt6p7eLAjBQAh4cAMejKee78zu-hJEvYhgIMx6WxAynvaQBfEP8CDEo9IzC6s-0FVP8Xn64VvP89StYXlAPJR0_-JbaoMLQVeCtt168SqXTFWmdf5Ky7Hb9snWVS5D_2RrvVn04GXH89v28dYbadJTK67t2LZjO60zXKeZWl-ZUfD8XuS0I7vtu20n8LGu_3025RIMtcAGB-QYOJs-8Vt2DTyZQPa_OZ2aXqHyl17vl4IWSmPAdt6RPakqif6Rm2kLmdw5jIYyU0I-XYCSO4c3gBqMmxsg5lOy8MwjxHLnUCbiwdZcaSyQSsTs_6gGE6RiAk4nSNRNcPaQAAnD-QuQ_e3zSlf0-pzShk7J0uM_wKspWXr0NGT_61XB11uXlSgLrqTBelaDr0_AuxPk5S6KjQXwahdJ8SE4-5msPD4H2R9fMEKBs_0XWBTTKHSC5Shm7rIfRdEyDWy27IRhx6aeF3qxMysRzyagxkLZfNxCmVkocwt9tt_y7Y6fONQLs4glJ2yf-j5LYzvquLZNo-QEyqTRvoki30QiNpHoj8alTMzQ28nZWtEbBONCl-m98t1cuF7H9Todd-h8PmfuHG43P7jB0JlHhYHXscPoKMr7T4ooCofO9hzO0FaTIBi680Te0EGub6DH7zwMjkGXD2DWahjWgimmxHr7AwxYjSolqAxBRQkqTlAVBNWg3mLCuKbeZsKUsXO4u4e7V49U0R3SLVV0U0lA9SY0q8c8f9_cRFIsjjYyw0aqWWhc1CMas3qYH5AnmwZbvVt30Uv3W4lL_RNREDPHjdLE61AaZ52s49mJF4VREMLwGtwszNqywafklfu_IudT8vz4Y8R0F0bsIuGLoOVzoFUNulZjQ36n-pL3RGn4IG0nqt-WXTBVIy-WUFy3huKAPDW6dGX1wWzarh1_gDTZO_XD3cY-Q6Jr5LrGe_wngq64PbqkKjK-pCpDvr2QF7zPN2gziZcLWqSLX76ZXq-UZmdPm80vXk0a0Lj3rqSmOEcl47JryFernLFUn1E6Scn9s-ZqGl8szdpqqWWZn7v42pmz_VynxnAlJ6B8Sv5XP4uET8mxv-7MXpn3yfdI8hsw-ZFOowji3ILgBCLdI4cGGtcw_zjHR_7Q3EZXW6DFTch-jYGuMRA1qNiEKRdHRa73Tv3izQyxsEax0NY4FlrcmdfJ8P1W4MZe2OmEaRayzGOe67EosNPIp1HoR36AwkzXfv_zx78DAAD__33o654IBQAA HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv5=true; uncs5=2; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: de864cca34bfe304b714fe7dd3b08739\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/09/waziri-umaru-federal-polytechnic-birnin-kebbi-wufpbk-post-utme-form.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /2024/09/waziri-umaru-federal-polytechnic-birnin-kebbi-wufpbk-post-utme-form.html HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Wed, 15 Oct 2025 19:36:30 GMT\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\netag: W/\"6e9d0af05e5c27a5815a6360c69edcaa647a779ce6f50d354ef03a2d93101f17\"\r\nx-robots-tag: all,noodp\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 35841\r\nserver: GSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":248994,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (39350)","md5":"0f907ca99096067e767cbaa9d6c49943","sha1":"5973063f6632b2a0215070c95511afffa8fa64e7","sha256":"e3f08ed3bba2fa103212212ca6fef013b55c97e56b14be8e876e457e5f37eb6d","sha512":"6956a27147ebaf31be6f693c90dc6d346bd63e5e3317ea617ca94493fc353ead38e793f35c49f869d2bdc360a75da9faf9b9696d1ba13f19e14b36037f90a22d","ssdeep":"1536:F1TSVm8ua/GQCwNlzKNtPLS1UdcAhu/V0RmvY+fm52iBJnsqaYIrZf1EAYXDPAPH:F1TSkklzytPLBrhRmvY+fmHBJFPAPShw","tlshash":"c33498f17243820be67e4853ad547aad92fab55392c0f197d0f8ba0f068a58fd07d9c4","first_seen":"2025-10-15T19:37:20.604488Z","last_seen":"2025-10-15T19:37:20.604488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":933,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":895,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/0e/3d/23/0e3d23863eff2e8bf535579f702fe030/1756656797.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/0e/3d/23/0e3d23863eff2e8bf535579f702fe030/1756656797.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 51444\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:13:17 GMT\r\netag: \"68b4749d-c8f4\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51444,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:20:35], progressive, precision 8, 728x90, components 3","md5":"e1777a2961908b35f79a77c5ab64bb88","sha1":"7115f98ff2a370bd0de059359701bf680c2fd69f","sha256":"7d07fa5d13965523a25f23c9e89fc1896c55e785998ff0eb814763ff3f3f1cc8","sha512":"f5308c63b2c0a27b1c3950d479124105c4f2ea8e7fb927f973aaf673a35e1ac3de58805a51db21b49a49b4c8b3867e2ee526d8d3b98c9fa50ac28afaec9a1fa9","ssdeep":"768:tYiS/vYyMgxzdJSqK1tEkSo0qQCBUPAkpfVBYocvnJ9zAAtm2:evRJyHv0TTYWfVBYjB9zAh2","tlshash":"7333e01a7a908fb2f8c196782065f383c3a29e94b7a32751b8dc771177b37955d4f202","first_seen":"2025-09-02T20:22:38.328959Z","last_seen":"2026-04-03T22:34:53.941286Z","times_seen":651,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1374062808963.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f4306706a8cddaec4355cf3b7809c0e33bcf1bfa1bc20f27012cf8ed248cbe8ae1ab60d050922ad9410a36ed373867eb23fc11e806b022dc896c586a2f071104b08ecf588d0bf2f4fa74b9e43336928a49a9f572a94e1155b8e80a\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.1374062808963.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f4306706a8cddaec4355cf3b7809c0e33bcf1bfa1bc20f27012cf8ed248cbe8ae1ab60d050922ad9410a36ed373867eb23fc11e806b022dc896c586a2f071104b08ecf588d0bf2f4fa74b9e43336928a49a9f572a94e1155b8e80a\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3683\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6dabf4f0e3c50dfc6b2fbb7ebdffb89b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4722,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3846)","md5":"932119b9ee3e6a4b70001821d06f6035","sha1":"9be56ba2742cc6529457fb60a6405e192098ac77","sha256":"1e5f5f8033ad54252be40be5242e62fda65c08a927d5f2bcb9065a8824f5a151","sha512":"4c1857eda336ff65c6bbc62650bfdc6fa356b98b416b506d139f34b0bf835ba9e7809ca5bdb5651a944928aa731f147946edff1bad61014481e7c77f3cb43610","ssdeep":"96:yoz/s0h/pR0HOUCl5xNEQYls2OHk/AI6xW4aaAzaHKrutw1ZDWCfMEDaH:vz/d0HOJl5xhwHOHkoI6xTa34uioVWCi","tlshash":"dfa15c64af52f01cec5eb07f153ba2147b61d11f2912b986398cc780af117a85eadfc5","first_seen":"2025-10-15T19:37:20.627894Z","last_seen":"2025-10-15T19:37:20.627894Z","times_seen":1,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3104ca4cdd67d7afca1355c8a893dd31\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:18:00 GMT\r\netag: \"68327dd8-3b2f\"\r\nexpires: Fri, 17 Oct 2025 19:36:29 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.8971576817.js?dev=e\u0026key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=193a8762dc1f3d7b6ef45847b29ce57b662c6e683a97f226182dedc4bc37587f06ad36e8a2592b2c164ef03ae3a12ec1b50549c8f7277674b56edb791c28d97ec1ceb45f7444e08c45c72f8a620afb18b8e3a316fcaf7d5b521789\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.8971576817.js?dev=e\u0026key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=193a8762dc1f3d7b6ef45847b29ce57b662c6e683a97f226182dedc4bc37587f06ad36e8a2592b2c164ef03ae3a12ec1b50549c8f7277674b56edb791c28d97ec1ceb45f7444e08c45c72f8a620afb18b8e3a316fcaf7d5b521789\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.z_rtdG8LJ-c36Z2DOTKLwf3vROs2VlWe2UpKlFC7sRM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv5=true; uncs5=4; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 3436\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs=6; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\npdhtkv25=true; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs25=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nu_pl26538069=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 942f87f5a4475a4a68b9ee53197c324d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4778,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3902)","md5":"f49d098559278f8ad3057bd028c6e57e","sha1":"7028b6b79d700e6f9036224952439e6b0ece58d8","sha256":"185c356e72cec00254ff307516e3d1a0dccc2b305524a4416106113d660ee742","sha512":"065627503ec421be7bad4232871a3875d421cd7a4458fabbc0ac6bf04b82549d464a97ca768ec70677b14ee397526f416fdfc6718630f355b45eb1bbd72e023f","ssdeep":"96:3ozvJKoE7MmE0a5OBRu2jbk/9WqxF+dIIaxc5VD1ZDYRCfMEDaH:YzvH+HsOG2jbkUqDIaW5VRVWCkCaH","tlshash":"04a18d66be9b9630648b346d187a2a065c21820b2506df42bf4cdb444f147f80fdeeed","first_seen":"2025-10-15T19:37:20.636123Z","last_seen":"2025-10-15T19:37:20.636123Z","times_seen":1,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"throbcrunchsurely.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYscxRuu2Sy_Q34HMRFvyhw8qLiz_TW90wYJrjESjElMIgHFQ310z5ZbXdV2dU9v9iDRgAQvruBBvdj7zCYbNYh6E4mEWS8SENIn97AL4h8gIsSr9GRg9YV63-etpw7P-9T7_ma5T3yUdPfcK2ZdKkUX-z2n--QlqYWpbPfMxa7r9Jxj3UtSh8Gx7lqb8tGzrh_0nKe6L8V81Sx6jus4ruN2T8o8Tsza4pSFzG5Fbi9yeoHXc_sB1vL_9rbswNIOxGifHIEUzUO_J29A8gl0-s2J2K4WJnvmxbRUtDA5RmL7Nb2qTaWRHsAk7yDR27PXMLYh5JM5GL09mwBmtNVOACYbMvfoHpjenskEG11_oJQpxBpM_B_VaIJYTSDpBNxchRT3CMAFzpyFTm-cMXlFLz9gacs2ZP7-X5BVQ-b3HoFOv15Wcq17waiykEZbrCU15NoEcjhBVu6gWJ-DrHbAi_cgxS9k8f5p6HTrrFUGUuw-ISJGo9DtL0RMeAtBFEULtO-IBTcMBw71_dBn7tQimUxAbQdle2QHZdJBmXWQit1u4AwC7lI_TCLBl5yABoGImRMNPMehEV9CyVvtGyiyDXC1AZ5fQZa_e1P4S7HPeLDJsCo_utc_gry8A7tSw4rHYIuGdF59ByNRo4oJKktQUYJKElQFQTWqrwtlPVvfEMqWzJ1Vb1b9emyK4Sa9bophrAlovoFc1Fsye9teBS8OjdcTK8amTZQV9ZgyUW9m--Th1uiO2tNYjXe7fj9KEjEQkcdDMXCXBq4IB5x6POEscDwPVtaQdm5qz7psyHO3f0MmG_L41odgdAdW7YDLQ6ClC1rVoCs11vV3JtVyVZVWjuIeN2lPDyFMjayYR3G5s6n2ydHx-YvLd6a__uav3yPmd8kswPMaWV7jLfkTwVBdG583Fdk6bypLvj2bFTKV67TdiAsFLeL_fflyfLkyuTh1wm588TxviRbeuhjb4jTVQuqhJV8tSyHi_KTJeUxun7KXYnautCvLZa7L7PS5F06eSrM8tlYaPQGVDTn85wfgsiFHf_x8uu39p3fBsyuw2YFOawhYdghKEqj44J6yGvZfPTvAm_Yahvk8aHEVOq0xymuMVA2qNmDLw-Miy-8e__nTNj4DU_NjpvL5LaZy9XHr0-023Zk61pDXbx6Hlbvdvsf8cDAI4yQUiS98zxdR34mjgEZhEAV9FLZZ-ePvH_4JAAD__2ledL6fBAAA","fqdn":"throbcrunchsurely.com","domain":"throbcrunchsurely.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"throbcrunchsurely.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:35:19 GMT","end":"Wed, 31 Dec 2025 08:35:18 GMT"},"fingerprint":{"sha1":"50:72:94:2F:4C:52:0E:93:94:98:D2:04:39:34:0F:85:38:24:92:92","sha256":"A1:7D:09:0B:38:C0:E1:52:80:EB:94:D5:35:4F:7F:DC:F5:5E:0A:9C:B1:82:D5:82:DA:BE:C3:A1:97:1B:81:8D"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYscxRuu2Sy_Q34HMRFvyhw8qLiz_TW90wYJrjESjElMIgHFQ310z5ZbXdV2dU9v9iDRgAQvruBBvdj7zCYbNYh6E4mEWS8SENIn97AL4h8gIsSr9GRg9YV63-etpw7P-9T7_ma5T3yUdPfcK2ZdKkUX-z2n--QlqYWpbPfMxa7r9Jxj3UtSh8Gx7lqb8tGzrh_0nKe6L8V81Sx6jus4ruN2T8o8Tsza4pSFzG5Fbi9yeoHXc_sB1vL_9rbswNIOxGifHIEUzUO_J29A8gl0-s2J2K4WJnvmxbRUtDA5RmL7Nb2qTaWRHsAk7yDR27PXMLYh5JM5GL09mwBmtNVOACYbMvfoHpjenskEG11_oJQpxBpM_B_VaIJYTSDpBNxchRT3CMAFzpyFTm-cMXlFLz9gacs2ZP7-X5BVQ-b3HoFOv15Wcq17waiykEZbrCU15NoEcjhBVu6gWJ-DrHbAi_cgxS9k8f5p6HTrrFUGUuw-ISJGo9DtL0RMeAtBFEULtO-IBTcMBw71_dBn7tQimUxAbQdle2QHZdJBmXWQit1u4AwC7lI_TCLBl5yABoGImRMNPMehEV9CyVvtGyiyDXC1AZ5fQZa_e1P4S7HPeLDJsCo_utc_gry8A7tSw4rHYIuGdF59ByNRo4oJKktQUYJKElQFQTWqrwtlPVvfEMqWzJ1Vb1b9emyK4Sa9bophrAlovoFc1Fsye9teBS8OjdcTK8amTZQV9ZgyUW9m--Th1uiO2tNYjXe7fj9KEjEQkcdDMXCXBq4IB5x6POEscDwPVtaQdm5qz7psyHO3f0MmG_L41odgdAdW7YDLQ6ClC1rVoCs11vV3JtVyVZVWjuIeN2lPDyFMjayYR3G5s6n2ydHx-YvLd6a__uav3yPmd8kswPMaWV7jLfkTwVBdG583Fdk6bypLvj2bFTKV67TdiAsFLeL_fflyfLkyuTh1wm588TxviRbeuhjb4jTVQuqhJV8tSyHi_KTJeUxun7KXYnautCvLZa7L7PS5F06eSrM8tlYaPQGVDTn85wfgsiFHf_x8uu39p3fBsyuw2YFOawhYdghKEqj44J6yGvZfPTvAm_Yahvk8aHEVOq0xymuMVA2qNmDLw-Miy-8e__nTNj4DU_NjpvL5LaZy9XHr0-023Zk61pDXbx6Hlbvdvsf8cDAI4yQUiS98zxdR34mjgEZhEAV9FLZZ-ePvH_4JAAD__2ledL6fBAAA HTTP/1.1\r\nHost: throbcrunchsurely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl23911790=1; nlec359ffd8d92c6d81781d68ca2cfcb4022=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: throbcrunchsurely.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 933029387f38c347da219eb161f74eee\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":273,"dns":1,"connect":92,"send":0,"wait":104,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 46096\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:17:25 GMT\r\netag: \"68327db5-b410\"\r\nexpires: Fri, 17 Oct 2025 19:36:29 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"ed4f60d20941ae5888b01b01916f2e88","sha1":"e35f9e4ac46b078a6627e153c36fa08b0750f9fc","sha256":"e4092e5b649b52528da0fc6ac5ef1ae0530699d6e0b29c3fa0eb83478c99f5ed","sha512":"55d3bedc530d7c9751dfdf88f78fc55c6dc87c772edafb974240b896bf4dd1ed8cdfc538f8075a31dbd14e5e88b55946a0c81b734bb670c2d639e9900ee76095","ssdeep":"768:CX3yKRSHXnYe/8/geEnPDDO5usUZSEN+wNvQix0UgI4FiOt7ILUaPAWSN8V:eyKRSXdUDEnPfPUENdNoFiDPJ","tlshash":"7423f13625269c94d2599bfc0b3618d4e3e88484a5d68f56af4907c2abc1fc3ccdccb5","first_seen":"2025-06-05T18:59:05.430298Z","last_seen":"2026-01-06T02:07:37.704074Z","times_seen":696,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22504\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Oct 2025 00:06:55 GMT\r\nexpires: Thu, 15 Oct 2026 00:06:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 70175\r\nlast-modified: Mon, 15 Sep 2025 17:09:19 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22504,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22504, version 1.0","md5":"1c6c65523675abc6fcd78e804325bd77","sha1":"898d9808304dc157f5dcb18ca169ec6e2b96b3d7","sha256":"08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92","sha512":"1505e8496c9bee214c5f8815f8d88a31ffe2baeb6fba81a8228bd52220b9b2bb10464c1e1dba11d6881583dfa478cdfb30a79cfa6f069c362fb65443feb06918","ssdeep":"384:ZbL6k1TUlBxUp5VLlLJGv2VulERzgWuXlY9zehEsapJznPEUAAnUgf0n6iXatBbF:pLfTuYfVVJGv2VuIzgWAlYteh6nPEzAF","tlshash":"8aa2f18a13d7a414878983f12c5ed63d7fac7cc7994282d2a606bc494e3dcb6b430bc4","first_seen":"2023-04-17T13:30:58Z","last_seen":"2026-04-04T11:17:31.4014Z","times_seen":28398,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.770971676583.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.770971676583.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.770971676583.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=4fe0739da1ec9f15e986867a843bf991fe1a0ef0ca1cff29e48585fa1d4407eab266f21143ac62ab6cb52e267744b3451bdcf8f4c94f3ebef0eef2ef952763d42ce204fa25427a55b7bf7c46eafb44723d0460fbc64770b9845746\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3e737ffa24e8c7a456b5c4c1ed1ded13\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4630,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":738,"timings":{"blocked":318,"dns":22,"connect":95,"send":0,"wait":102,"receive":0,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1440435167276.js?key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1440435167276.js?key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://skinnycrawlinglax.com/watch.1440435167276.js?dev=e\u0026key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=59bfe5caed488f1b1bc25ceb59ff371921beaed8ad9ebd614087c9bb9d99256342510cf2a0a84657fd0a176a1152a8a1fa82547b5ac943820cf2e1a1a61090f99465db7eba8f14bcd122dd576d0d590b8b602afeb664fa281f13e0\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.w_88Kt97WnEIprWAD2hQ69_2zkWEdKyBUQ-LnfpS0YI; expires=Wed, 15 Oct 2025 19:37:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7677688b7c1948cb9697add3a364127f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4724,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f28a1198c98b94df67a70edb79176a48/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f28a1198c98b94df67a70edb79176a48/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 032d0d1787aae64005824fd56a217498\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46243,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46243), with no line terminators","md5":"1ba0ba96e1fa4ec5ebd41627333db3ed","sha1":"79bb2fcbe4e77d365195e2625a9e0a0208d794cc","sha256":"cb9f1d5167bca56e78f770e9c8ede28f5c32a22d05b31ade8bb01ea617589023","sha512":"d130597ab8f2d7dcedaaa607356be18fc48ef792735d42f13c5c3a4b80b59f124fa06faf911f7ffeb862c32b06c33904cd06bcdab34359ac2cb15f789f721850","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yyb4ja2u:36rxKbk0CrQ+fdwNDba1lIlcPEE2u","tlshash":"eb23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.648461Z","last_seen":"2025-10-15T19:37:20.648461Z","times_seen":1,"resource_available":true,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":9,"connect":95,"send":0,"wait":96,"receive":93,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8b6f221fb7f0bd2c9eccfddf167fe318\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.1129829337874.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.1129829337874.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.1129829337874.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=d691383644387b3c6cf451bcc82ed5c544b023dae4f74526d9b4f4858ddcfbe91346ad4749580faead9cc27a579f3e2f525c15132af8b3ca972f29fafed8a9e7b28511ad207d39f9e7d07d7d3f1eb4052071221198be572a3885ae\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2d6c971fde9609eb0b5bd7f81e0792e5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1291734316962.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=3ab0f37bc65d497a168867ef08aa4c5fe3460924424ec84a68a83602239d20a4554495d5484241bdc8f949066ffbec2fb5a11d0de662683818547039536aebcdc1f167d9823876705c0725af3a490ce12554e04c3e8c9d64584794\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1291734316962.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=3ab0f37bc65d497a168867ef08aa4c5fe3460924424ec84a68a83602239d20a4554495d5484241bdc8f949066ffbec2fb5a11d0de662683818547039536aebcdc1f167d9823876705c0725af3a490ce12554e04c3e8c9d64584794\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 2856\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5556e45dfa41de6a8a31c264fca282b4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4618,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3742)","md5":"447f5ffe691a5fcf9b75ef26c6b5e545","sha1":"fc3c289e4e29a2c0f13f93de340884a1ffd52b14","sha256":"3f07b862a444471c8b81ce1e96745d9dfffa805ab237395abe5b1cd2c4715b1e","sha512":"ea5df06239aad0d4d6d3bd3d3568150bca5f86508781d7e60556e12798b92313370c774a5b2ecdaf5b22a8fcc3c3fd1f3eaed7c50d4612869e27ce29521f868b","ssdeep":"96:yoz3t0X4bY0EV20aZGTk/WebLiU7T5a4k8/1ZDWCfMEDaH:vz04b/EVgZGTkueb+A5aB8dVWCkCaH","tlshash":"46911b3a5fdc206dc597745f1a77610c2e62420b1a00c99dfd5cd6863b20ea0667ed9e","first_seen":"2025-10-15T19:37:20.653181Z","last_seen":"2025-10-15T19:37:20.653181Z","times_seen":1,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pl23924524.highratecpm.com/c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js","fqdn":"pl23924524.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highratecpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 22:56:35 GMT","end":"Fri, 19 Dec 2025 22:56:34 GMT"},"fingerprint":{"sha1":"09:55:75:01:0C:70:AF:6F:8E:56:01:66:32:02:9A:D6:5C:2B:32:FD","sha256":"30:C5:C8:19:3B:E4:B4:FE:41:DF:58:D4:1F:26:4C:E7:D5:8D:50:5B:F5:CE:9E:9B:DD:50:00:7B:A4:D8:92:29"}}},"request":{"raw":"GET /c2/a4/79/c2a4795bd129ec38aabf8f830c396956.js HTTP/1.1\r\nHost: pl23924524.highratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32691\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 8\r\nHost: pl23924524.highratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a3fa65d29c748d81385fe0bb60b8df25\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":84196,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e01d4bdeeec03bbf049a7059ff4dc583","sha1":"fff07536f31ccaebd4e27304c1311ca6fe684a8e","sha256":"ceeb75b4e052e57d6a8e216bd2402572e15ca191513b5e8d5e01fe7093f3edb8","sha512":"0efef90550993baaab19cf98d764839c9d8b216a63738bf199db3853036c6b4a122f809960ace18a5b7b4289a001511199b9e4cc652392cda01d364050b2c85d","ssdeep":"1536:U0tsDEFAkM9IWf3pDTf0zpxftTgA4VEIaUa4Ru37oIXDWeGXMtb4cnSzB:QDxk4+BgA4VEIaUa4McBeGXMtb4/","tlshash":"af83f848bb82b869425630ba332ff01af15a4d421da8d444dc57f8d96fb8b1df637e24","first_seen":"2025-10-15T19:37:20.657145Z","last_seen":"2025-10-15T19:37:20.657145Z","times_seen":1,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl23924524.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"throbcrunchsurely.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu2Swe4kFMxJsyBw8q7mz_mt5pgwTXGAnGJCaRgOKhfnTPlltd1XZ1T2_2INGABC-u4EG92PvNJhs1iHoTiYRZLxIQ0if3kEXxDxAR4lV6MrD6oN77Xn11-N5X7_3Nco_4KOnumVfMulSKLvZ7TvfJC1ILU9nuqfNd1-k5R7oXpA6DI921NuWjZ10_6DlPdV-K-apZ9BzXcVzH7R6XeZyYtcUpC5ndiNxe5PQCr-f2A6zl_-9t2YGlHYjRHjkEKZqH_kjegOQT6PSbY7FdLUz2zItpqWhhcozE9mt6VZtKI92HSd5Bordnr2FsQ8gnczB6ezYBzGirnQBMNmTu0btgensmE2x09b5SphBrMPEgqtEEsZpA0gm4uQwp7hCAC5w6DZ1eO2Xyil68z9KWbcj8vb8hq4bM330EOv16Wcm17jmjykIabbGW1JBrE8jhBFm5g2J9DrLaAS_egxS_kMV7J6HTrdNWGUix-4SIGI1Ct78QMeEtBFEULdC-IxbcMBw41PdDn7lTi2QyAbUdlO2RHZRJB2XWQSp2u4EzCLhL_TCJBF9yAhoEImZONPAch0Z8CSVvtW-gyDbA1QZ4fglZ_u514S_FPuPBJsOq_OhO_xDy8hbsSg0rHoMtGtJ59R2MRI0qJqgsQUUJKklQFQTVqL4qlPVsfU0oWzJ3Vr1Z9euxKYab9KophrEmoPkGclFvyextexm8ODBeT6wYmzZRVtRjykS9me2Rh1ujO-quxmq82_X7UZKIgYg8HoqBuzRwRTjg1OMJZ4HjebCyhrRzU3vWZUOeu_k7MtmQx7c-BKM7sGoHXB4ALV3QqgZdqbGuvzOplquqtHIU97hJe3oIYWpkxTyKi51NtUcOj8-eX741_fU3f72FmN8mswDPa2R5jbfkTwRDdWV81lRk66ypLPn2dFbIVK7TdiPOFbSIH_jy5fhiZXJx4pjd-OJ53hItvHE-tsVJqoXUQ0u-WpZCxPlxk_OY3DxhL8TsTGlXlstcl9nJMy8cP5FmeWytNHoCKhty8K8PwGVDDv_4-XTb-0__Bp5dgs32dVpDwLI5KEmg4v17ymrY__RsH2_aKxjm86DFZei0xiivMVI1qNqALQ-Oiyy_ffTnT9v4DEzNj5nK57eYytXHrU83p2a16fuGvH79KKzc7fY95oeDQRgnoUh84Xu-iPpOHAU0CoMo6KOwzcqf__zwbwAAAP__7S8vHZ8EAAA=","fqdn":"throbcrunchsurely.com","domain":"throbcrunchsurely.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"throbcrunchsurely.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Oct 2025 08:35:19 GMT","end":"Wed, 31 Dec 2025 08:35:18 GMT"},"fingerprint":{"sha1":"50:72:94:2F:4C:52:0E:93:94:98:D2:04:39:34:0F:85:38:24:92:92","sha256":"A1:7D:09:0B:38:C0:E1:52:80:EB:94:D5:35:4F:7F:DC:F5:5E:0A:9C:B1:82:D5:82:DA:BE:C3:A1:97:1B:81:8D"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu2Swe4kFMxJsyBw8q7mz_mt5pgwTXGAnGJCaRgOKhfnTPlltd1XZ1T2_2INGABC-u4EG92PvNJhs1iHoTiYRZLxIQ0if3kEXxDxAR4lV6MrD6oN77Xn11-N5X7_3Nco_4KOnumVfMulSKLvZ7TvfJC1ILU9nuqfNd1-k5R7oXpA6DI921NuWjZ10_6DlPdV-K-apZ9BzXcVzH7R6XeZyYtcUpC5ndiNxe5PQCr-f2A6zl_-9t2YGlHYjRHjkEKZqH_kjegOQT6PSbY7FdLUz2zItpqWhhcozE9mt6VZtKI92HSd5Bordnr2FsQ8gnczB6ezYBzGirnQBMNmTu0btgensmE2x09b5SphBrMPEgqtEEsZpA0gm4uQwp7hCAC5w6DZ1eO2Xyil68z9KWbcj8vb8hq4bM330EOv16Wcm17jmjykIabbGW1JBrE8jhBFm5g2J9DrLaAS_egxS_kMV7J6HTrdNWGUix-4SIGI1Ct78QMeEtBFEULdC-IxbcMBw41PdDn7lTi2QyAbUdlO2RHZRJB2XWQSp2u4EzCLhL_TCJBF9yAhoEImZONPAch0Z8CSVvtW-gyDbA1QZ4fglZ_u514S_FPuPBJsOq_OhO_xDy8hbsSg0rHoMtGtJ59R2MRI0qJqgsQUUJKklQFQTVqL4qlPVsfU0oWzJ3Vr1Z9euxKYab9KophrEmoPkGclFvyextexm8ODBeT6wYmzZRVtRjykS9me2Rh1ujO-quxmq82_X7UZKIgYg8HoqBuzRwRTjg1OMJZ4HjebCyhrRzU3vWZUOeu_k7MtmQx7c-BKM7sGoHXB4ALV3QqgZdqbGuvzOplquqtHIU97hJe3oIYWpkxTyKi51NtUcOj8-eX741_fU3f72FmN8mswDPa2R5jbfkTwRDdWV81lRk66ypLPn2dFbIVK7TdiPOFbSIH_jy5fhiZXJx4pjd-OJ53hItvHE-tsVJqoXUQ0u-WpZCxPlxk_OY3DxhL8TsTGlXlstcl9nJMy8cP5FmeWytNHoCKhty8K8PwGVDDv_4-XTb-0__Bp5dgs32dVpDwLI5KEmg4v17ymrY__RsH2_aKxjm86DFZei0xiivMVI1qNqALQ-Oiyy_ffTnT9v4DEzNj5nK57eYytXHrU83p2a16fuGvH79KKzc7fY95oeDQRgnoUh84Xu-iPpOHAU0CoMo6KOwzcqf__zwbwAAAP__7S8vHZ8EAAA= HTTP/1.1\r\nHost: throbcrunchsurely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl23911790=1; nlec359ffd8d92c6d81781d68ca2cfcb4022=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: throbcrunchsurely.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 009fcaae0cff6af025e18bbbcdfa89a7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":647,"timings":{"blocked":271,"dns":1,"connect":91,"send":0,"wait":96,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"throbcrunchsurely.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:18:00 GMT\r\netag: \"68327dd8-3b2f\"\r\nexpires: Fri, 17 Oct 2025 19:36:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c2a4795bd129ec38aabf8f830c396956\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:31.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c2a4795bd129ec38aabf8f830c396956\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:31 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4eb924a681761d3d7b34bde674ccb13f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":662,"timings":{"blocked":280,"dns":0,"connect":92,"send":0,"wait":96,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.68266351502.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.68266351502.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: close\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.68266351502.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=bd4a9bae923fd153186209e631bdfc18f93f61c8d7a9f202b07a444ab38a51d40ae1e89f1498ec998489ba7206afc222f5b6827fa47f8a0ba871c8355be86cf1c76760ff28fa1f14021b06182ee61ec16ba6dff41f12075bfc73b8\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 648a3916682e0e4f5e9fcaf5b4867252\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":49,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /da4057f56deac1caae7482053a78f1aa/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18411\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a6b6f99a23cd7f393a2b54bc55bbf508\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"901be68ba602537e0c44fa5324842fa6","sha1":"800b23f987a6c7ebedeb543bf536807296ed1517","sha256":"7f16f6088b5ea1a92215eff3d5bd27b868a2dd8941f410e99668675241a34d67","sha512":"99edb24cd6c91fe17ccb36f3e226341c4cad7665d659da81de1f982e74b91056ecfb7cfaf00434c49905a18300ad5641a1e21e80cada835ccdf4e20279ee1c78","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsja2n:36rxKbk0CrQ+fdwNDba1lIlcPEM2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.663264Z","last_seen":"2025-10-15T19:37:20.663264Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3e90717f339e749a92d772859c1be316\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-04-04T09:06:35.652387Z","times_seen":980,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RUz4scRRSu2U08RFBMxKPMwYOKO1tV_WOqDSKuMRKMSUwiOYhI_Zwtp6e77eqe3uzFYCAELy4eRG89b2Z3_RFEPYiXSJj1FhAyXtxDFsU_QESIV-nZhdWCrvfe930N32ve6xujcg95UPLdC6-n6zaO-XLQwe2nr9hEpZVrn7vcJriDT7av2CT0T7bXmisfPk88v4Ofab-qZT9dpphgTDBpn7a5Nuna8pwFm92KSCfCHZ92SODDWv7_2pWL4PgiqOEeOg5WzR79w7wFVk4hGXxzSrt-kWbPvTIoY16kOQzV9ptJP0mrBAaHqclbYJLtAzWkbobQpwuQJtsHHUA6nDQdgLAztPDEfRDJ9oFNEMPNfaciBp2AUA9DNZyCjnfA8inI9DpYdQ8BSAXnzkMy2DqX5hW_us_yhp2hIw_-BlvN0JH7j0My-HoltmvtS2lcFjZNHKyZGuzaFGxvClk5hWJ9AWy1A7L4AKz6GS0_OAvJYHLexSlYtfuUigSPQhIsRULRJT-KoiUeYLVEwpBh7nmhJ8j8E1kzBe5aUDaPbUFpWlBmLRio3baPmS8J90ITKdnFPvd9pQWOGMWYR7ILpWy8b0CRbYCMN0DmNzfLRLpgRG-V72Qx9Rj1GKMjspWp1aI_nBR5qSeNZEQ_34eoNwe3GpB6I3L4YhSFI7K9rwrmIsjya9C3H98Ljt87-hvk5R1wq7vfC-XzSHAdUc8oEniEhRRHOvSIUEYSZiLPhEQy1eWRoZgK3OW-73PhMR4Q5WOuiWaRIX7EtIwi5rNI8C7FITeSUmoCETLaNdzvGsax4KxLJPOCQGgWSkNkN-yG2BjKDCeG-JgSgUPCqNYh0ZKEgofKGJ8YQnE3EEZ2PcHAqUfAFTPUeuN9GKoaKo2gcggqjqCyCKoCQTWsN1XsqKu3VOxKQQ4iPYhePU6L3ohvpkVPJwh4vgG5qic2e89dB1ksjteNU-O0ubgo6jEXqh5le-ixZuha_RvHoK9329j3TGgCEghsfE29EEcho0xJhYXuMgXO1mDdwnxU1u0MvXD7d8jsDD05-QgE3wEX74C0i8DLo8CrsYcx8NUxDTCsJ9-lg8T249LZoe7IdNBJeqDSGrLiCBRXW6N4D50YX7y8cme-B2__OgQt76KDAzKvIctreNf-hKAX3xxfTCs0uZhWDn17PivswK7zZkcuFbzQD335mr5apbk6c8ptfPGSbIgmvXVZu-IsT5RNeg59tWKV0vnpNJca3T7jrmhxoXSrK2WelNnZCy-fPjPIcu2cTZMpcDtDx_76EKSdoRM_fjbf_-DZT0Bm18Blhz5dikBkCGKLINaHOBc1uP_U4jAfuZvQy1vAi-uQDGoY5jUM4xp4vNH81MZFlt998RdvfkDErbGIczQRcd7wdrdtPE0lxqwbEo8ZTTxfSRMwP1Ihx56noXCz1T__-eHfAAAA__-xj-p9nQUAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RUz4scRRSu2U08RFBMxKPMwYOKO1tV_WOqDSKuMRKMSUwiOYhI_Zwtp6e77eqe3uzFYCAELy4eRG89b2Z3_RFEPYiXSJj1FhAyXtxDFsU_QESIV-nZhdWCrvfe930N32ve6xujcg95UPLdC6-n6zaO-XLQwe2nr9hEpZVrn7vcJriDT7av2CT0T7bXmisfPk88v4Ofab-qZT9dpphgTDBpn7a5Nuna8pwFm92KSCfCHZ92SODDWv7_2pWL4PgiqOEeOg5WzR79w7wFVk4hGXxzSrt-kWbPvTIoY16kOQzV9ptJP0mrBAaHqclbYJLtAzWkbobQpwuQJtsHHUA6nDQdgLAztPDEfRDJ9oFNEMPNfaciBp2AUA9DNZyCjnfA8inI9DpYdQ8BSAXnzkMy2DqX5hW_us_yhp2hIw_-BlvN0JH7j0My-HoltmvtS2lcFjZNHKyZGuzaFGxvClk5hWJ9AWy1A7L4AKz6GS0_OAvJYHLexSlYtfuUigSPQhIsRULRJT-KoiUeYLVEwpBh7nmhJ8j8E1kzBe5aUDaPbUFpWlBmLRio3baPmS8J90ITKdnFPvd9pQWOGMWYR7ILpWy8b0CRbYCMN0DmNzfLRLpgRG-V72Qx9Rj1GKMjspWp1aI_nBR5qSeNZEQ_34eoNwe3GpB6I3L4YhSFI7K9rwrmIsjya9C3H98Ljt87-hvk5R1wq7vfC-XzSHAdUc8oEniEhRRHOvSIUEYSZiLPhEQy1eWRoZgK3OW-73PhMR4Q5WOuiWaRIX7EtIwi5rNI8C7FITeSUmoCETLaNdzvGsax4KxLJPOCQGgWSkNkN-yG2BjKDCeG-JgSgUPCqNYh0ZKEgofKGJ8YQnE3EEZ2PcHAqUfAFTPUeuN9GKoaKo2gcggqjqCyCKoCQTWsN1XsqKu3VOxKQQ4iPYhePU6L3ohvpkVPJwh4vgG5qic2e89dB1ksjteNU-O0ubgo6jEXqh5le-ixZuha_RvHoK9329j3TGgCEghsfE29EEcho0xJhYXuMgXO1mDdwnxU1u0MvXD7d8jsDD05-QgE3wEX74C0i8DLo8CrsYcx8NUxDTCsJ9-lg8T249LZoe7IdNBJeqDSGrLiCBRXW6N4D50YX7y8cme-B2__OgQt76KDAzKvIctreNf-hKAX3xxfTCs0uZhWDn17PivswK7zZkcuFbzQD335mr5apbk6c8ptfPGSbIgmvXVZu-IsT5RNeg59tWKV0vnpNJca3T7jrmhxoXSrK2WelNnZCy-fPjPIcu2cTZMpcDtDx_76EKSdoRM_fjbf_-DZT0Bm18Blhz5dikBkCGKLINaHOBc1uP_U4jAfuZvQy1vAi-uQDGoY5jUM4xp4vNH81MZFlt998RdvfkDErbGIczQRcd7wdrdtPE0lxqwbEo8ZTTxfSRMwP1Ihx56noXCz1T__-eHfAAAA__-xj-p9nQUAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 436d2a4901e12b7c6b9e2630d03f6ee3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2097\u0026rd=2097\u0026fd=565\u0026bv=25.10.2289\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2097\u0026rd=2097\u0026fd=565\u0026bv=25.10.2289\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":717,"timings":{"blocked":290,"dns":1,"connect":93,"send":0,"wait":135,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pl24012289.highratecpm.com/359ffd8d92c6d81781d68ca2cfcb4022/invoke.js","fqdn":"pl24012289.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highratecpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 22:56:35 GMT","end":"Fri, 19 Dec 2025 22:56:34 GMT"},"fingerprint":{"sha1":"09:55:75:01:0C:70:AF:6F:8E:56:01:66:32:02:9A:D6:5C:2B:32:FD","sha256":"30:C5:C8:19:3B:E4:B4:FE:41:DF:58:D4:1F:26:4C:E7:D5:8D:50:5B:F5:CE:9E:9B:DD:50:00:7B:A4:D8:92:29"}}},"request":{"raw":"GET /359ffd8d92c6d81781d68ca2cfcb4022/invoke.js HTTP/1.1\r\nHost: pl24012289.highratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15703\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: pl24012289.highratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7870810239615a847c2939248a199238\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43288,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43286), with no line terminators","md5":"75b22bbeb727f9dd45082ddfc7dee9e6","sha1":"05ac73755a2878400c6e532e48d9c5fcfcb1632c","sha256":"bf2db14c96ff1b7a8fd68c87d02f8ebbed1789093cd36d3a919e93d5dee76d0f","sha512":"70775909f10d61bc220a662e070b0d9a8a0429bd4ae391972d425806a7ad6fa7d8a7caf09de1865ffcf355f18c8e5e823530bd273eb958e9e6ab2e2a3fde66f5","ssdeep":"768:McMESno4Q0ygG0I9lwTd+v8I6FtfKAJEOlhP4D5YStbpoX:YnkATdlqVVloX","tlshash":"b213b8ec7f45b2ad028b6823113f660af1399b1275cdd5acf192f0e8279c759c93ae14","first_seen":"2025-10-15T19:37:20.668345Z","last_seen":"2025-10-15T19:37:20.668345Z","times_seen":1,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pl24012289.highratecpm.com/359ffd8d92c6d81781d68ca2cfcb4022/invoke.js","fqdn":"pl24012289.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highratecpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 22:56:35 GMT","end":"Fri, 19 Dec 2025 22:56:34 GMT"},"fingerprint":{"sha1":"09:55:75:01:0C:70:AF:6F:8E:56:01:66:32:02:9A:D6:5C:2B:32:FD","sha256":"30:C5:C8:19:3B:E4:B4:FE:41:DF:58:D4:1F:26:4C:E7:D5:8D:50:5B:F5:CE:9E:9B:DD:50:00:7B:A4:D8:92:29"}}},"request":{"raw":"GET /359ffd8d92c6d81781d68ca2cfcb4022/invoke.js HTTP/1.1\r\nHost: pl24012289.highratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15700\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: pl24012289.highratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b0f97334f9f6de4435bc37536f30c396\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43280,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43278), with no line terminators","md5":"4c7fade0f45c87207ef2f13f7be1b142","sha1":"a4bb5400f133fc66ad83fb3f59a10ee1c48fe81a","sha256":"6a70835214aff29998f2bb83d5a08d7fd8c409f15cbd0808b3041b6280053e42","sha512":"7a8597d33fee910d29be5cc1062458e3caa79df91ee432f5e798492c2c583f46fbc17306f47626dca7978a9819e9891088934a97b97bc54b02049083718e320c","ssdeep":"768:McMESno4Q0ygG0I9lwTd+v8I6Ftf0AJEOlhP4BnYStbpU:YnkATdl0pVlU","tlshash":"a113c9ec7f45b2ad028b6823113f660af1399b5275cdd5acf192f0e8279c758c93ae14","first_seen":"2025-10-15T19:37:20.67597Z","last_seen":"2025-10-15T19:37:20.67597Z","times_seen":1,"resource_available":true,"data":null}},"time_used":748,"timings":{"blocked":274,"dns":1,"connect":92,"send":0,"wait":100,"receive":92,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMIuRkRS788PVvEJ_MP7cYHeIpb1NbnCMLrjApTeE7AzcHSXlrKzNMVo8dO-HbL3AC9Bg9pD-RAJlPTUKNXkyg6otz5KzxEscacUAvUZdgMDnY06-1fzobSgHUbqkq7iE9FglXnUdgQZzznhCpVgzRpeVt6JwHqOAUFBN1zst5vtinE-VRc_goot-wvLY/w305-h320/Certificate%20of%20Origin%20-%20How%20to%20get%20it.jpeg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgMIuRkRS788PVvEJ_MP7cYHeIpb1NbnCMLrjApTeE7AzcHSXlrKzNMVo8dO-HbL3AC9Bg9pD-RAJlPTUKNXkyg6otz5KzxEscacUAvUZdgMDnY06-1fzobSgHUbqkq7iE9FglXnUdgQZzznhCpVgzRpeVt6JwHqOAUFBN1zst5vtinE-VRc_goot-wvLY/w305-h320/Certificate%20of%20Origin%20-%20How%20to%20get%20it.jpeg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v119\"\r\nexpires: Thu, 16 Oct 2025 19:36:30 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Certificate of Origin - How to get it.jpeg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\nserver: fife\r\ncontent-length: 11841\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11841,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 219x230, components 3","md5":"44c66301a3a44f8dd0f2856f63ffed64","sha1":"35eaa18e2a4a8db21463bd4b030a1eeb2f101d21","sha256":"fc2e07c03841cc28c22a60f7dab8c7205f9fe2125315aa144ce3931160cf16a4","sha512":"45d60572c6b3c598990e8bdac3da5a0034902ea0dba1514a2daec747e93a8b96391abd526d56a90f2fcaa01c802cdc6f9c536c4a8856669c47e2817b074b7c5f","ssdeep":"192:XwV23HbLanoipFfMr3hLR/b2a8YRoP4jdm+fW56PlD1BbDztIibq6BS0//Fh/:XweXanoWiJtb2gRomaYlDntIibq6Q0/f","tlshash":"6632c0b970491212e3a0777158531e613609c9faa458e7dfa200865bbe6b0fb4e49ccd","first_seen":"2025-10-15T19:37:20.680664Z","last_seen":"2025-10-15T19:37:20.680664Z","times_seen":1,"resource_available":false,"data":null}},"time_used":951,"timings":{"blocked":67,"dns":7,"connect":9,"send":0,"wait":807,"receive":1,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbs?c=1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv5=true; uncs5=2; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:30 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":281,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/impr.gif?sid=H4sIAAAAAAAC_1RUzYsc1Rd9PUl-i_wWYiIupRcuVJye9159G0QcYyQYk5hEshCR9znz7Op6Zb2qrsmAEAyE4MbBheiu-nbPjB9B1IUrI6HHXUBIu3EWGRT_ABEhbqV6BkYf1Lv3nnMKzi3urZujag95ULHdi6_ZdZOmbCno4e5TV00mbe265690Ce7hU92rJgv9U9219iqGzxHP7-Gnu68o0bdLFBOMCSbdM6ZQ2q4tzVkw-e2E9BLc82mPBD6sFf-tXXUEHFsAOdxDJ8DI2SO_6zfBiClkg69PK9cvbf7sy4MqZaUtYCi338j6ma0zGBymuuiAzrYP1GDdDKFPFsBm2wcdgB1O2g6AmxlaePwB8Gz7wCbw4ea-U56CyoDL_0M9nIJKd8CwKQh7A4y8jwCEhPMXIBtsnbdFza7ts6xlZ-jow7_A1DN09MFjkA2-Wk7NWveyTavS2MzBmm7ArE3BrEwhr6ZQri-AqXdAlO-DkT-hpYfnIBtMLrjUgpG7T8qEsyQkwWLCJV30kyRZZAGWiyQMY8w8L_Q4mX8io6fAXAeq9jEdqHQHqrwDA7nb9XHsC8K8UCdSRNhnvi8Vx0lMMWaJiKASrfcNKPMNEOkGiOLW7ertPKVeTL0kCUdkK5erZX84KYtKTapMuBHd3oeCObbZYsGIHL4Wx3REPtvXUG8u2mpF1BsRyIvr0Dcf3Q9O3D_2KxTVXXCru9-RIKSBjCimEeFYU85iLuKIhn4iQollQAmLeUy4oIwHKlS-DETs-ZwpTJUKIq3jREW-8AMpQ1_qJAhDSbWvcRzHIkpYxAJOJI9jSjShWIkw4SoijGov5gnDhFBfRIJjP4moDAiVvhcRzYVOJEsop0nsE60F9UKZYM8nScDByS64coY6r78HQ9lArRDUDkHNENQGQV0iqIfNpkwddc2WTF3FyUGkB9FrxrZcGbFNW66oDAErNqCQzcTk77obIMoj43Xt5Ni2F-NlM2ZcNqN8Dz3aDl2nf_M49NVuF_ueDnVAAo61r6gX4iSMaSyFxFxFsQRnGjBuYT4q62aGnr_zG-Rmhp6YfAic7YBLd0CYI8CqY8DqsYcxsNUxDTCsZ9_aQWb6aeXMUPWEHfSyFZC2gbw8CuW1zijdQyfHl64s353vwVu_DEGJe-jggCgayIsG3jE_IlhJb40v2RpNLtnaoW8u5KUZmHXW7sjlkpXqf1-8qq7VtpBnT7uNz18ULdGmt68oV55jmTTZikNfLhspVXHGFkKhO2fdVcUvVm51uSqyKj938aUzZwd5oZwzNpsCMzN0_M8PQJgZOvnDp_P9D575GER-HVx-6NNZBDxHkBoEqTrEGW_A_avmh_nI3YKVogOsvAHZoIFh0cAwbYClG-1PbVzmxb0XfvbmB3jaGfO0QBOeFi1vdrvaU1RgHEch8WKtiOdLoYPYT2TIsOcpKN1s9Y-_v_8nAAD__wX6mS-dBQAA","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RUzYsc1Rd9PUl-i_wWYiIupRcuVJye9159G0QcYyQYk5hEshCR9znz7Op6Zb2qrsmAEAyE4MbBheiu-nbPjB9B1IUrI6HHXUBIu3EWGRT_ABEhbqV6BkYf1Lv3nnMKzi3urZujag95ULHdi6_ZdZOmbCno4e5TV00mbe265690Ce7hU92rJgv9U9219iqGzxHP7-Gnu68o0bdLFBOMCSbdM6ZQ2q4tzVkw-e2E9BLc82mPBD6sFf-tXXUEHFsAOdxDJ8DI2SO_6zfBiClkg69PK9cvbf7sy4MqZaUtYCi338j6ma0zGBymuuiAzrYP1GDdDKFPFsBm2wcdgB1O2g6AmxlaePwB8Gz7wCbw4ea-U56CyoDL_0M9nIJKd8CwKQh7A4y8jwCEhPMXIBtsnbdFza7ts6xlZ-jow7_A1DN09MFjkA2-Wk7NWveyTavS2MzBmm7ArE3BrEwhr6ZQri-AqXdAlO-DkT-hpYfnIBtMLrjUgpG7T8qEsyQkwWLCJV30kyRZZAGWiyQMY8w8L_Q4mX8io6fAXAeq9jEdqHQHqrwDA7nb9XHsC8K8UCdSRNhnvi8Vx0lMMWaJiKASrfcNKPMNEOkGiOLW7ertPKVeTL0kCUdkK5erZX84KYtKTapMuBHd3oeCObbZYsGIHL4Wx3REPtvXUG8u2mpF1BsRyIvr0Dcf3Q9O3D_2KxTVXXCru9-RIKSBjCimEeFYU85iLuKIhn4iQollQAmLeUy4oIwHKlS-DETs-ZwpTJUKIq3jREW-8AMpQ1_qJAhDSbWvcRzHIkpYxAJOJI9jSjShWIkw4SoijGov5gnDhFBfRIJjP4moDAiVvhcRzYVOJEsop0nsE60F9UKZYM8nScDByS64coY6r78HQ9lArRDUDkHNENQGQV0iqIfNpkwddc2WTF3FyUGkB9FrxrZcGbFNW66oDAErNqCQzcTk77obIMoj43Xt5Ni2F-NlM2ZcNqN8Dz3aDl2nf_M49NVuF_ueDnVAAo61r6gX4iSMaSyFxFxFsQRnGjBuYT4q62aGnr_zG-Rmhp6YfAic7YBLd0CYI8CqY8DqsYcxsNUxDTCsZ9_aQWb6aeXMUPWEHfSyFZC2gbw8CuW1zijdQyfHl64s353vwVu_DEGJe-jggCgayIsG3jE_IlhJb40v2RpNLtnaoW8u5KUZmHXW7sjlkpXqf1-8qq7VtpBnT7uNz18ULdGmt68oV55jmTTZikNfLhspVXHGFkKhO2fdVcUvVm51uSqyKj938aUzZwd5oZwzNpsCMzN0_M8PQJgZOvnDp_P9D575GER-HVx-6NNZBDxHkBoEqTrEGW_A_avmh_nI3YKVogOsvAHZoIFh0cAwbYClG-1PbVzmxb0XfvbmB3jaGfO0QBOeFi1vdrvaU1RgHEch8WKtiOdLoYPYT2TIsOcpKN1s9Y-_v_8nAAD__wX6mS-dBQAA HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=2; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 9\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a9ae20621153d20097547644443d45c7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /da4057f56deac1caae7482053a78f1aa/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18420\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e3d436d89f8c000ac9f0687b19efdbe9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"32263aaf0c2e345f7dc4018e4332cd0e","sha1":"4fbfc90466d7b6d782b129be6cf5d12d4b0e6adf","sha256":"3dd6cf4e9efa71a107413b382912bc8cc1896042aecc43ba15089dfd5dcdc597","sha512":"19f7d3ee936e830e1e71de6dc4a7044d9ffe40c17f2e3a8b2d5f2e09e2a617f19ddee36b166d26cd5b79741ebfcc1254f897850fbf90937176daf80fb880dca4","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsj95G:36rxKbk0CrQ+fdwNDba1lIlcPEP5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.68541Z","last_seen":"2025-10-15T19:37:20.68541Z","times_seen":1,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.8971576817.js?key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.8971576817.js?key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6NSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.sVUirNfr4Ltpj0Z3GqQ0BCi2gkLbL9Esm3prFTHJNos; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv5=true; uncs5=4; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://rashcolonizeexpand.com/watch.8971576817.js?dev=e\u0026key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=193a8762dc1f3d7b6ef45847b29ce57b662c6e683a97f226182dedc4bc37587f06ad36e8a2592b2c164ef03ae3a12ec1b50549c8f7277674b56edb791c28d97ec1ceb45f7444e08c45c72f8a620afb18b8e3a316fcaf7d5b521789\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.z_rtdG8LJ-c36Z2DOTKLwf3vROs2VlWe2UpKlFC7sRM; expires=Wed, 15 Oct 2025 19:37:26 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 99989ed6aefab8d7a3d9362cca2c3881\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4778,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.1028636003190.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=1217784b0326ca660bbe228ad11c74108c541ef639f710eb63299286a47949c4b96854da6bea2eaa68635724a7b679a815a5e899c9814004f1cebb9dd71fa2963ff43afe5ccbf79b852f4026c5a14a847f89d8a0368423db4bfcaf\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.1028636003190.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=1217784b0326ca660bbe228ad11c74108c541ef639f710eb63299286a47949c4b96854da6bea2eaa68635724a7b679a815a5e899c9814004f1cebb9dd71fa2963ff43afe5ccbf79b852f4026c5a14a847f89d8a0368423db4bfcaf\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=5; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=5; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 3542\r\nConnection: close\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs=6; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs5=6; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 7\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 01469a9388d8cbb3a31f7036a2b04f38\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4794,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3918)","md5":"cce5fe8cf6ab86d5017de451cfe89486","sha1":"3cb2133aec98ed6a6fcfa204744f0ff9ab338c36","sha256":"f72315e1f174f3d9e0ac9ca14a91d1d9b28721db185193fca57c79cec7aa3721","sha512":"435b1f0b297e25e157340ec11e2664985e2662f7bec537f214e6f811355a29805cb3a830c8dbe258502ade868d3bb370e460d7c3004fd960fc72deb42c5343a5","ssdeep":"96:yoz3t0EHiqIMmOKtftk/Tvf9nbOL9uk4+1ZDWCfMEDaH:vzvCqqtFkDf9bG4iVWCkCaH","tlshash":"4ca11ab1da96a1b8644b747f063b620c3f70861fb106d949f45ce7826f146988afc96c","first_seen":"2025-10-15T19:37:20.689771Z","last_seen":"2025-10-15T19:37:20.689771Z","times_seen":1,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.742655511332.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.742655511332.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://rashcolonizeexpand.com/watch.742655511332.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=47f7b2493cd0351967f5ad57ba5d4a59257d8eaa52f5b45ae56f72dd888ab14d9826debd160d7ce6390846ef8a225817d831c4be5549ee15fa4ec63beddbb9a0a2c94ea8f121f179a1f13699733d91a5e9bd1fff9a68507ecea7d1\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:23 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e01c99d95e58a29e45394664cd482da8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4614,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":658,"timings":{"blocked":282,"dns":1,"connect":94,"send":0,"wait":94,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.822861793833.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=c0301fb493756ccbbc4460ba5ea6b497bac604802ff1f880f26dc23dd53f627b5a860109fe14296a058bc0b49394dfe997e85a2676bc37968e77776a952b8a2df3053f79527877c2024e3d7f543ec17cdf23b73c9ac406210ed368\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.822861793833.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=c0301fb493756ccbbc4460ba5ea6b497bac604802ff1f880f26dc23dd53f627b5a860109fe14296a058bc0b49394dfe997e85a2676bc37968e77776a952b8a2df3053f79527877c2024e3d7f543ec17cdf23b73c9ac406210ed368\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 70055ed306e7a27629093fc05ff20c3e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4770,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3894)","md5":"b35d1d4bd3b8790f2ceffe34c924beff","sha1":"8c67df6a125bc323d719596fba85ae8a6d76d825","sha256":"ddaaf3085329825f03389d748023b61f2c32376c7816426939b10687b62d3934","sha512":"b9116273db058aa7fe2e829fe9fcad8eebb7e9b8f0089230bafc406f28ad8f1fce22bb5a36d7ccec3a288af793bc17cd9a5d04209a33fe6b3117633446f5afe5","ssdeep":"96:yoz+0LMEhxYV0bYje1Fwkk/LNwlEChm7+s9+W9o5W6w1ZDWCfMEDaH:vzN5XcjUkRO5G4voVWCkCaH","tlshash":"7fa15db5bf89d575949670ef643bbb306e2281072604d90638cce3412f74b945dbcc99","first_seen":"2025-10-15T19:37:20.693917Z","last_seen":"2025-10-15T19:37:20.693917Z","times_seen":1,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.968022194519.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=18ab4ec74da305a807a4565ab8245742a0297ba9b631acc1fc60927247951226538596e62747eeeb9e6f3b34221866eeef289ec1f1e71ed62e22f39e030216b13b526344ca941f5b0c9a9faefeb58aea399370964504b48d042736\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.968022194519.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=18ab4ec74da305a807a4565ab8245742a0297ba9b631acc1fc60927247951226538596e62747eeeb9e6f3b34221866eeef289ec1f1e71ed62e22f39e030216b13b526344ca941f5b0c9a9faefeb58aea399370964504b48d042736\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3389\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b7033b88de4f7aab4bd64d65a7bd161a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4766,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3890)","md5":"6f66010ab52a48aa5e54ee473f1ac7a4","sha1":"8f7cdc1c3b3bffd9aea0ad474e2599aabc977a35","sha256":"c21489ac659fc1d7cc268dec1b732d8071613907136aa703168c693d655949bc","sha512":"9672117a4a6320cd577f4e5a22e4767f386663fee34fe9e050c818d036417126cf98f4eeef23d77687780a9d608205f4017a971ab21e618542dbd54ab24476a9","ssdeep":"96:yozE0qy2+Cp208QfT4E542ZwtVk/9PybB23qRfG/4p00w1ZDWCfMEDaH:vz2yiUi0E542ZwzkJA26A/c00oVWCkCM","tlshash":"82a15b625e46a13894da583f553632193e31814a0a05d649b80cd3c7af21f654abedea","first_seen":"2025-10-15T19:37:20.698086Z","last_seen":"2025-10-15T19:37:20.698086Z","times_seen":1,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1291734316962.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1291734316962.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://torchfriendlypay.com/watch.1291734316962.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=3ab0f37bc65d497a168867ef08aa4c5fe3460924424ec84a68a83602239d20a4554495d5484241bdc8f949066ffbec2fb5a11d0de662683818547039536aebcdc1f167d9823876705c0725af3a490ce12554e04c3e8c9d64584794\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0d763d79469ac21591df278da9b89279\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4618,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159528\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b604286e4807aa14b64c233cf5a50ee2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":54,"dns":0,"connect":17,"send":0,"wait":22,"receive":18,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRit2SQe4kFMJEeZgwcVd7aqu7qnyyDiGiPBmMQkkoN4qJ-z5fR0tV3d05s9SDAQghcXQdBb7zebLGoQ9eBBiIRZbwFhx4t7yKL4B4gI8Sq9GVj9oL4f9erwXtWrGxvVHgqh4rsX3nRrNk35UtTD3Wev2Ey52nfPXe4S3MMnu1dsFtOT3dU2FeMXSUh7-Lnu61oO3VKACcYEk-5pW2jjVpf2UbD5HUZ6DPdo0CMRhdXi_7OvOuB5B9R4Dx0Dq2ZP_GHeASunkI2-OaX9sHT5C6-NqpSXroCx2no7G2auzmB00JqiAybbmp8G52cIfbYALtuaKwA33mwVgLAztHDiAYhsa04TxPjWI6YiBZ2BUI9DPZ6CTrfB8ilIdx2s2kEAUsG585CNbp9zRc2vPkJ5i87Q4Yd_g61n6PCDpyAbfb2c2tXuJZdWpXWZh1XTgF2dgh1MIa-2oVxbAFtvgyw_BKt-RksPz0I22jzvUwdW7T6jmOAsJtEiEypYpIyxRR5htUjiOME8DONQkP0rsmYK3HegapftQGU6UOUdGKndLsUJlYSHsWFK9jHllCotMEsCjDmTfahky30dynwdZLoOsrgGeXENhvaTnejYzpHfoKjugV_Z_Z5izCmmVAoRES0DKqXkLAixDhjmLGCEhyFnCeY60ZEOjEyM4DI2lMRBnBCZUB3p2PQlw30ZYRkZHSWUq4QESRgS3WfCREpTncSxjDTnRpN-EhEmVMJVgmNBQy1MYowWieizgHMWSso56WtJWnlM44ASFksV94nCYdyn4NUJ8OUMdd76AMaqgVojqD2CmiOoLYK6RFCPm1sq9YFvbqvUV4LMazCvYTNx5WCD33LlQGcIeLEOhWo2bf6-vw6yPDRZM15NXJu4KJsJF6rZyPfQk60vOsMbR2God7uYhiY2EYkENlQHYYxZnASJkgoL3U8UeNuA9Qv7r7lmZ-ilu79Dbmfo6c2PQfBt8Ok2SHsIeHUEeD0JMQa-MgkiDGvZd26U2WFaeTvWPelGvWwAyjWQl4ehvNrZSPfQ8cnFy8v39q367q8VaHkfzQNk0UBeNPCe_QnBIL05uehqtHnR1R59ez4v7ciu8dbGl0pe6se-fENfrV2hzpzy61-8Ilugbe9c1r48yzNls4FHXy1bpXRx2hVSo7tn_BUtLlR-Zbkqsio_e-HV02dGeaG9ty6bArczdPSvj0DaGTr-4-f7XzR6_lOQ-TXw-QFP7xCIHEFqEaT6YJ-LBvx_ZnHQb_ibMCg6wMvrkI0aGBcNjNMGeLoOvjo0KfPi_su_hPsBIu1MRFqgTZEWLW53uybUgcQ46cckTIwmIVXSRAllKuY4DDWUfrby5z8__BsAAP__9pOOoUAFAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRit2SQe4kFMJEeZgwcVd7aqu7qnyyDiGiPBmMQkkoN4qJ-z5fR0tV3d05s9SDAQghcXQdBb7zebLGoQ9eBBiIRZbwFhx4t7yKL4B4gI8Sq9GVj9oL4f9erwXtWrGxvVHgqh4rsX3nRrNk35UtTD3Wev2Ey52nfPXe4S3MMnu1dsFtOT3dU2FeMXSUh7-Lnu61oO3VKACcYEk-5pW2jjVpf2UbD5HUZ6DPdo0CMRhdXi_7OvOuB5B9R4Dx0Dq2ZP_GHeASunkI2-OaX9sHT5C6-NqpSXroCx2no7G2auzmB00JqiAybbmp8G52cIfbYALtuaKwA33mwVgLAztHDiAYhsa04TxPjWI6YiBZ2BUI9DPZ6CTrfB8ilIdx2s2kEAUsG585CNbp9zRc2vPkJ5i87Q4Yd_g61n6PCDpyAbfb2c2tXuJZdWpXWZh1XTgF2dgh1MIa-2oVxbAFtvgyw_BKt-RksPz0I22jzvUwdW7T6jmOAsJtEiEypYpIyxRR5htUjiOME8DONQkP0rsmYK3HegapftQGU6UOUdGKndLsUJlYSHsWFK9jHllCotMEsCjDmTfahky30dynwdZLoOsrgGeXENhvaTnejYzpHfoKjugV_Z_Z5izCmmVAoRES0DKqXkLAixDhjmLGCEhyFnCeY60ZEOjEyM4DI2lMRBnBCZUB3p2PQlw30ZYRkZHSWUq4QESRgS3WfCREpTncSxjDTnRpN-EhEmVMJVgmNBQy1MYowWieizgHMWSso56WtJWnlM44ASFksV94nCYdyn4NUJ8OUMdd76AMaqgVojqD2CmiOoLYK6RFCPm1sq9YFvbqvUV4LMazCvYTNx5WCD33LlQGcIeLEOhWo2bf6-vw6yPDRZM15NXJu4KJsJF6rZyPfQk60vOsMbR2God7uYhiY2EYkENlQHYYxZnASJkgoL3U8UeNuA9Qv7r7lmZ-ilu79Dbmfo6c2PQfBt8Ok2SHsIeHUEeD0JMQa-MgkiDGvZd26U2WFaeTvWPelGvWwAyjWQl4ehvNrZSPfQ8cnFy8v39q367q8VaHkfzQNk0UBeNPCe_QnBIL05uehqtHnR1R59ez4v7ciu8dbGl0pe6se-fENfrV2hzpzy61-8Ilugbe9c1r48yzNls4FHXy1bpXRx2hVSo7tn_BUtLlR-Zbkqsio_e-HV02dGeaG9ty6bArczdPSvj0DaGTr-4-f7XzR6_lOQ-TXw-QFP7xCIHEFqEaT6YJ-LBvx_ZnHQb_ibMCg6wMvrkI0aGBcNjNMGeLoOvjo0KfPi_su_hPsBIu1MRFqgTZEWLW53uybUgcQ46cckTIwmIVXSRAllKuY4DDWUfrby5z8__BsAAP__9pOOoUAFAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9989666d62066c6e16c93f9c7604f9e3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /da4057f56deac1caae7482053a78f1aa/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18420\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5f0db10a603898505b54e6dca457623b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"3b693df750500c1c31d6112a4ce61a62","sha1":"3ec2ab08164d3bf868cb91cc93e8f0223818bedc","sha256":"4d05a4b96b5c6030b831695f0d38ab137b30f4388612de99c3dea8c3a4c078ea","sha512":"ae56dda15902ac9c90a8f98a2f013b9bd845ec6d1f59c75d11cfb22941c8c591d57824555df77259cb11da0a20f68e32afd1d5b90ec1eb453d068b2bc865a0a7","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybsjy2X:36rxKbk0CrQ+fdwNDba1lIlcPE02X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","first_seen":"2025-10-15T19:37:20.460727Z","last_seen":"2025-10-15T19:37:20.460727Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.1198720135834.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=a38e85413cec1014f138e4bf1725680c6d5b682f8c34b684af8addacbcb3e6c4f89c5df3a7188dfeb60360f1990e63015e55e57f4b8f6e8d5becbb609e58a5545c93dd6b5941badec2e868af64e9da7a2d2df5ffef41b4ce089061\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.1198720135834.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=a38e85413cec1014f138e4bf1725680c6d5b682f8c34b684af8addacbcb3e6c4f89c5df3a7188dfeb60360f1990e63015e55e57f4b8f6e8d5becbb609e58a5545c93dd6b5941badec2e868af64e9da7a2d2df5ffef41b4ce089061\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6NSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.sVUirNfr4Ltpj0Z3GqQ0BCi2gkLbL9Esm3prFTHJNos; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=4; pdhtkv5=true; uncs5=4; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 3271\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs=5; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nu_pl23823996=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 52f77bee853d2d5b238083b61542d724\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4724,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3848)","md5":"ca7bb397e8e9b4854ee7fafc8c42542e","sha1":"c935e110a3b72c3d9be205cff0dd0369699000ac","sha256":"be482d542dba14d9d1e57829fb8293223f27095e0888f7b9f1d6a20a10924b88","sha512":"c1b48ce9e2203e0939c52ae3db39a8a375f692b885422c3e0134cd8998c38c3fd0951d1f32c9daf737d0acf5fb7c572baf371968ca570825e7f9e43c9528bfba","ssdeep":"96:wozzGo/f+Cub1SqlRcPboe/kk/srV89JWkvG37boir1ZDeCfMEDaH:ZzB3+CLmmT/kkUre9JWkvGr/JVeCkCaH","tlshash":"f6a13bba5da546783852e07f5bfa20092d91d20e031a9c82ba0ef7045f15fb60f2d5fd","first_seen":"2025-10-15T19:37:20.70345Z","last_seen":"2025-10-15T19:37:20.70345Z","times_seen":1,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscRRSv2cQc9CAmInqROXhQcWerqruruw0irjESjEnMBzmISH31bDk9XW1X9_RmDxIMSPCgi3jQW8-b2V0_gqgHD0IkzHoLCBkv7iGL4h-gIsSrzOzCakG_j9_vd_i95r33htUu8qDiO-detWsmTflS0MHtJy-bTNnatc9cbBPcwcfbl03G_OPt1VkoBs8Sz-_gp9ova9mzSxQTjAkm7ZOm0IldXZqzYPIbMenEuOPTDgl8WC3-37vqCDjeAjXYRUfBqOmDvyevg5ETyPpfn9CuV9r8mZf6VcpLW8BAbV3KepmtM-gflEnRgiTb2leDdVOEPlkAm23tTwB2MJ5NAMJM0cIjd0FkW_s2QQw29pyKFHQGQj0A9WACOt0Gwycg7TUw6g4CkArOnIWsv3nGFjW_ssfyGTtFh-_9DaaeosN3H4as_9VyalbbF2xalcZmDlaTBszqBEx3Anm1DeXaAph6G2T5Lhj1E1q6dxqy_visSy0YtfOEigWPGQkWY6Hooh_H8SIPsFokjEWYex7zBJn_IpNMgLsWVLPPtKBKWlDlLeirnbaPI18S7rEkVjLEPvd9pQWOI4oxj2UIlZx5X4cyXweZroMsrt-o3sxT6kXUiyI6JJ_laqXsDag3LotKb1aZdNQbkgNVHLMh2dxTzTXjmWYYbO1BwRzbmGHB0Ie8uAo989Gd4Oid-36ForoFbmXnOxJ7PAoZVZIkngoF04kfRH4oaCx1EArGqGSaRR6Pw4RSRiKqtJK-kF4YRGGCGVce0xGnQUwFlYT5OsEe1x4nVEsiAhz4sYySkIYhC30RMK1EGBNJIxWHWhKphR8koe_7GkfSD2RIk4gzinkiSCQi7XGPsETyJFSBCCgJoxicehRcOUWt196BgWqg1ghqh6DmCGqDoC4R1INmQ6WOumZTpa4SZD_T_ew1I1t2h3zDll2dIeDFOhSqGZv8bXcNZHlotJY4NbKzwEXZjLhQzTDfRQ_Nlq718Z-XoKd32gmNOCFxJONIxL5KWMhDvDdjyLgfgTMNGLcwX5U1M0XP3fwNcjNFj48_BMG3waXbIM0h4NVjwOsRYRj4yohhDGvZt7afmV5aOTPQHWn7nawLyjaQl4ehvNIaprvo2Oj8xeVb8zt445cMtLyN9h_IooG8aOAt8yOCbnp9dN7WaHze1g59czYvTd-s8dmNXCh5qY988Yq-UttCnTrh1j9_Qc6IWXnjonblaZ4pk3Ud-nLZKKWLk7aQGt085S5rca5yK8tVkVX56XMvnjzVzwvtnLHZBLiZovv_eh-kmaJjP3w6v__g6Q9A5lfB5Qc-nUUgcgSpQZDqA5yLBtx_enFQD9116BYt4OU1yPoNDIoGBmkDPF0HVx0alXlx-_mfvfkDkbZGIi3QWKTFjDc77cTTVGIchYx4UaKJ5yuZBJEfK8ax52ko3XTlj3--_zcAAP__0cugup0FAAA=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscRRSv2cQc9CAmInqROXhQcWerqruruw0irjESjEnMBzmISH31bDk9XW1X9_RmDxIMSPCgi3jQW8-b2V0_gqgHD0IkzHoLCBkv7iGL4h-gIsSrzOzCakG_j9_vd_i95r33htUu8qDiO-detWsmTflS0MHtJy-bTNnatc9cbBPcwcfbl03G_OPt1VkoBs8Sz-_gp9ova9mzSxQTjAkm7ZOm0IldXZqzYPIbMenEuOPTDgl8WC3-37vqCDjeAjXYRUfBqOmDvyevg5ETyPpfn9CuV9r8mZf6VcpLW8BAbV3KepmtM-gflEnRgiTb2leDdVOEPlkAm23tTwB2MJ5NAMJM0cIjd0FkW_s2QQw29pyKFHQGQj0A9WACOt0Gwycg7TUw6g4CkArOnIWsv3nGFjW_ssfyGTtFh-_9DaaeosN3H4as_9VyalbbF2xalcZmDlaTBszqBEx3Anm1DeXaAph6G2T5Lhj1E1q6dxqy_visSy0YtfOEigWPGQkWY6Hooh_H8SIPsFokjEWYex7zBJn_IpNMgLsWVLPPtKBKWlDlLeirnbaPI18S7rEkVjLEPvd9pQWOI4oxj2UIlZx5X4cyXweZroMsrt-o3sxT6kXUiyI6JJ_laqXsDag3LotKb1aZdNQbkgNVHLMh2dxTzTXjmWYYbO1BwRzbmGHB0Ie8uAo989Gd4Oid-36ForoFbmXnOxJ7PAoZVZIkngoF04kfRH4oaCx1EArGqGSaRR6Pw4RSRiKqtJK-kF4YRGGCGVce0xGnQUwFlYT5OsEe1x4nVEsiAhz4sYySkIYhC30RMK1EGBNJIxWHWhKphR8koe_7GkfSD2RIk4gzinkiSCQi7XGPsETyJFSBCCgJoxicehRcOUWt196BgWqg1ghqh6DmCGqDoC4R1INmQ6WOumZTpa4SZD_T_ew1I1t2h3zDll2dIeDFOhSqGZv8bXcNZHlotJY4NbKzwEXZjLhQzTDfRQ_Nlq718Z-XoKd32gmNOCFxJONIxL5KWMhDvDdjyLgfgTMNGLcwX5U1M0XP3fwNcjNFj48_BMG3waXbIM0h4NVjwOsRYRj4yohhDGvZt7afmV5aOTPQHWn7nawLyjaQl4ehvNIaprvo2Oj8xeVb8zt445cMtLyN9h_IooG8aOAt8yOCbnp9dN7WaHze1g59czYvTd-s8dmNXCh5qY988Yq-UttCnTrh1j9_Qc6IWXnjonblaZ4pk3Ud-nLZKKWLk7aQGt085S5rca5yK8tVkVX56XMvnjzVzwvtnLHZBLiZovv_eh-kmaJjP3w6v__g6Q9A5lfB5Qc-nUUgcgSpQZDqA5yLBtx_enFQD9116BYt4OU1yPoNDIoGBmkDPF0HVx0alXlx-_mfvfkDkbZGIi3QWKTFjDc77cTTVGIchYx4UaKJ5yuZBJEfK8ax52ko3XTlj3--_zcAAP__0cugup0FAAA= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.z_rtdG8LJ-c36Z2DOTKLwf3vROs2VlWe2UpKlFC7sRM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=6; pdhtkv5=true; uncs5=4; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv25=true; uncs25=1; u_pl26538069=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8dd3190e0231855ed4799cd004a96cc4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b249d3a968e2b24d063f2360aef3166a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=26044c9034d41067e4eeac3c8b2a25ba\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:31.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=26044c9034d41067e4eeac3c8b2a25ba\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:31 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e579d7501512e7ec69da76811bf4443a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":672,"timings":{"blocked":285,"dns":7,"connect":92,"send":0,"wait":95,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.877918442879.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=4551ee3bdf30b6f7744dd2294f7a58b3628bb893a77eda9b9601b48cd230ec9581a16a23838a41e31113e8e07a0ce40b3c42576ea68da2608fc6b0de03c1b948aa842fc3d58fce71c1b0485ae05c8dc2d71af452833013a9988912\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.877918442879.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=4551ee3bdf30b6f7744dd2294f7a58b3628bb893a77eda9b9601b48cd230ec9581a16a23838a41e31113e8e07a0ce40b3c42576ea68da2608fc6b0de03c1b948aa842fc3d58fce71c1b0485ae05c8dc2d71af452833013a9988912\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 3367\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 27\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5ae628cf23f28db6301ed2372516a004\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4778,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3902)","md5":"da2b7dafad14adc1ad7704502b161b6a","sha1":"7e61b4eafcb4477a07993f7dd33648eeb2839894","sha256":"16ff14bf260adbcb22f9e6d97a3068710236a6b597742d9d3b8c9e6505c2e82c","sha512":"1a088e1bdc5754795d6803a57c7d1c0a14657d86a2650cce22e7eace568fdd3f8c9f00e251c3aed4dbb2470a96effc46a331f2a60741d3aa9b5f3016da6b6104","ssdeep":"96:yozN06+5ZJ3Iw8xyxcQhFFT+dQSdzspk/Ehk/V5meftO1ZDWCfMEDaH:vz1OZI5cxccFFUIpk2lrVWCkCaH","tlshash":"a5a12ca15ecba02cd867746f603721153e30a20f68489980b69de9d62f347e85f7cdd9","first_seen":"2025-10-15T19:37:20.710882Z","last_seen":"2025-10-15T19:37:20.710882Z","times_seen":1,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.1129829337874.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=d691383644387b3c6cf451bcc82ed5c544b023dae4f74526d9b4f4858ddcfbe91346ad4749580faead9cc27a579f3e2f525c15132af8b3ca972f29fafed8a9e7b28511ad207d39f9e7d07d7d3f1eb4052071221198be572a3885ae\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.1129829337874.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=d691383644387b3c6cf451bcc82ed5c544b023dae4f74526d9b4f4858ddcfbe91346ad4749580faead9cc27a579f3e2f525c15132af8b3ca972f29fafed8a9e7b28511ad207d39f9e7d07d7d3f1eb4052071221198be572a3885ae\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 3392\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs=4; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\nuncs5=4; expires=Thu, 16 Oct 2025 19:36:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 25\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: da4a1508d0e2ce0cd0e7008ca9b30efd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3906)","md5":"a1d889513c184075ba19174dff75167b","sha1":"dbc05a180c4f1cb0b15bf44c029f84f05ae05416","sha256":"3a3e895fbfb861a0beb4d40f39a153e7ef9f6decd75bf4cbea5aa12454f6e981","sha512":"a9737b9d419f165b851c80651dfa0fc35c0cabaffe306f91153ef6ef6aed11fd741df59e28328d542b8d94507e5864379e2d02f9d8ff16478b9a2d92150fd0a8","ssdeep":"96:yozvY0b+6ZbaBTDlLk/qz2LAcU1/9bFl1ZDWCfMEDaH:vzvD7UTJLkM2EVfb5VWCkCaH","tlshash":"83a14bb69fa7b5b85487a0eb3a3f33092f5091066941e903b44cf6c09f30be59b6dc95","first_seen":"2025-10-15T19:37:20.715396Z","last_seen":"2025-10-15T19:37:20.715396Z","times_seen":1,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.59721054259.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.59721054259.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=6; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.59721054259.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557048\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=97a194900cb4598286974d646d4cfa61dcf43808b1a0895453d5cc4d92e6c7f16341dd5a95ee3d1aaf1226a8730ae0ec9dc22a759321a76478c76cfacfe333e3e0961e9099dbe64141e8f93ad611dc2cb66697a9d5da6fa40e87ca\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; expires=Wed, 15 Oct 2025 19:37:28 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 72ce709f5e2404494948fa14f44fb5af\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4770,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.84146725885.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.84146725885.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.cBjrUEQBxa9UBRRIOA4jctzFrQxyuur-b4mSBoLJeLg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://torchfriendlypay.com/watch.84146725885.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557048\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=15625d720271b0f2ba8bc872649c6d0d521a8b81bc2ab5e6e4d5c834bae02ee57ff89e74c45dd64df9566d2f4f0888c79a7a5b1db8821f120ec69be71a2f38b9a01124c7cb04972d512d4371fbcf9da92b29841ffc236d9034195b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; expires=Wed, 15 Oct 2025 19:37:28 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2878f0f652d207314045bfabb9f89479\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/dyn-css/authorization.css?targetBlogID=4103945583579310596\u0026zx=cb142bfa-25ec-459b-9878-d515056da7ef","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.178.41","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:27 GMT","end":"Mon, 15 Dec 2025 08:40:26 GMT"},"fingerprint":{"sha1":"58:46:3F:C8:CA:4C:E8:4A:99:AA:61:86:67:DA:60:F0:B9:30:41:02","sha256":"D8:B8:F0:37:14:79:13:C0:3C:E5:D1:5D:E9:71:56:44:42:27:47:58:CB:5C:D1:8C:47:36:FC:1A:52:AC:78:14"}}},"request":{"raw":"GET /dyn-css/authorization.css?targetBlogID=4103945583579310596\u0026zx=cb142bfa-25ec-459b-9878-d515056da7ef HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\np3p: CP=\"This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en\u0026answer=151657 for more info.\"\r\ncontent-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport\r\ncontent-type: text/css; charset=UTF-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\nlast-modified: Wed, 15 Oct 2025 19:36:30 GMT\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 21\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"very short file (no magic)","md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T11:45:31.393371Z","times_seen":182964,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":620,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl24012289.highratecpm.com/359ffd8d92c6d81781d68ca2cfcb4022/invoke.js","fqdn":"pl24012289.highratecpm.com","domain":"highratecpm.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highratecpm.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 22:56:35 GMT","end":"Fri, 19 Dec 2025 22:56:34 GMT"},"fingerprint":{"sha1":"09:55:75:01:0C:70:AF:6F:8E:56:01:66:32:02:9A:D6:5C:2B:32:FD","sha256":"30:C5:C8:19:3B:E4:B4:FE:41:DF:58:D4:1F:26:4C:E7:D5:8D:50:5B:F5:CE:9E:9B:DD:50:00:7B:A4:D8:92:29"}}},"request":{"raw":"GET /359ffd8d92c6d81781d68ca2cfcb4022/invoke.js HTTP/1.1\r\nHost: pl24012289.highratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15701\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: pl24012289.highratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3fa8903858adcae65806c1bcd1028d92\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43288,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43286), with no line terminators","md5":"f6859bae43ef269058271de30a45db44","sha1":"b3ae76c73592e6b14fa6a88dc5244158be2d4b30","sha256":"1566eead95ea50f4e2fc758d67b83146fd38f6d0a2dc3347bfc901739396c166","sha512":"c87f3f2eec451e1cbe4b8078a061b063c40fbbafcfabe7767f7a10490442f9219b09d6b0e249dcbe9448a06dd005be512dbacd874985614d39027683b0ce1b95","ssdeep":"768:McMESno4Q0ygG0I9lwTd+v8I6Ftf/AJEOlhP44QYStbpd:YnkATdlrnVld","tlshash":"e713c9ec7f45b2ad028b6823213f660af1399b1275cdd59cf192f0e8279c759c93ae14","first_seen":"2025-10-15T19:37:20.722161Z","last_seen":"2025-10-15T19:37:20.722161Z","times_seen":1,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":47,"connect":91,"send":0,"wait":98,"receive":91,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"pl24012289.highratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/9e/5c/35/9e5c35385d0c5139cc819db9c5ec3f9c/1756656395.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/9e/5c/35/9e5c35385d0c5139cc819db9c5ec3f9c/1756656395.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65091\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:35 GMT\r\netag: \"68b4730b-fe43\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65091,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 16:17:27], progressive, precision 8, 300x250, components 3","md5":"026ecb9ebfc333b46de99a35ece1ed63","sha1":"4945bcedd091109a3c43834502a9301ff5009087","sha256":"02fdce35ad465cf23a8baac4d505a51a7756c6d865f5d311389734c5c601416b","sha512":"e4756406638971996514a6c286a7dfafefee9e4bc76f86f557104ed8aaf4d3a513d13229756cf689e23e7d4e41beb3ac3a0aa75d3789433c5442f387d3073279","ssdeep":"1536:HT8CEOavT8CEOa2GYL1Ql6B2mQmW4aO1R9snq7ji0kZsUdCWTkLNVUQBq3:z8C7u8C7sk1c6BfQmjaO1d7jijFYLNVS","tlshash":"7953e040e682cc32e9e6d8b990f5c2b573329e906af39e40f49e64427ff87d5ac48153","first_seen":"2025-09-02T19:57:23.459951Z","last_seen":"2026-04-03T08:46:56.914433Z","times_seen":906,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.324154015322.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.324154015322.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.324154015322.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=17b15200b81f12bfc73a9f8ef2e6d66b9856fddc6ddd679845672cbe46ed23c29c89525cae35ec8f15fab2177491c6cad1bce64df1ad6a7ff524e9b343522c0960be5114cb383f5cde5b979bc49ce06009242f013d2b069406dd5b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d7e9095eac18c3a31a51d96781139030\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4782,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1SUz4scRRTHazaJh3gQE_EY5uBBxZ2t6urq7jKIuMZIMCYxieQgIvWrd8vp6W67uqc3e5BgIAQ9uAiC3nrezO76I4h68CKRMOstIGS8uIcsin-AiBCv0rsLGwu66lvvUwXfat57N0bVDqJQie0Lr2erNknEAuvh7tNXbKqz2nXPXe4S3MMnu1dsGvgnuyvtVAyfJ9Tv4We6rxrVzxY8TDAmmHRP28LE2crCLgWb3-Kkx3HP93qE-bBS_H_vqkPgxBzo4Q46BlbPHvszfgusmkI6-PaUcf0yy597ZVAloswKGOrNN9N-mtUpDA5kXHQgTjf3T0PmZgh9NgdZurn_AsiGk_YFIO0MzT15H2S6uW8T5HB9z6lMwKQg9aNQD6dgki2wYgoquw5W30MASsO585AONs5lRS2u7lHR0hk6_OAfsPUMHb7_BKSDbxYTu9K9lCVVabPUwUrcgF2Zgl2aQl5NoVydA1tvgSo_AKt_QQsPzkI6mJx3SQZWbz-luRQ8IGyeS-3N-5zzecGwnidBEGFBaUAl2f1FNp6CcB2o2s92oIo7UOUdGOjtro8jXxFBg5hrFWJf-L42EvPIw1hwFUKlWu9rUOZroJI1UMVHt6p38sSjkUejyBuRL3K9XPaHHpuURWX2YMBohAN-AOlDsL3JeTAikypVbkQ3987s3d9oYx4bkT1BR2RjD-_S9TbIRgTy4hr07Sf32LF7R36HoroDbnn7B0NIIKmMQ-ZLTEPDuY4MpqFkURgw6WEdEs8wFguqJI-01D6PKeMECya58YLIRIoGHpbECCljQmOMGY117FOmjRcIEhsfK09GPPA5ZmGgQ0o55cJQHflRwDgLhK-w8v3QF9IYHenQcBp7lHAPx5jxmFAquGRC8jCOdBiC0yfAlTPUeeN9GOoGaoOgdghqgaC2COoSQT1s1nXiPNds6MRVkuyv3v5Km3FWLo3EelYumRSBKNag0M3E5u-566DKQ-PV2Olx1k5Cls1YSN2M8h30eJuanf6No9A3213s0ziIGWESx77xaIB5EHmRVhpLE0YanG3AurndhFq1M_TC7T8gtzN0YvIxSLEFLtkCZQ-BqI6AqMcUYxDLY49hWE2_zwap7SeVs0PTU9mgly6BzhrIy8NQXu2Mkh10fHzx8uKd3Wp5-7cKjLqL9geoooG8aOBd-zOCpeTm-GJWo8nFrHbou_N5aQd2VbSVdKkUpXnkq9fM1Tor9JlTbu3Ll1QLWnnrsnHlWZFqmy459PWi1doUp7NCGXT7jLti5IXKLS9WRVrlZy-8fPrMIC-MczZLpyDsDB39-0NQdoaO__T5bpdgz34KKr8GLj_w6TIEMkeQWASJOYgL2YB7aC8P9MjdhKWiA6K8DumggWHRwDBpQCRrbesbl3lx98Vf6e4AmXTGMinQRCZFy-12N6bGUxhHYUBoFBtCfa1iFvlcBwJTaqB0s-W__v3xvwAAAP__HYEmjMMFAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1SUz4scRRTHazaJh3gQE_EY5uBBxZ2t6urq7jKIuMZIMCYxieQgIvWrd8vp6W67uqc3e5BgIAQ9uAiC3nrezO76I4h68CKRMOstIGS8uIcsin-AiBCv0rsLGwu66lvvUwXfat57N0bVDqJQie0Lr2erNknEAuvh7tNXbKqz2nXPXe4S3MMnu1dsGvgnuyvtVAyfJ9Tv4We6rxrVzxY8TDAmmHRP28LE2crCLgWb3-Kkx3HP93qE-bBS_H_vqkPgxBzo4Q46BlbPHvszfgusmkI6-PaUcf0yy597ZVAloswKGOrNN9N-mtUpDA5kXHQgTjf3T0PmZgh9NgdZurn_AsiGk_YFIO0MzT15H2S6uW8T5HB9z6lMwKQg9aNQD6dgki2wYgoquw5W30MASsO585AONs5lRS2u7lHR0hk6_OAfsPUMHb7_BKSDbxYTu9K9lCVVabPUwUrcgF2Zgl2aQl5NoVydA1tvgSo_AKt_QQsPzkI6mJx3SQZWbz-luRQ8IGyeS-3N-5zzecGwnidBEGFBaUAl2f1FNp6CcB2o2s92oIo7UOUdGOjtro8jXxFBg5hrFWJf-L42EvPIw1hwFUKlWu9rUOZroJI1UMVHt6p38sSjkUejyBuRL3K9XPaHHpuURWX2YMBohAN-AOlDsL3JeTAikypVbkQ3987s3d9oYx4bkT1BR2RjD-_S9TbIRgTy4hr07Sf32LF7R36HoroDbnn7B0NIIKmMQ-ZLTEPDuY4MpqFkURgw6WEdEs8wFguqJI-01D6PKeMECya58YLIRIoGHpbECCljQmOMGY117FOmjRcIEhsfK09GPPA5ZmGgQ0o55cJQHflRwDgLhK-w8v3QF9IYHenQcBp7lHAPx5jxmFAquGRC8jCOdBiC0yfAlTPUeeN9GOoGaoOgdghqgaC2COoSQT1s1nXiPNds6MRVkuyv3v5Km3FWLo3EelYumRSBKNag0M3E5u-566DKQ-PV2Olx1k5Cls1YSN2M8h30eJuanf6No9A3213s0ziIGWESx77xaIB5EHmRVhpLE0YanG3AurndhFq1M_TC7T8gtzN0YvIxSLEFLtkCZQ-BqI6AqMcUYxDLY49hWE2_zwap7SeVs0PTU9mgly6BzhrIy8NQXu2Mkh10fHzx8uKd3Wp5-7cKjLqL9geoooG8aOBd-zOCpeTm-GJWo8nFrHbou_N5aQd2VbSVdKkUpXnkq9fM1Tor9JlTbu3Ll1QLWnnrsnHlWZFqmy459PWi1doUp7NCGXT7jLti5IXKLS9WRVrlZy-8fPrMIC-MczZLpyDsDB39-0NQdoaO__T5bpdgz34KKr8GLj_w6TIEMkeQWASJOYgL2YB7aC8P9MjdhKWiA6K8DumggWHRwDBpQCRrbesbl3lx98Vf6e4AmXTGMinQRCZFy-12N6bGUxhHYUBoFBtCfa1iFvlcBwJTaqB0s-W__v3xvwAAAP__HYEmjMMFAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv5=true; uncs5=2; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d6d11c9b5640518f3820c66a93061635\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa8501-4ff\"\r\nage: 1698097\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pyz305Fuy9Gtm0YDkLD29w%2BJyHIA88yjvhFie%2BfpILZd9xEXAo5selno92XPIjXrco6yA45LInkrFYYXsoKzvE2BrCa0iKOfKP0CYH7i\"}]}\r\ncf-ray: 98f1c3fcbb57b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-04T11:42:40.852245Z","times_seen":8740,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33576\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:41:03 GMT\r\nexpires: Fri, 09 Oct 2026 12:41:03 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 543319\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":96381,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32341)","md5":"8fc25e27d42774aeae6edbc0a18b72aa","sha1":"b66ed708717bf0b4a005a4d0113af8843ef3b8ff","sha256":"b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682","sha512":"87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1","ssdeep":"1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK","tlshash":"cc93e8d9b6d2706297b730a851bf510bb17698eab80c4c60f058d8e47eb4e8d507bf2d","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-04-04T11:09:12.813637Z","times_seen":22870,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":141,"dns":1,"connect":10,"send":0,"wait":10,"receive":8,"ssl":142},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2U08xIOYiEeZgwcVd7aqq7un2iDiGiPBmMQkkoOI1K-eLaenq-3qnt7sKRgIwYuLF_XW82Z21x9B1IOeImHWW0DY8eIesij-ASJCvErPLqwWdL33vu9r-F7x3q1RuY8olHzv0ht23SQJXw46uP3MNZMqW7n2hattgjv4dPuaSUP_dHutufLhC4T6Hfxs-zUt-3bZwwRjgkn7rMl1bNeW5yyY7E5EOhHu-F6HBD6s5f-vXbkAji-AGu6jk2DU7LE_4rfByCmkg2_OaNcvbPb8q4My4YXNYai230r7qa1SGBylcd6CON0-VIN1M4Q-XQCbbh92AHY4aToAYWZo4ckHINLtQ5sghpsHTkUCOgWhHoVqOAWd7IDhU5D2Jhi1iwCkggsXIR1sXbB5xa8fsLxhZ-jYw7_BVDN07METkA6-XknMWvuKTcrC2NTBWlyDWZuC6U0hK6dQrC-AqXZAFh-AUT-j5YfnIR1MLrrEglF7T6tI8CgkwVIklLfkR1G0xAOslkgYMswpDakg8ycy8RS4a0HZfKYFZdyCMmvBQO21fcx8STgN40jJLva57ystcMQ8jHkku1DKxvsGFNkGyGQDZH77TvlulniUeZQxb0S2MrVa9IeTIi_1pEylG5HPDyCPzsGtBvToiBz9GEXhiGwfqIK5aLMRBSMCWX4D-ubj3eDk7vHfIC_vgVvd-94PAqI1FSqmWIRxt-v7Snle5MddHjBBQ48JwSLKu12teCSiEBPhM6k8irWMAkY4CblHGWXcJ5oSQqhmGnc5ltrHgkrfC7qh5iFT3Asxi2UosNKYSiIin3HOfC-WVAUslrpLJBHYZwHXOJBMSU91CY_9wGOUYkJ5FDEWEQ-cWgRXzFDrzRswVDVUGkHlEFQcQWUQVAWCalhvqsR5rt5SiSsFOYzeYaT12Ba9Ed-0RU-nCHi-AbmqJyZ7390EWSyO12Onxra5uCjqMReqHmX76PFm6Fr9Wyegr_fa2KdxGAckEDj2tUdDHIXMY0oqLHSXKXCmBuMW5qOybmboxbu_Q2Zm6KnJRyD4DrhkB6RZBF4eB16NKcbAV8degGE9_c4OUtNPSmeGuiPtoJP2QNkasuIYFNdbo2QfnRpfvrpyb74H7_xagZb30eEBmdeQ5TW8Z35C0Etujy_bCk0u28qhby9mhRmYdd7syJWCF_qRL1_X1yubq3Nn3MYXL8uGaNI7V7UrzvNUmbTn0FcrRimdn7W51OjuOXdNi0ulW10p87TMzl965ey5QZZr54xNp8DNDJ3460OQZoZO_fjZfP-D5z4Bmd0Alx35dBaByBAkBkGij3AuanD_qcVRPnK3oZe3gBc3IR3UMMxrGCY18GQDXLk4LrL8_ku_0PkBkbTGIsnRRCR5w5u9dky1JzFm3ZBQFmtCfSXjgPmRCjmmVEPhZqt__vPDvwEAAP__HVKkI50FAAA=","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2U08xIOYiEeZgwcVd7aqq7un2iDiGiPBmMQkkoOI1K-eLaenq-3qnt7sKRgIwYuLF_XW82Z21x9B1IOeImHWW0DY8eIesij-ASJCvErPLqwWdL33vu9r-F7x3q1RuY8olHzv0ht23SQJXw46uP3MNZMqW7n2hattgjv4dPuaSUP_dHutufLhC4T6Hfxs-zUt-3bZwwRjgkn7rMl1bNeW5yyY7E5EOhHu-F6HBD6s5f-vXbkAji-AGu6jk2DU7LE_4rfByCmkg2_OaNcvbPb8q4My4YXNYai230r7qa1SGBylcd6CON0-VIN1M4Q-XQCbbh92AHY4aToAYWZo4ckHINLtQ5sghpsHTkUCOgWhHoVqOAWd7IDhU5D2Jhi1iwCkggsXIR1sXbB5xa8fsLxhZ-jYw7_BVDN07METkA6-XknMWvuKTcrC2NTBWlyDWZuC6U0hK6dQrC-AqXZAFh-AUT-j5YfnIR1MLrrEglF7T6tI8CgkwVIklLfkR1G0xAOslkgYMswpDakg8ycy8RS4a0HZfKYFZdyCMmvBQO21fcx8STgN40jJLva57ystcMQ8jHkku1DKxvsGFNkGyGQDZH77TvlulniUeZQxb0S2MrVa9IeTIi_1pEylG5HPDyCPzsGtBvToiBz9GEXhiGwfqIK5aLMRBSMCWX4D-ubj3eDk7vHfIC_vgVvd-94PAqI1FSqmWIRxt-v7Snle5MddHjBBQ48JwSLKu12teCSiEBPhM6k8irWMAkY4CblHGWXcJ5oSQqhmGnc5ltrHgkrfC7qh5iFT3Asxi2UosNKYSiIin3HOfC-WVAUslrpLJBHYZwHXOJBMSU91CY_9wGOUYkJ5FDEWEQ-cWgRXzFDrzRswVDVUGkHlEFQcQWUQVAWCalhvqsR5rt5SiSsFOYzeYaT12Ba9Ed-0RU-nCHi-AbmqJyZ7390EWSyO12Onxra5uCjqMReqHmX76PFm6Fr9Wyegr_fa2KdxGAckEDj2tUdDHIXMY0oqLHSXKXCmBuMW5qOybmboxbu_Q2Zm6KnJRyD4DrhkB6RZBF4eB16NKcbAV8degGE9_c4OUtNPSmeGuiPtoJP2QNkasuIYFNdbo2QfnRpfvrpyb74H7_xagZb30eEBmdeQ5TW8Z35C0Etujy_bCk0u28qhby9mhRmYdd7syJWCF_qRL1_X1yubq3Nn3MYXL8uGaNI7V7UrzvNUmbTn0FcrRimdn7W51OjuOXdNi0ulW10p87TMzl965ey5QZZr54xNp8DNDJ3460OQZoZO_fjZfP-D5z4Bmd0Alx35dBaByBAkBkGij3AuanD_qcVRPnK3oZe3gBc3IR3UMMxrGCY18GQDXLk4LrL8_ku_0PkBkbTGIsnRRCR5w5u9dky1JzFm3ZBQFmtCfSXjgPmRCjmmVEPhZqt__vPDvwEAAP__HVKkI50FAAA= HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=2; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 770bc4672995ea8593ff39233ff5eaf3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2SQe4iGYiEeZgwcVd7a6q7q62yDiGiPBmMQkkoN4qJ-z5fR0tV3d05u9GAyE4MVFEPTW-2aTRQ2iHgQPkTDrLSDseHEPWRT_ABEhXmU2A6sP6r3v1VeH71V9dWOj3kMEar574U23ZrOML0U93H32is2Va3z33OVugHv4ZPeKzRk92V2dpXL0YkBoDz_XfV3LgVsKcYBxgIPuaVtq41aX9lmwxZ006KW4R8NeEFFYLf_f-7oDnndAjfbQcbBqeuwP8w5YOYF8-M0p7QeVK154bVhnvHIljNTW2_kgd00OwwNoyg6YfGt-GpyfIvTZArh8az4BuNHmbAIQdooWnnoAIt-aywQxuvVIqchA5yDU49CMJqCzbbB8AtJdB6t2EIBUcO485MPb51zZ8KuPWD5jp-jww7_BNlN0-MGTkA-_Xs7saveSy-rKutzDqmnBrk7A9idQ1NtQrS2AbbZBVh-CVT-jpYdnIR9unveZA6t2n1Gp4CkLosVUqHCRpmm6yCOsFgPGEswJYUQE-1dkzQS470A9W7YDtelAXXRgqHa7FCdUBpwwkyoZY8opVVrgNAkx5qmMoZYz7etQFesgs3WQ5TUoymswsJ_sRMd3jvwGZX0P_Mru94QLbEgsJIsUTWMesCRhsTY44ZzKyGhCGU5DSkOqZUI5S3hCGA5DkqoQcxpFlKaRimhCQxoIJROT0hQzZozQMjQi4kGgsNKMhSwhSZBENMYkjQjjWkglAxOwWKVJSJKYxTiSOA4jbginKZY6CKOIakwl0YlMFaNRQuOUglfHwFdT1HnrAxipFhqNoPEIGo6gsQiaCkEzam-pzIe-va0yX4tgXsN5Je3YVf0NfstVfZ0j4OU6lKrdtMX7_jrI6tB4zXg1drPERdWOuVDtRrGHnpj5ojO4cRQGereLKTHMREEksKE6JAynLAkTJRUWOk4UeNuC9Qv7r7lmp-ilu79DYafo6c2PQfBt8Nk2SHsIeH0EeDMmGANfGYcRhrX8OzfM7SCrvR3pnnTDXt4H5VooqsNQXe1sZHvoxPji5eV7-1Z999catLyP5gGybKEoW3jP_oSgn90cX3QN2rzoGo--PV9UdmjX-MzGlype6ce-fENfbVypzpzy61-8ImfEDN65rH11lufK5n2Pvlq2SunytCulRnfP-CtaXKj9ynJd5nVx9sKrp88Mi1J7b10-AW6n6OhfH4G0U3Tix8_3v2j0_Kcgi2vgiwOd3iEQBYLMIsj0wT4XLfj_9OIAb_ib0C87wKvrkA9bGJUtjLIWeLYOvj40rory_su_kP0AkXXGIivRpsjKGW93u4boUGKcxCwgidEBoUqaKKGpYhwToqHy05U___nh3wAAAP__YILzE0AFAAA=","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2SQe4iGYiEeZgwcVd7a6q7q62yDiGiPBmMQkkoN4qJ-z5fR0tV3d05u9GAyE4MVFEPTW-2aTRQ2iHgQPkTDrLSDseHEPWRT_ABEhXmU2A6sP6r3v1VeH71V9dWOj3kMEar574U23ZrOML0U93H32is2Va3z33OVugHv4ZPeKzRk92V2dpXL0YkBoDz_XfV3LgVsKcYBxgIPuaVtq41aX9lmwxZ006KW4R8NeEFFYLf_f-7oDnndAjfbQcbBqeuwP8w5YOYF8-M0p7QeVK154bVhnvHIljNTW2_kgd00OwwNoyg6YfGt-GpyfIvTZArh8az4BuNHmbAIQdooWnnoAIt-aywQxuvVIqchA5yDU49CMJqCzbbB8AtJdB6t2EIBUcO485MPb51zZ8KuPWD5jp-jww7_BNlN0-MGTkA-_Xs7saveSy-rKutzDqmnBrk7A9idQ1NtQrS2AbbZBVh-CVT-jpYdnIR9unveZA6t2n1Gp4CkLosVUqHCRpmm6yCOsFgPGEswJYUQE-1dkzQS470A9W7YDtelAXXRgqHa7FCdUBpwwkyoZY8opVVrgNAkx5qmMoZYz7etQFesgs3WQ5TUoymswsJ_sRMd3jvwGZX0P_Mru94QLbEgsJIsUTWMesCRhsTY44ZzKyGhCGU5DSkOqZUI5S3hCGA5DkqoQcxpFlKaRimhCQxoIJROT0hQzZozQMjQi4kGgsNKMhSwhSZBENMYkjQjjWkglAxOwWKVJSJKYxTiSOA4jbginKZY6CKOIakwl0YlMFaNRQuOUglfHwFdT1HnrAxipFhqNoPEIGo6gsQiaCkEzam-pzIe-va0yX4tgXsN5Je3YVf0NfstVfZ0j4OU6lKrdtMX7_jrI6tB4zXg1drPERdWOuVDtRrGHnpj5ojO4cRQGereLKTHMREEksKE6JAynLAkTJRUWOk4UeNuC9Qv7r7lmp-ilu79DYafo6c2PQfBt8Nk2SHsIeH0EeDMmGANfGYcRhrX8OzfM7SCrvR3pnnTDXt4H5VooqsNQXe1sZHvoxPji5eV7-1Z999catLyP5gGybKEoW3jP_oSgn90cX3QN2rzoGo--PV9UdmjX-MzGlype6ce-fENfbVypzpzy61-8ImfEDN65rH11lufK5n2Pvlq2SunytCulRnfP-CtaXKj9ynJd5nVx9sKrp88Mi1J7b10-AW6n6OhfH4G0U3Tix8_3v2j0_Kcgi2vgiwOd3iEQBYLMIsj0wT4XLfj_9OIAb_ib0C87wKvrkA9bGJUtjLIWeLYOvj40rory_su_kP0AkXXGIivRpsjKGW93u4boUGKcxCwgidEBoUqaKKGpYhwToqHy05U___nh3wAAAP__YILzE0AFAAA= HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 30f0bd7aa90c6b676f35dc9ba2cd3958\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scxRev2STfQL4HMRGPMgcPKu5sVVd3dZdBxDVGgjGJSSQHEamuqp4tp6er7eqe3iwIwUAIXlw8iN563szu-iOIevBkJMx6Cwg7XtxDFsU_QESIV5nZhdUH9X59PofPK967Naz2EIVK7F56za6ZNBVLQQe3n7pmMmVr175wtU1wB59uXzMZ80-3V2euGDxHqN_BT7df0bJnlzxMMCaYtM-aQid2dWmOgsnvcNLhuON7HRL4sFr8t3bVcXDiOKjBHjoJRk0f-T15E4ycQNb_-ox2vdLmz77cr1JR2gIGauuNrJfZOoP-YZoULUiyrQM2WDdF6JMFsNnWwQRgB-PZBBCbKVp4_AHE2daBTIgHG_tK4xR0BrH6P9SDCeh0G4yYgLQ3wagdBCAVXLgIWX_zgi1qcX0fFTN0io4-_AtMPUVHHzwGWf-r5dSstq_YtCqNzRysJg2Y1QmY7gTyagLl2gKYehtk-T4Y9RNaengesv74okstGLX7pOKx4IwEizxW3qLPOV8UAVaLhLEIC0oZjcn8i0wyAeFaUM2eaUGVtKDKW9BXu20fR74kgrKEKxliX_i-0jHmkYex4DKESs60r0OZr4NM10EWtzerTDqPDsmd6u089WjkUc7ZkGzlaqXsDYJxWVR6Y0YKhuyQE0XekGzuc-aU8YwyZJ_ttzw6b0Je3ICe-WgnOLlz7FcoqnvgVna_46Eg3OcYy9gPeORFjIe-Yj5TvkwEI0omPo1wFBOBIx74AVWBlL7inmYyTAijPlEqEDzQmioiREI8j4kopFhorCVX0vNEGHDqEREyP4xkyGQiZKIppZpqzBnRHHOuYs184hMdJZwKxQhR0pMxY4yHgqtACZYIH-solAKcaoMrp6j1-nswUA3UGkHtENQCQW0Q1CWCetBsqNR5rtlUqatichC9g0ibkS27Q7Fhy67OEIhiHQrVjE3-rrsJsjwyWkucGtmZE3HZjESsmmG-hx6dLV2rd-sE9PRuG_s0YUlAghgnvvYow5xFXqSkwrEOIwXONGDcwnxV1swUPX_3N8jNFD0x_hBisQ0u3QZpjoCojoGoRxRjECsjL8Cwln1r-5nppZUzA92Rtt_JuqBsA3l5FMrrrWG6h06NLl9dvje_g7d-GYCW99GBgSwayIsG3jE_Iuimt0eXbY3Gl23t0DcX89L0zZqY3ciVUpT6f1-8qq_XtlDnzrj1z1-UM2CW3rmqXXleZMpkXYe-XDZK6eKsLaRGd8-5azq-VLmV5arIqvz8pZfOnuvnhXbO2GwCwkzRiT8_AGmm6NQPn87vP3jmY5D5DXD5oU5nEcQ5gtQgSPVhX8QNuH_V8WE-dLehW7RAlDch6zcwKBoYpA2IdB1cdWRU5sX9F36mc4M4bY3itEDjOC1muNltJ1R7EuMoZIRGiSbUVzIJIp8rJjClGko3Xfnj7-__CQAA__8rU0rJnQUAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scxRev2STfQL4HMRGPMgcPKu5sVVd3dZdBxDVGgjGJSSQHEamuqp4tp6er7eqe3iwIwUAIXlw8iN563szu-iOIevBkJMx6Cwg7XtxDFsU_QESIV5nZhdUH9X59PofPK967Naz2EIVK7F56za6ZNBVLQQe3n7pmMmVr175wtU1wB59uXzMZ80-3V2euGDxHqN_BT7df0bJnlzxMMCaYtM-aQid2dWmOgsnvcNLhuON7HRL4sFr8t3bVcXDiOKjBHjoJRk0f-T15E4ycQNb_-ox2vdLmz77cr1JR2gIGauuNrJfZOoP-YZoULUiyrQM2WDdF6JMFsNnWwQRgB-PZBBCbKVp4_AHE2daBTIgHG_tK4xR0BrH6P9SDCeh0G4yYgLQ3wagdBCAVXLgIWX_zgi1qcX0fFTN0io4-_AtMPUVHHzwGWf-r5dSstq_YtCqNzRysJg2Y1QmY7gTyagLl2gKYehtk-T4Y9RNaengesv74okstGLX7pOKx4IwEizxW3qLPOV8UAVaLhLEIC0oZjcn8i0wyAeFaUM2eaUGVtKDKW9BXu20fR74kgrKEKxliX_i-0jHmkYex4DKESs60r0OZr4NM10EWtzerTDqPDsmd6u089WjkUc7ZkGzlaqXsDYJxWVR6Y0YKhuyQE0XekGzuc-aU8YwyZJ_ttzw6b0Je3ICe-WgnOLlz7FcoqnvgVna_46Eg3OcYy9gPeORFjIe-Yj5TvkwEI0omPo1wFBOBIx74AVWBlL7inmYyTAijPlEqEDzQmioiREI8j4kopFhorCVX0vNEGHDqEREyP4xkyGQiZKIppZpqzBnRHHOuYs184hMdJZwKxQhR0pMxY4yHgqtACZYIH-solAKcaoMrp6j1-nswUA3UGkHtENQCQW0Q1CWCetBsqNR5rtlUqatichC9g0ibkS27Q7Fhy67OEIhiHQrVjE3-rrsJsjwyWkucGtmZE3HZjESsmmG-hx6dLV2rd-sE9PRuG_s0YUlAghgnvvYow5xFXqSkwrEOIwXONGDcwnxV1swUPX_3N8jNFD0x_hBisQ0u3QZpjoCojoGoRxRjECsjL8Cwln1r-5nppZUzA92Rtt_JuqBsA3l5FMrrrWG6h06NLl9dvje_g7d-GYCW99GBgSwayIsG3jE_Iuimt0eXbY3Gl23t0DcX89L0zZqY3ciVUpT6f1-8qq_XtlDnzrj1z1-UM2CW3rmqXXleZMpkXYe-XDZK6eKsLaRGd8-5azq-VLmV5arIqvz8pZfOnuvnhXbO2GwCwkzRiT8_AGmm6NQPn87vP3jmY5D5DXD5oU5nEcQ5gtQgSPVhX8QNuH_V8WE-dLehW7RAlDch6zcwKBoYpA2IdB1cdWRU5sX9F36mc4M4bY3itEDjOC1muNltJ1R7EuMoZIRGiSbUVzIJIp8rJjClGko3Xfnj7-__CQAA__8rU0rJnQUAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=7; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 51b5af81a1dda9a56c06801e500d9bc7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbs?c=1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=8; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159532\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOKCnqEu92Fr1Mu53ZEC9_Vu3r1gIhOszmOClHrs6ljXfMMLoHQuAj-kw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFOKCnqEu92Fr1Mu53ZEC9_Vu3r1gIhOszmOClHrs6ljXfMMLoHQuAj-kw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22384\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 18:55:30 GMT\r\nexpires: Tue, 13 Oct 2026 18:55:30 GMT\r\ncache-control: public, max-age=31536000\r\nage: 175252\r\nlast-modified: Mon, 08 Sep 2025 18:08:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22384,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22384, version 1.0","md5":"e1457c45500cbdfefafe8aaa1bdffd5c","sha1":"53f0291c083ea23f368d11da1ddd24fe7da1f74b","sha256":"cc7318e183292c701800a2c61d807c9831a7d58302f8747eba8a6ad50223bca0","sha512":"3b5375b9592446080215c6cce15eb9efb949556b0f180ac0e61415b4b24f17aa948eaf2df94fdc5b98c6258d8f7d9ad3793cff52cd10de51a4d44c5c932f62fc","ssdeep":"384:3cz0WwDSQT+FhNxiwUNVz4/23wUIZlGm33Fj5kVBslvp3Kxw/dFa9bycGqLQukt/:M8DSPhNxF1/23wUAG4yVBZwFFa9b0OQJ","tlshash":"70a2d0974d34966e528f63ae68184bba7d8c9c3bd4a06481c1062db7a9cda7b3141273","first_seen":"2025-01-09T13:04:45.303371Z","last_seen":"2026-04-04T10:27:59.226098Z","times_seen":2263,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":86,"dns":1,"connect":31,"send":0,"wait":43,"receive":11,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18423\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 430a5a101d43f9b461ed80678642050d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"87ac42f9eb916239c66989be7755c238","sha1":"5af6b95f6b76f76cd27702c54f6369c817fe9a26","sha256":"82c6e0c2e827ba32ee429abb93af76dad570b82ff430cf83f7c70622fd33afa2","sha512":"d3f3c9932f2fa6833a5ad5cf3b797ab16acfdbb780aaeec15ab0ea6d4064231b0cd4b4d0ccc901707424985c5e03c220093bc20236046d914ccb1377578a3fdf","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybejvDI:36rxKbk0CrQ+fdwNDba1lIlcPEHDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.276849Z","last_seen":"2025-10-15T19:37:20.276849Z","times_seen":1,"resource_available":true,"data":null}},"time_used":778,"timings":{"blocked":293,"dns":2,"connect":93,"send":0,"wait":98,"receive":93,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3525c402dcbf10a1f7dde5871017ceb3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/96/34/ac/9634acb83fcdf3e17fdfeff8277050ef/1756656422.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/96/34/ac/9634acb83fcdf3e17fdfeff8277050ef/1756656422.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88669\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:03 GMT\r\netag: \"68b47327-15a5d\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88669,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 09:52:12], progressive, precision 8, 300x250, components 3","md5":"9bd84ed26d2194b5474eeb4a7853a5f4","sha1":"c15dd30cc3a2fdc855ab4a8cde307cd3d5e0aea3","sha256":"582568b484f7fea73c21631b5982cce91c3ac935d48b14a371919ccc9e07f15f","sha512":"856e3f19d718039e9544e3d86d9ef183678f50d4ca010b3f004a5e908108707af6690c2d375edfd8df61cef98f8367c04cb7358d830ef810d4233d54098c58f8","ssdeep":"1536:Pd+Rw6RTyFd+Rw6RTy4hMWYL1ZrR6PPaYSe0QZWFnbAVwNhyrvJ6S2bnm9+:PsDRTyFsDRTyfBL1Z16XXSe0QMFbiXJS","tlshash":"9e83f1606a688f2ae4a59b7872e8d3f76337a76dc3e35991784c7d123f302600d4d2d2","first_seen":"2025-09-02T16:16:24.150956Z","last_seen":"2026-04-03T17:23:29.965887Z","times_seen":933,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/feeds/posts/default/-/?orderby=published\u0026alt=json-in-script\u0026callback=labelthumbs","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /feeds/posts/default/-/?orderby=published\u0026alt=json-in-script\u0026callback=labelthumbs HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 15 Oct 2025 19:36:27 GMT\r\nserver: Blogger Render Server 1.0\r\ncontent-length: 193\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":193,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"83b482393f028e6de91b032e7fae746b","sha1":"50bad14cd7b4602d7b9f1ef6d769288588594fc8","sha256":"031cbc91f964c96aa1975380c3bd66f5fe254439f3281bf0e06bc385c3912aa2","sha512":"513a494d65834c6f9adcb789c4406362fb314ad6b6df2614476a39c491c13b10ea5f090a07bb19dd8266f4b0c012681b98c8e07bf5515faf3d165ef5cd7689be","ssdeep":"","tlshash":"eac0227a147e08c151801cfaa1a8602d0ad83805b8870cf8802dea28b4e0180c0803c6","first_seen":"2023-03-12T23:39:14Z","last_seen":"2026-03-30T00:42:48.723978Z","times_seen":870,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2IhwTxkKz9v698caNeW7fV8rMmsR0DqSlgdKFQa8K9DDtFEP05LzjWl9KO%2BmFwrrU5RWquf6Y8KaDghgS2xxpiPCjkRq0WIVVM6Ii2A%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98f1c3fa0fb5b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":51,"dns":5,"connect":1,"send":0,"wait":131,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/sbar.json?key=c2a4795bd129ec38aabf8f830c396956\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /sbar.json?key=c2a4795bd129ec38aabf8f830c396956\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=7; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 5041\r\nConnection: close\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs=8; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nu_pl23824025=1; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nslecc2a4795bd129ec38aabf8f830c396956=[5974464]; expires=Wed, 15 Oct 2025 19:36:33 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9d6aa6a82655e91b7ec3f4ea6fab93dc\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6486,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"bf5223d3a12eb3c3ab83cfc002919480","sha1":"d3e12806e8fd7ba61b40d91bd2beaacccbb940b2","sha256":"9da476c6df7c4aa1d2401a8a79c1939cc9953483ef03c0380392f7dea489afc7","sha512":"cfb7fb4385cfb7d1d6352eb64be19624769b6ca1416309cb22cdc8da5474d27b9122f0f4319c630d0445865c62a841212b09d4728b141009209dbd47096543d3","ssdeep":"192:9zZ79i7a1oJ3hyZN2Dcx3HzuMjQZyeH7siGj0Fx6ZobW:9zZ79i2U3h8AU3TrQZymw0PQobW","tlshash":"b5d16d9d06ec05ee0bd2ce943d9d0c365c028f1b6e589d4e8a9be27d15f2d639a51305","first_seen":"2025-10-15T19:37:20.73614Z","last_seen":"2025-10-15T19:37:20.73614Z","times_seen":1,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 13 Oct 2025 23:17:37 GMT\r\nexpires: Tue, 13 Oct 2026 23:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 159525\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T11:46:59.437094Z","times_seen":714426,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":125,"dns":0,"connect":29,"send":0,"wait":29,"receive":35,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3eaacdfd2747fd863b748ba729424eb2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/b7/09/c5/b709c5ad6d7ca4b6de0d4b139433b86e/1756656476.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/b7/09/c5/b709c5ad6d7ca4b6de0d4b139433b86e/1756656476.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96055\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:56 GMT\r\netag: \"68b4735c-17737\"\r\nexpires: Fri, 17 Oct 2025 19:36:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96055,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:39:44], progressive, precision 8, 300x250, components 3","md5":"cea1c2522ea23ff9805589bf49a8ae56","sha1":"d1575105c86e29e931c25250fc7295c5271cf084","sha256":"dff393c9f862d48bc9b68a9ec83e1a7326748a3d92a5916884961dfef0c8f0ea","sha512":"b7980259b7a0dd40cbd2b7d979d1ff304508460793fec5edfb60f07f7019ba81c297ab707b885f9f9ae1a7ed5de25dbf2e0daab75ffa0bf8d3e5d81cc77d1d66","ssdeep":"1536:6KgbTzLNKgbTzLsmSuBjRbi+ZbXB6iAcHUfhdFKj2vwsBLqG+UbP5D5:hg3zwg3zYuTbi+ZbR6iA3Jmj8sG+UT","tlshash":"c99302a85797daf3fdf0a1707081df4d2122bd46e2a3625ebd9c2706bb7435b498b041","first_seen":"2025-09-02T18:14:58.777112Z","last_seen":"2026-04-04T11:48:03.925083Z","times_seen":1052,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 438600d47cfe80cb1bd839cd71b71328\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Fri, 17 Oct 2025 19:36:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-04-04T09:06:35.652387Z","times_seen":980,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3g384OdBjOJJZQ4eFNzZ_preaYME1xhZjElMIkE8SHVV92w5PVVtVX9MVoRgIOTm5mY89Twzu-tHEPUmGAiz3gJCxtMesiD-AR6EeJWeHVh9od-v52l43rffvjkqDomHgh5cfEdtiTSlq5223XrpqpBcVaZ1_krLsdv2qdZVIQP_VGvYOF2-6nh-23659VbM-mrVtR3bdmyndVboOFHD1TkKkd0NnXZot3237XR8DPV_a1P8D4Za4OUhOQnBZ0_-kXwAwaaQg-_PxKafq-yVNwdFSnOlUfK992RfqkpicJwm2kIi9xZsKDMj5IslKLm3mACqnDQTIBIzsvTsI0RybyETUblzpDRKEUtE_AlU5RRxOoWgUzB1A4I_JADjOH8BcrB7XumKXjtCaYPOyInHf0FUM3Li0TOQg-_WUzFsXVZpkQslDYZJDTGcQvSmyIp95FtLENU-WP4ZBP-VrD4-BzmYXDCpguAHL_IwomHgdFbCiLsrfhiGK7Rj8xUnCLo29bzAi5z5ikQyBTUWiuYRForEQpFZGPCDlm93feZQL0hCztZsn_o-jyM77Lq2TUO2hoI12reRZ9tg6TaYvnW3-DBLXa_ret2uO3J2M76Z98tJrot4UkhmRsFXRy3Xmzd3m6brjZzjF8MwGDl7R6zOnLTTkDqjAJm-jr64_bBzErq4D7NZw_AWTD4j1rufouQ1qpigMgQVJagEQZUTVGW9w1PjmnqXp6aInEV0F9GrxyrvjeiOynuxJKB6G5rXE5F9bG6A5cvjrcTwsWocjfJ6TCNej7JD8lTz6az-zTvoxwct5lJ_LexE3HHDmHldSqOkm3Q9m3lhEHYCGFFDmKX5wrfEjLx273dkYkZemHyOiO7DpPtgYhm0eB60qkE3a2zJH9VAin5aGFHGbaYGbdkDVzWy_ATya9YoPSRPjy9dWb8_v6P3o08Qswenf7rT2Jdgukama3wkfiHopbfGl1RFJpdUZcgPF7JcDMQWbW7sck7zePmbt-NrldJ844zZ_vp11gBNevdKbPJzVHIhe4Z8uy44j_VZpVlM7m2Yq3F0sTCb64WWRXbu4htnNwaZjo0RSk5BxYz8v34OTMzIyeHK_P9xr2-AZddhsmOdRhFEmYVUEKTxA7Iw0KiG-VcdHecjcws9bYHmNyAHNUpdo0xr0HQbplge55l-cPo3b26IUmscpdqaRKlObx_tyYiDVuLFLrPt7lrgeN0kdjyfs6TT9UMeUNvzYuRmtvnn3z__EwAA___Cx1A84gQAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3g384OdBjOJJZQ4eFNzZ_preaYME1xhZjElMIkE8SHVV92w5PVVtVX9MVoRgIOTm5mY89Twzu-tHEPUmGAiz3gJCxtMesiD-AR6EeJWeHVh9od-v52l43rffvjkqDomHgh5cfEdtiTSlq5223XrpqpBcVaZ1_krLsdv2qdZVIQP_VGvYOF2-6nh-23659VbM-mrVtR3bdmyndVboOFHD1TkKkd0NnXZot3237XR8DPV_a1P8D4Za4OUhOQnBZ0_-kXwAwaaQg-_PxKafq-yVNwdFSnOlUfK992RfqkpicJwm2kIi9xZsKDMj5IslKLm3mACqnDQTIBIzsvTsI0RybyETUblzpDRKEUtE_AlU5RRxOoWgUzB1A4I_JADjOH8BcrB7XumKXjtCaYPOyInHf0FUM3Li0TOQg-_WUzFsXVZpkQslDYZJDTGcQvSmyIp95FtLENU-WP4ZBP-VrD4-BzmYXDCpguAHL_IwomHgdFbCiLsrfhiGK7Rj8xUnCLo29bzAi5z5ikQyBTUWiuYRForEQpFZGPCDlm93feZQL0hCztZsn_o-jyM77Lq2TUO2hoI12reRZ9tg6TaYvnW3-DBLXa_ret2uO3J2M76Z98tJrot4UkhmRsFXRy3Xmzd3m6brjZzjF8MwGDl7R6zOnLTTkDqjAJm-jr64_bBzErq4D7NZw_AWTD4j1rufouQ1qpigMgQVJagEQZUTVGW9w1PjmnqXp6aInEV0F9GrxyrvjeiOynuxJKB6G5rXE5F9bG6A5cvjrcTwsWocjfJ6TCNej7JD8lTz6az-zTvoxwct5lJ_LexE3HHDmHldSqOkm3Q9m3lhEHYCGFFDmKX5wrfEjLx273dkYkZemHyOiO7DpPtgYhm0eB60qkE3a2zJH9VAin5aGFHGbaYGbdkDVzWy_ATya9YoPSRPjy9dWb8_v6P3o08Qswenf7rT2Jdgukama3wkfiHopbfGl1RFJpdUZcgPF7JcDMQWbW7sck7zePmbt-NrldJ844zZ_vp11gBNevdKbPJzVHIhe4Z8uy44j_VZpVlM7m2Yq3F0sTCb64WWRXbu4htnNwaZjo0RSk5BxYz8v34OTMzIyeHK_P9xr2-AZddhsmOdRhFEmYVUEKTxA7Iw0KiG-VcdHecjcws9bYHmNyAHNUpdo0xr0HQbplge55l-cPo3b26IUmscpdqaRKlObx_tyYiDVuLFLrPt7lrgeN0kdjyfs6TT9UMeUNvzYuRmtvnn3z__EwAA___Cx1A84gQAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo2LCJhdSI6NiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.8aFpBrKFUXN7d_zCVOZ4Tb8bQLB1H1kuvjYyepDzq2w; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=7; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=6; u_pl23823882=1; pdhtkv29=true; uncs29=1; u_pl23824025=1; slecc2a4795bd129ec38aabf8f830c396956=[5857915]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:29 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+57d29f159b22335e7b81ec6c49aad780=5857915; expires=Thu, 16 Oct 2025 19:36:29 GMT; path=/; secure; SameSite=None\niprc_l:5857915=1; expires=Thu, 16 Oct 2025 19:36:29 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dfa046f8448c8dd304b4015d81ed77d9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/favicon.ico","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/x-icon\r\nexpires: Wed, 15 Oct 2025 19:36:35 GMT\r\ndate: Wed, 15 Oct 2025 19:36:35 GMT\r\ncache-control: private, max-age=86400\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\netag: W/\"6e9d0af05e5c27a5815a6360c69edcaa647a779ce6f50d354ef03a2d93101f17\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self'\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 710\r\nserver: GSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"4b2bb9855145f99466e90d2345077ca0","sha1":"83c239a1ec86405e52763c2d7adf89119235698c","sha256":"5cdc74273f9f5d5ed385c0a156f06f80baeb47a109d9f9543bcc502fba11d6b0","sha512":"8d077c113cd705fc14230b76024cd18bc04ab6a43f638f2d00dc9bf4d37b45ecd80848da4a442c6c99b58109347c3ef923692bdb13ecc5fd3f7187d114fafa9d","ssdeep":"","tlshash":"2521abe61c4965e0e9580f7240122d341a9baf29be4df5502c64709bd7f70d319396a6","first_seen":"2025-10-15T19:37:20.745079Z","last_seen":"2025-10-15T19:37:20.745079Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5313,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":5311,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:24 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1440435167276.js?dev=e\u0026key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=59bfe5caed488f1b1bc25ceb59ff371921beaed8ad9ebd614087c9bb9d99256342510cf2a0a84657fd0a176a1152a8a1fa82547b5ac943820cf2e1a1a61090f99465db7eba8f14bcd122dd576d0d590b8b602afeb664fa281f13e0\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1440435167276.js?dev=e\u0026key=f28a1198c98b94df67a70edb79176a48\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=59bfe5caed488f1b1bc25ceb59ff371921beaed8ad9ebd614087c9bb9d99256342510cf2a0a84657fd0a176a1152a8a1fa82547b5ac943820cf2e1a1a61090f99465db7eba8f14bcd122dd576d0d590b8b602afeb664fa281f13e0\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjUzODA2OSwiayI6ImYyOGExMTk4Yzk4Yjk0ZGY2N2E3MGVkYjc5MTc2YTQ4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNSwicHQiOjQsInBrIjoiYmppNGFnMnEiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.w_88Kt97WnEIprWAD2hQ69_2zkWEdKyBUQ-LnfpS0YI; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 3362\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\npdhtkv25=true; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nuncs25=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\nu_pl26538069=1; expires=Thu, 16 Oct 2025 19:36:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 25\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b47cf689606e0d3df8af46076b38bb9c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4724,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3848)","md5":"78445fc543674c3617a81c5f49039b25","sha1":"61feba1e414ecc164881759704029836eb48f3b8","sha256":"ba09ee55d8dc673084bcd7e7d7d2eecb36ab4b86e6d377eff6230034e582481b","sha512":"08590ad3e3fa528124b8e7e0cfe1a7038e90be01f25bad7b17269f5f7abaf5b66f831f39a4c1337733a4c6e44f86a48b5e3a6557d6bf2c6026965dd96de0e355","ssdeep":"96:3oz0KNrIZZwe7CVCWrOZMKok/xQMdFrVitwM/eCXxq51ZDYRCfMEDaH:YzX8nQVxyZokJQMdFBizXxGVWCkCaH","tlshash":"73a14ca93dd8a6742816707e22bf35492c70c2171d24cb89b85cda154f21bf54f68d5d","first_seen":"2025-10-15T19:37:20.750539Z","last_seen":"2025-10-15T19:37:20.750539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 15 Oct 2025 19:36:28 GMT\r\ndate: Wed, 15 Oct 2025 19:36:28 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"aa770992960d5d36cf6ba4357f990aa9","sha1":"46cce46df4f47c159c31632cfb45ca0f0144ff0f","sha256":"ea95379db9e2554185ea2a578330b742412ef90d2ccd704a76ed133d990f052b","sha512":"42a66305d9a2990560ee0468c3a36e4b4a1b1ca98cf0922717b9519d17760c63930cb21fe7258671a873a4f9a1bfa520778ce2f002bfba120c99e3f5db00ebea","ssdeep":"768:DDADRDYDKDf4DQLDDDXDfc70afUQRptmJKBLfhQE8YtCR6UfaQ7zfTYHw+fQQVN7:+2Biad","tlshash":"afc2eda1041740009b839ce223cebf35fe5f92117141d0b9abfd9b6badcbc66526936d","first_seen":"2025-09-09T03:39:37.780899Z","last_seen":"2025-11-18T23:25:50.567773Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlfdgnySkHHVC5lJbLHFBoGiOD-YxYwn8Zbl8OVfiQ3eebtyiSMRk3fPsPCQpG7yWHwLIhO_nxqR_pjem1mC9d8nAHmxQeNVg6_uKq_eDKtlrjoUrlk-qtb5qChyphenhyphenMljMF6uglGjkk4svfStRWr8OMgmC_HYv6z2_thLGF0aBNCT2yWPy0AXnTh2Wkxfyg/w320-h213/FUET%20Ogoni%20Post%20UTME\u0026DE%20Form%20for%202025\u00262026%20Admission.jpeg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhlfdgnySkHHVC5lJbLHFBoGiOD-YxYwn8Zbl8OVfiQ3eebtyiSMRk3fPsPCQpG7yWHwLIhO_nxqR_pjem1mC9d8nAHmxQeNVg6_uKq_eDKtlrjoUrlk-qtb5qChyphenhyphenMljMF6uglGjkk4svfStRWr8OMgmC_HYv6z2_thLGF0aBNCT2yWPy0AXnTh2Wkxfyg/w320-h213/FUET%20Ogoni%20Post%20UTME\u0026DE%20Form%20for%202025\u00262026%20Admission.jpeg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v15f4\"\r\nexpires: Thu, 16 Oct 2025 19:36:30 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"FUET Ogoni Post UTME\u0026DE Form for 2025\u00262026 Admission.jpeg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\nserver: fife\r\ncontent-length: 7671\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7671,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 192x128, components 3","md5":"b5929f989cbcb6a8492826e845bb55c2","sha1":"3afadeed51d23800684a1fb69770695f67dfd5b5","sha256":"10e9ec61cd7aac2552a1b624ee9be47519aa687161904a320d08706d7e64c7f6","sha512":"5d93de5fdae855e270c07d4111c8f776d69fdaa2fc3eacac055706307a4d7f9b008ec1fff1d882ed29f35fbd30e9ef46db214b104b79cc47068fdb8b369c470d","ssdeep":"192:mgHzAw1ne/Dqri87TPbIUg50gsubBbd7bPfxr:mgT3he/Dq/77EUg50W7","tlshash":"4af18ef817c570c7cb00a5b115cc36e0dd6634bfc75aca38fa9126805a1a8a35626c3d","first_seen":"2025-10-15T19:37:20.761564Z","last_seen":"2025-10-15T19:37:20.761564Z","times_seen":1,"resource_available":false,"data":null}},"time_used":728,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":727,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 03:23:24 GMT","end":"Mon, 08 Dec 2025 04:23:14 GMT"},"fingerprint":{"sha1":"2D:94:96:D6:08:54:E8:A2:4A:A9:D7:90:E4:75:91:6B:AC:CB:AA:24","sha256":"24:50:0C:86:73:A4:E6:6C:AD:20:57:80:86:4E:19:B1:E9:76:7F:2A:BE:CC:E9:75:B2:07:67:62:FA:9B:E7:8D"}}},"request":{"raw":"GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://maxcdn.bootstrapcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:22 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 66624\r\ncf-ray: 98f1c3d619bb49c5-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\netag: \"db812d8a70a4e88e888744c1c9a27e89\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:54 GMT\r\ncdn-cachedat: 08/24/2025 11:31:43\r\ncdn-proxyver: 1.34\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1333\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: cfcd9d00a0b6b80de0ef92b292efde43\r\ncdn-cache: HIT\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66624,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 66624, version 4.262","md5":"db812d8a70a4e88e888744c1c9a27e89","sha1":"638c652d623280a58144f93e7b552c66d1667a11","sha256":"ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995","sha512":"17222f02957b3335849e3fe277b17c21c4aaf0c76cd3da01a4ca39c035629695d29645913865b78e097066492f9cee5618af5159560363d2723bed7c3b9cf2a8","ssdeep":"1536:P7P0ehdxE792JHJ2qrz+MoCpeUtsG9eDeh9Zw+ZyqJ:PPlYw1re8Lsqh7MqJ","tlshash":"ae5302303406ab26ecdf0e8776b888f2b4da91d37b5f22c753aa84115dc91d5d94ca3e","first_seen":"2023-04-05T13:28:44Z","last_seen":"2026-04-04T11:19:03.214547Z","times_seen":25868,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":56,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1217046057123.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1217046057123.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MywiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.-jRzJ9aO6K9rZOmsLfBRn6sTJ3wkA7s8DUgaU_y_ovg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv25=true; uncs25=1; u_pl26538069=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://skinnycrawlinglax.com/watch.1217046057123.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557047\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=e116b3bf754b037e99d8e037b58765b20d712e55fa3cb98dbd49f35910a5b9e268e8c3620b1eabbf13f0053fdf435de26a1fe40c2b896490576d733939ae3d84865956a4c0c4474abeed8d7e93f231920f059f133a9b5ab97f8d77\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; expires=Wed, 15 Oct 2025 19:37:27 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c352cc5cc47dbe188c737f15eb6e2ad4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4812,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: efe245615544954c69aff72963c70aac\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"fe1eb2b232029bd77da23533fb72c4f3","sha1":"5b06eb2e69d1604da86ffdd1080de1cf0cc33e82","sha256":"71892d1f833e12d36e4b58ba64bb06c84be3187bfd9f0a278ca5d591c74a207d","sha512":"0857e46ef3cfccb808104e85540a792fa3dcf1881e4fd2cbd27d3debb37e7863ea297b2ab894f470e28db5d9e2e203d5a91f60a2d5f14beff679c88b46341cf1","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybej95G:36rxKbk0CrQ+fdwNDba1lIlcPEl5G","tlshash":"8a23d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.295932Z","last_seen":"2025-10-15T19:37:20.295932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/favicon.ico","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/x-icon; charset=UTF-8\r\nexpires: Wed, 15 Oct 2025 19:36:29 GMT\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncache-control: private, max-age=86400\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\netag: W/\"6e9d0af05e5c27a5815a6360c69edcaa647a779ce6f50d354ef03a2d93101f17\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 710\r\nserver: GSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon; charset=UTF-8","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"4b2bb9855145f99466e90d2345077ca0","sha1":"83c239a1ec86405e52763c2d7adf89119235698c","sha256":"5cdc74273f9f5d5ed385c0a156f06f80baeb47a109d9f9543bcc502fba11d6b0","sha512":"8d077c113cd705fc14230b76024cd18bc04ab6a43f638f2d00dc9bf4d37b45ecd80848da4a442c6c99b58109347c3ef923692bdb13ecc5fd3f7187d114fafa9d","ssdeep":"","tlshash":"2521abe61c4965e0e9580f7240122d341a9baf29be4df5502c64709bd7f70d319396a6","first_seen":"2025-10-15T19:37:20.745079Z","last_seen":"2025-10-15T19:37:20.745079Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Fri, 17 Oct 2025 19:36:23 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.198.152.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Sat, 13 Oct 2035 19:36:22 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8361be793388e068fcb016b2294a6090","sha1":"187c056c525f9a1a93f531cd4429904f3717d717","sha256":"74e71a9cc4c4e8625e6f44cca2ec3386e2908c100c1f9e071b375455a1b75e49","sha512":"2c7c587ce006e9771e05b213b7b90e1402e46316aa816726dce18032089bedb27e57f14b555a17de4a66905b80f843179883ef5a56afd57ccf1ac7f8e47b95d8","ssdeep":"","tlshash":"599004153005c1141745571450170f0cc4c0c4d3f0057540c441c00315d1400517d513","first_seen":"2025-10-15T19:37:20.770961Z","last_seen":"2025-10-15T19:37:20.770961Z","times_seen":1,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":81,"dns":11,"connect":21,"send":0,"wait":21,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.70991530479.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2631fc6ab6c5790a4f3897aafed2c7fc1a8287638377708c3a1847e7b0fa63063e7821aee4fec52d67a6b4cce109ea053ad83fd14f15ccac267e892e033beb3065ae300a0cbf2867a2d0b387c47a5795a94482ec195983ed0102e7\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.70991530479.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2631fc6ab6c5790a4f3897aafed2c7fc1a8287638377708c3a1847e7b0fa63063e7821aee4fec52d67a6b4cce109ea053ad83fd14f15ccac267e892e033beb3065ae300a0cbf2867a2d0b387c47a5795a94482ec195983ed0102e7\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 3412\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs=4; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\nuncs5=4; expires=Thu, 16 Oct 2025 19:36:25 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 399b1f08b85254862da7359ad6fede1b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3886)","md5":"9a3ad32cabd1a08c6126167748184b15","sha1":"f921d2d36209c0bb20cd6a0be00ff055cd8872a0","sha256":"46b46eb7e17cfe554f33074795d436681009eda15cacd4f32348bdec0799274a","sha512":"3d1cdd27c7c66e16871345efd6f8fce4f5a610c0d2156d69f8019a2ec2798bbe32309bc0f8c9b66df790c0a035024f7b5b59c182fc240a68042a251fbc5c98e9","ssdeep":"96:yozKzx00+E3YYR1v2T/neePVPk/qzUml7+tvUGlw1ZDWCfMEDaH:vzYHvcPPkMtRqLloVWCkCaH","tlshash":"86a13a55addb827dd88d60be123b52045e62820e3605ce4abaccf1502b507900cfd8d8","first_seen":"2025-10-15T19:37:20.778157Z","last_seen":"2025-10-15T19:37:20.778157Z","times_seen":1,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.84146725885.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557048\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=15625d720271b0f2ba8bc872649c6d0d521a8b81bc2ab5e6e4d5c834bae02ee57ff89e74c45dd64df9566d2f4f0888c79a7a5b1db8821f120ec69be71a2f38b9a01124c7cb04972d512d4371fbcf9da92b29841ffc236d9034195b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.84146725885.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557048\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=15625d720271b0f2ba8bc872649c6d0d521a8b81bc2ab5e6e4d5c834bae02ee57ff89e74c45dd64df9566d2f4f0888c79a7a5b1db8821f120ec69be71a2f38b9a01124c7cb04972d512d4371fbcf9da92b29841ffc236d9034195b\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.o0VBR64Al3k-FgUtGuKLxhdV0cNljckM8vFP8_u-Fxg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=1; u_pl23823882=1; pdhtkv23=true; uncs23=1; u_pl23823996=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 3044\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs=3; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\nuncs5=2; expires=Thu, 16 Oct 2025 19:36:28 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 6\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 991168da8f56c1205995a4f0c1a77d77\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3886)","md5":"8600fadf85ac100c31941643392a60a5","sha1":"d07dea2743ca1cffbc881c6f5c818724d4db08fe","sha256":"c815a4eced8c8ee7f4f08e47d6678df98d5c67111e7fd0b7906f79bc87b295ed","sha512":"e0b9a539080418cabd76dfc980bb94efd3a3e24f7998257b3520ff11f34970b77e7e461d982f4a524bc9de4e8e42e6bd5011d86f6bfb7d8c6e952c0c91c927d5","ssdeep":"96:yoz+0agi6ubeNqeX0onVNZD+k/Xm6uMNv1ZDWCfMEDaH:vz8gg80oVNZCkf5/VWCkCaH","tlshash":"1da11a358e78617a54b7b87f5e3b71063ab0414a2a49de01b91ce7109f32a941b78dcd","first_seen":"2025-10-15T19:37:20.784386Z","last_seen":"2025-10-15T19:37:20.784386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.topcreativeformat.com/da4057f56deac1caae7482053a78f1aa/invoke.js","fqdn":"www.topcreativeformat.com","domain":"topcreativeformat.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"topcreativeformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 22:49:40 GMT","end":"Fri, 12 Dec 2025 22:49:39 GMT"},"fingerprint":{"sha1":"EC:8E:4C:47:74:D4:52:B0:02:BF:8C:E1:9B:75:13:26:E9:48:B2:13","sha256":"35:28:22:C4:11:25:D9:9D:11:C3:9A:90:41:C0:9D:99:07:30:6F:EC:0B:B0:45:BE:33:2D:93:8B:89:E7:1A:01"}}},"request":{"raw":"GET /da4057f56deac1caae7482053a78f1aa/invoke.js HTTP/1.1\r\nHost: www.topcreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18429\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 9\r\nHost: www.topcreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b3184d467e2fb15a254859ff0d503d2f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46266), with no line terminators","md5":"7d6cb18cde944ab4b50e124df6bd1c27","sha1":"23526de971feadeb9cb6d667429376cde8e2448a","sha256":"78f9f79d1d54976fd1372be851acadeafa013018d2b2feeaaab262ca448be555","sha512":"3e52f72b606f74290912a4d740ea0b8d26630305b36f157363d52ba399226026672d98901c3b4c5f78c5a55f372dd7eff805b81cada8889eca7c152bfcdeafe6","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4YybsjvDI:36rxKbk0CrQ+fdwNDba1lIlcPExDI","tlshash":"7d23c48e3f71f15866867037223f9417f22a4e55248de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.788764Z","last_seen":"2025-10-15T19:37:20.788764Z","times_seen":1,"resource_available":true,"data":null}},"time_used":895,"timings":{"blocked":340,"dns":14,"connect":92,"send":0,"wait":103,"receive":92,"ssl":251},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.topcreativeformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landings-cdn.adsterratech.com/referralBanners/gif/720x90_adsterra_reff.gif","fqdn":"landings-cdn.adsterratech.com","domain":"adsterratech.com","tld":"com"},"ip":{"addr":"172.240.127.240","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:21.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"landings-cdn.adsterratech.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 21:38:15 GMT","end":"Thu, 20 Nov 2025 21:38:14 GMT"},"fingerprint":{"sha1":"5A:D5:67:0F:71:3E:06:35:BB:22:81:6A:A3:AD:59:69:36:A4:AD:C6","sha256":"D7:02:D0:21:2C:8C:E4:33:59:1C:8A:98:5F:84:01:D8:D6:57:98:8F:13:49:EE:A0:B1:23:89:8A:A6:69:74:1F"}}},"request":{"raw":"GET /referralBanners/gif/720x90_adsterra_reff.gif HTTP/1.1\r\nHost: landings-cdn.adsterratech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:22 GMT\r\nContent-Type: image/gif\r\nContent-Length: 37382\r\nLast-Modified: Wed, 04 Sep 2024 13:17:53 GMT\r\nConnection: keep-alive\r\nETag: \"66d85e01-9206\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37382,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 728 x 90","md5":"a9c3397e4b9131d185b55dcb284db860","sha1":"538e2cff26bdd970c492b34b13e24ba0caaf8555","sha256":"d2b9de7ec169f87cdcda33ee7b19e8e0a103b1e4ec7350efbad5743f46876934","sha512":"4be44058837be2ffcab9472731b6b2474ef01431657c7541d897bb7d5fa18c3b3a4ac25a5d8b56d639b5dfee78d7012cf0fa98f099d9e50c4d3967b9961bc414","ssdeep":"768:TsjtUN5/Kz/FAuCUv5vsYQ65N1dXavz7+qev0OT8wju0xYPHG:QjsCLFAuF1PQ6X1dXWz73Qjwp0ePm","tlshash":"3ff2e1c41067e410cba4df3e1f9cbcd097712093b6134e5acad792fea09b29bcad5552","first_seen":"2025-01-05T19:00:09.946581Z","last_seen":"2026-03-01T02:43:27.467862Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1010,"timings":{"blocked":528,"dns":0,"connect":92,"send":0,"wait":187,"receive":1,"ssl":202},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.198.152.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:22.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 19:36:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8361be793388e068fcb016b2294a6090","sha1":"187c056c525f9a1a93f531cd4429904f3717d717","sha256":"74e71a9cc4c4e8625e6f44cca2ec3386e2908c100c1f9e071b375455a1b75e49","sha512":"2c7c587ce006e9771e05b213b7b90e1402e46316aa816726dce18032089bedb27e57f14b555a17de4a66905b80f843179883ef5a56afd57ccf1ac7f8e47b95d8","ssdeep":"","tlshash":"599004153005c1141745571450170f0cc4c0c4d3f0057540c441c00315d1400517d513","first_seen":"2025-10-15T19:37:20.770961Z","last_seen":"2025-10-15T19:37:20.770961Z","times_seen":1,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18414\r\nConnection: close\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: badc872342ee6891654cef1072d1fa71\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46236,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46236), with no line terminators","md5":"617b9c4f2717bcdab07b3bdf3a393dd0","sha1":"a554d336c44fca9ae2b21592f0e30aa41e0f6e52","sha256":"a094f57cfadd20d10252cbaba1574450d66c00875eef7ab40e1e9dfff57e16e7","sha512":"ca306d205e4a20198a23df3148edbc395f042922c2136301f69ef3777ce94c0b12939006ff81eb469c7b4812e749dd1c84abd203216a38aea8d72c2e359c5342","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybejy2X:36rxKbk0CrQ+fdwNDba1lIlcPEq2X","tlshash":"7023c48e3f71f15856867037223f9417f22a4e55208de0f8d216b4a13ef8b69e837b25","first_seen":"2025-10-15T19:37:20.409713Z","last_seen":"2025-10-15T19:37:20.409713Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.70991530479.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.70991530479.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjozLCJhdSI6MywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.oZd5siqe8_fbPpGFyvkMVltB1UPXc5cxU3sSn17Qz2Y; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=3; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=3; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.70991530479.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=2631fc6ab6c5790a4f3897aafed2c7fc1a8287638377708c3a1847e7b0fa63063e7821aee4fec52d67a6b4cce109ea053ad83fd14f15ccac267e892e033beb3065ae300a0cbf2867a2d0b387c47a5795a94482ec195983ed0102e7\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo0LCJhdSI6NCwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.2RHdGViMfyXWohzhW9dfzMLADE10VmjyuNQn743O6JM; expires=Wed, 15 Oct 2025 19:37:25 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 50f3361f793ba64fff3b0ddbc8e34703\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1526263903265.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f05ed564753b99fdb6ad4a17652d95b5c0aac115e1429738b94c354a1320929cb75c0142079555522a520c78ff1c4f0dde540497badad8329d3c171a21801793699c476e765aebcb0e31f5eb6181af23d33c2e34eae291c3834b5c\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:27.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1526263903265.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f05ed564753b99fdb6ad4a17652d95b5c0aac115e1429738b94c354a1320929cb75c0142079555522a520c78ff1c4f0dde540497badad8329d3c171a21801793699c476e765aebcb0e31f5eb6181af23d33c2e34eae291c3834b5c\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.cBjrUEQBxa9UBRRIOA4jctzFrQxyuur-b4mSBoLJeLg; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 3686\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\nu_pl23823996=1; expires=Thu, 16 Oct 2025 19:36:27 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 22\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e68e3d7261f6e70a8a2f727b271fbf1c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4720,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3844)","md5":"b8c70816573c94f21edcd581970f7c1a","sha1":"bfd9c06a8f10e280d01e74deaced6a4ce550016a","sha256":"8f761bbadf0b84376bf266c2c344ac6dc7959a39e657d4a1735f1aa26c0718dd","sha512":"c993729a5d34284efcd678930c573e60002e3b58605ad59953d5bb3468a9e6c1c8361752f3f0b8423f3413a84f6f99ae4d39023ad000b59f08b487edc0d7517d","ssdeep":"96:woz2WGTjVNOUQBo7NMvBe98Wk/7pcDfyvUh1ZDeCfMEDaH:ZzwjIBGOZeVkDpcD6uVeCkCaH","tlshash":"77a13b769d979239041a342e257b961c3cf2840f2b56cd05f89cd9525f30a750fb9ccc","first_seen":"2025-10-15T19:37:20.801726Z","last_seen":"2025-10-15T19:37:20.801726Z","times_seen":1,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=274","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=274 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1Ijo3LCJhdSI6NywiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.ourjQM-NuFZey89oSYhPd4lveFS65C0QQyhiho-toaA; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=7; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=7; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:28 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.822861793833.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.822861793833.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://www.omniklusive.com.ng\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.822861793833.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557044\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=c0301fb493756ccbbc4460ba5ea6b497bac604802ff1f880f26dc23dd53f627b5a860109fe14296a058bc0b49394dfe997e85a2676bc37968e77776a952b8a2df3053f79527877c2024e3d7f543ec17cdf23b73c9ac406210ed368\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.LCOoei5RHP55YrRCCbJc9twlWSLRrRojpHJOP03bfTw; expires=Wed, 15 Oct 2025 19:37:24 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 089ccd6dc84f7e5a66ac4de20ef57dfd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4770,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:28.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Oct 2025 19:36:29 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa8501-3bd\"\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NuoVAaIxu0SRdG4bkAgvO3XM8CzL0FyzPzFGbJ%2Bnv%2Fu%2BIXdfVR7ArXDvGckNw3ktnxBI68g0q%2Bq%2FJ73smDpGHxx2vDoFL4v8wDKsAdC1\"}]}\r\ncf-ray: 98f1c3fd2b5eb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.770971676583.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=4fe0739da1ec9f15e986867a843bf991fe1a0ef0ca1cff29e48585fa1d4407eab266f21143ac62ab6cb52e267744b3451bdcf8f4c94f3ebef0eef2ef952763d42ce204fa25427a55b7bf7c46eafb44723d0460fbc64770b9845746\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /watch.770971676583.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%5D\u0026pst=1760557043\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=4fe0739da1ec9f15e986867a843bf991fe1a0ef0ca1cff29e48585fa1d4407eab266f21143ac62ab6cb52e267744b3451bdcf8f4c94f3ebef0eef2ef952763d42ce204fa25427a55b7bf7c46eafb44723d0460fbc64770b9845746\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nReferer: https://www.omniklusive.com.ng/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 2243\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; expires=Wed, 22 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\nu_pl23823882=1; expires=Thu, 16 Oct 2025 19:36:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 30\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8bb6c7eb01e414416c3ff75744a6e08c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4630,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3754)","md5":"96575a4af1d3f88a5eae2988f5ffc4cd","sha1":"f3e202bce66b12639451bd59bee4160544ae6184","sha256":"ce40d58d31b3ef023a4d5574deaa04b33cbfb9891fdbc6c76757f5634b5a9f55","sha512":"6682842967f1fd1b67d1695bb9e4f1e3510cd73a3c830c6f6a94ce77aa6702139880c5209c71d24f3940f9012f27df3d08314cfd1ec6263d301a86ef191aab93","ssdeep":"96:yoz/s03Vs6/HfVIpdsowRoWJGouk/os6/HfVIpdsowRoWJGoH451ZDWCfMEDaH:vz/DVs+H9SVtkws+H9SVDTVWCkCaH","tlshash":"cca11aaa7e81612464cd717f2162f36c2fb0910a1a058e49785cbbc08f34f9899b9a99","first_seen":"2025-10-15T19:37:20.807545Z","last_seen":"2025-10-15T19:37:20.807545Z","times_seen":1,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4sdxRauO0neIm_xeMnjLeUuXKg4d6q7q38ZRBxjJBiTkESyEBf1c6a8fbvbru7bk1kFAyG4cRAXuuv57iSDGkRd6CoS7rgLCLlunEUGxT9ARIhbuZOB0QN1znfqq8V3qr66udnskQAN3734RrFus4wvhQPaf-aqzVXRuv75K32PDuip_lWbR-xUf22eqvELXsAG9Nn-a1oOiyWfepR61OufsZU2xdrSPgtb3k29QUoHzB94IcNa9c_eNT043oMa75ETsGr2n1_NW7Byinz05WnthnVRPv_qqMl4XVQYq-0382FetDlGh9BUPZh8--A0Cjcj5OMFFPn2wQQoxlvzCSDsjCz8_xFEvn0gE2J8-4lSkUHnEOrfaMdT6GwHlk8hixuw6iEBpML5C8hHd84XVcuvPWH5nJ2Ro4__gG1n5Oij_yEffbGc2bX-5SJralvkDmumg12bwq5MUTY7qNcXYNsdyPo9WPUDWXp8Dvlo64LLCli1-7RKBU8jL1xMhfIXWZqmizykatGLooTyIIgC4e1fkTVTcNdDM1-2h8b00JQ9jNRun9GESY8HkUmVjCnjjCktaJr4lPJUxmjkXPsG6nIDMtuArK6jrK5jaD98GJ54eOxnVM19uNXdb5jRNA5SxT0tU-OFOk2iJIp5wgJh0tQz2uNUGyq5J43xU82SMAkN9xRjNNZc-FFkfM9jAZeRz0UkRehrP4pjxkTAQk8oaRLDZMpMoIU2VGvja5OGfhwFivlS-5QZ7ofMj3kYiliYWLJIcyMYi_1AURZRI2TE4piKNGFhzCI41YOrCcaqQ6sJWkfQcoLWErQ1QTvubqvM-a67ozLXCO-g-gc16CZFvbLJbxf1is4JeLWBSnVbtnzX3YCsj0zWjVOTYp64qLsJF6rbLPfIf-ee6A1vHsdQ7_YpC0xkQi8U1DDtBxFNo8RPlFRU6DhRcLaDdQv7L7luZ-TFe7-gtDPy1NYHEHwHLtuBtEfAm2Pg7SSgFHx14ocU6_nXxSi3w6xxdqwHshgN8hWookNZH0V9rbeZ7ZGTk0tXlu_v2_Ttn2po-YAcBGTVoaw6vGO_J1jJbk0uFS3ZulS0jnx1oaztyK7zuYUv17zW__rsdX2tLSp19rTb-PRlOSfm8O4V7epzPFc2X3Hk82WrlK7OFJXU5N5Zd1WLi41bXW6qvCnPXXzlzNlRWWnnbJFPwe2MHP_9fUg7Iye_-2T_e4bPfQRZXocrD3W6gkCUBJklyPThPhcd3N96cYg33S2sVD3w-gbyUYdx1WGcdeDZBlxzZFKX1YOXfgz2AyLrTURWkS2RVXPe7vZNoH1JaRJHXpAY7QVMSRMmLFURp0GgUbvZ6m9_fvtXAAAA__-SLNtvPAUAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:23.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4sdxRauO0neIm_xeMnjLeUuXKg4d6q7q38ZRBxjJBiTkESyEBf1c6a8fbvbru7bk1kFAyG4cRAXuuv57iSDGkRd6CoS7rgLCLlunEUGxT9ARIhbuZOB0QN1znfqq8V3qr66udnskQAN3734RrFus4wvhQPaf-aqzVXRuv75K32PDuip_lWbR-xUf22eqvELXsAG9Nn-a1oOiyWfepR61OufsZU2xdrSPgtb3k29QUoHzB94IcNa9c_eNT043oMa75ETsGr2n1_NW7Byinz05WnthnVRPv_qqMl4XVQYq-0382FetDlGh9BUPZh8--A0Cjcj5OMFFPn2wQQoxlvzCSDsjCz8_xFEvn0gE2J8-4lSkUHnEOrfaMdT6GwHlk8hixuw6iEBpML5C8hHd84XVcuvPWH5nJ2Ro4__gG1n5Oij_yEffbGc2bX-5SJralvkDmumg12bwq5MUTY7qNcXYNsdyPo9WPUDWXp8Dvlo64LLCli1-7RKBU8jL1xMhfIXWZqmizykatGLooTyIIgC4e1fkTVTcNdDM1-2h8b00JQ9jNRun9GESY8HkUmVjCnjjCktaJr4lPJUxmjkXPsG6nIDMtuArK6jrK5jaD98GJ54eOxnVM19uNXdb5jRNA5SxT0tU-OFOk2iJIp5wgJh0tQz2uNUGyq5J43xU82SMAkN9xRjNNZc-FFkfM9jAZeRz0UkRehrP4pjxkTAQk8oaRLDZMpMoIU2VGvja5OGfhwFivlS-5QZ7ofMj3kYiliYWLJIcyMYi_1AURZRI2TE4piKNGFhzCI41YOrCcaqQ6sJWkfQcoLWErQ1QTvubqvM-a67ozLXCO-g-gc16CZFvbLJbxf1is4JeLWBSnVbtnzX3YCsj0zWjVOTYp64qLsJF6rbLPfIf-ee6A1vHsdQ7_YpC0xkQi8U1DDtBxFNo8RPlFRU6DhRcLaDdQv7L7luZ-TFe7-gtDPy1NYHEHwHLtuBtEfAm2Pg7SSgFHx14ocU6_nXxSi3w6xxdqwHshgN8hWookNZH0V9rbeZ7ZGTk0tXlu_v2_Ttn2po-YAcBGTVoaw6vGO_J1jJbk0uFS3ZulS0jnx1oaztyK7zuYUv17zW__rsdX2tLSp19rTb-PRlOSfm8O4V7epzPFc2X3Hk82WrlK7OFJXU5N5Zd1WLi41bXW6qvCnPXXzlzNlRWWnnbJFPwe2MHP_9fUg7Iye_-2T_e4bPfQRZXocrD3W6gkCUBJklyPThPhcd3N96cYg33S2sVD3w-gbyUYdx1WGcdeDZBlxzZFKX1YOXfgz2AyLrTURWkS2RVXPe7vZNoH1JaRJHXpAY7QVMSRMmLFURp0GgUbvZ6m9_fvtXAAAA__-SLNtvPAUAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl23823996=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 655d30439fbc2a44d61160f30c9159e2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/043f6f515b0f4e236096828dcd0be78d/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:24.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /043f6f515b0f4e236096828dcd0be78d/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18405\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: df7dbf61571beb10cf6ad07cf1edc381\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46242), with no line terminators","md5":"57b263d494b82a43cfae095771d7b005","sha1":"10b9a3adf60df6820f373ea3b741bfe000929917","sha256":"028d2debec6967c7d2fd4ffd6b178deecf20ef847d120c8d904887a3adad5e4e","sha512":"97a8efc00cc2b3745433b3cef118788039e856da0dc9c4c3d29886d36deef77340ef0159ec47ff2388086475d3a47ea9daf2c2857e31ee59565ec7490d1ba1ab","ssdeep":"768:36pVSvBKlcbk0CrrWB+QCej1cOOwcHcDba1lIrRGswcsVZVE/D4Yybeja2n:36rxKbk0CrQ+fdwNDba1lIlcPES2n","tlshash":"3523d48e3f71f15866867077223f9417f22a4e55208de0f8d216b4a13ef8b69e837725","first_seen":"2025-10-15T19:37:20.317687Z","last_seen":"2025-10-15T19:37:20.317687Z","times_seen":1,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1739585047445.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:25.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.1739585047445.js?key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:25 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://skinnycrawlinglax.com/watch.1739585047445.js?dev=e\u0026key=043f6f515b0f4e236096828dcd0be78d\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557045\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=400a4044cbb51ec24ccca9230e290a9291a33a980ae8e5e2fc8fbac6f4162681c84e5e6f7c907c50c5fe584ad8128331e79bf5de4e866c5eaafe178519bd8ad806b43ebf8ffeb8b792aa93c4aa17ec1dc709e024196cd671d03674\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; expires=Wed, 15 Oct 2025 19:37:25 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7d433ccba58f565dfccfc66090a722c3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4612,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":714,"timings":{"blocked":308,"dns":26,"connect":92,"send":0,"wait":98,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/2024/09/nassarawa-state-college-of-health-science-and-technology-naschost-post-utme-form.html","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:29.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /2024/09/nassarawa-state-college-of-health-science-and-technology-naschost-post-utme-form.html HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Wed, 15 Oct 2025 19:36:30 GMT\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\netag: W/\"6e9d0af05e5c27a5815a6360c69edcaa647a779ce6f50d354ef03a2d93101f17\"\r\nx-robots-tag: all,noodp\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 36020\r\nserver: GSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":250434,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (39350)","md5":"13c22f0994893ab803022b3c8a229083","sha1":"0a48441d38497140b7fb968a5defb46f08949bab","sha256":"31d185626cd53a0e3f73bfe07ed43e84ece3810d8d6a4c958023eab51812cef6","sha512":"4caa6a3b1b14515c05876117dcac20fa5d8df89e809b94c95a613abc05699e0424bbf1740fa734b44b310c51feddc129eba4f2d398ee246a147fb979c5903cca","ssdeep":"1536:F1TbVm8ua/GQCwNlzKNtPLJ1iQDQF+7RmvY+fm52iBJnsqaYIrZf1EAYXDPAPS5m:F1TbkklzytPLT/RmvY+fmHBJFPAPShTU","tlshash":"6a3497f17247824bea7e4853ad547ba992fab55391c0f183d0f8ba0f068a58fd07d9c4","first_seen":"2025-10-15T19:37:20.813404Z","last_seen":"2025-10-15T19:37:20.813404Z","times_seen":1,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEmBGreu8rbtbTcbknX7xIEEeP30BX3as56SYnT2zIQt1scdaAP5ULQnNTDLJNJzIEdVC-pQckXrDs20iwdn2Qbxxv5VpXYq_bTXpDKWPwtWuXVZphsXOn3e7i9-Bhoqah6qMMlpeHiaQP5wy7mchhKoZDgzqfORZIE87zjtbCQ7sqZO3DTC0u3AWBOtQ/w304-h320/ED-JOHN%20Institute%20of%20Mgt%20\u0026%20Tech.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiEmBGreu8rbtbTcbknX7xIEEeP30BX3as56SYnT2zIQt1scdaAP5ULQnNTDLJNJzIEdVC-pQckXrDs20iwdn2Qbxxv5VpXYq_bTXpDKWPwtWuXVZphsXOn3e7i9-Bhoqah6qMMlpeHiaQP5wy7mchhKoZDgzqfORZIE87zjtbCQ7sqZO3DTC0u3AWBOtQ/w304-h320/ED-JOHN%20Institute%20of%20Mgt%20\u0026%20Tech.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v15e4\"\r\nexpires: Thu, 16 Oct 2025 19:36:31 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"ED-JOHN Institute of Mgt \u0026 Tech.png\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 15 Oct 2025 19:36:31 GMT\r\nserver: fife\r\ncontent-length: 11477\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11477,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 202, 8-bit colormap, non-interlaced","md5":"19febd30304ea4ffd62ccd985f8ebbf8","sha1":"6eb9e284539acfd3020b6131a34e8db2fde8104c","sha256":"373a2367c1b3121c13b2479bf9d6d40c101b5fbd11144a4469240c8c412a090a","sha512":"493f9cdc43623349f0243992c068b850ac40ccb22f4bbe69c2039c8debf578b411ad8c154864da3a6c5c7d1acf3334f9b1ae91e5eaab76100ef5e6183c6c7281","ssdeep":"192:cp6e+X/WPLN6KRV+31UcooGyNBpdQuEia9wLE9g1JMPq2SwWQVH2vevoP+X:W9C/yJ6KRV+31yNyNBpyu3uwL51GixwP","tlshash":"e132bf53ba806ec4a83e9454e5c43dc26f59b5a8d6e4ac479808d3383235d2273b7aed","first_seen":"2025-10-15T19:37:20.818238Z","last_seen":"2025-10-15T19:37:20.818238Z","times_seen":1,"resource_available":false,"data":null}},"time_used":898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":897,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.omniklusive.com.ng/feeds/posts/default?alt=json-in-script\u0026start-index=17\u0026max-results=1\u0026callback=jQuery111001300496830480642_1760556982650\u0026_=1760556982652","fqdn":"www.omniklusive.com.ng","domain":"omniklusive.com.ng","tld":"com.ng"},"ip":{"addr":"172.217.21.179","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:30.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.omniklusive.com.ng","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Sep 2025 16:47:08 GMT","end":"Fri, 19 Dec 2025 17:38:00 GMT"},"fingerprint":{"sha1":"B4:B5:F5:E5:69:3A:B2:C8:26:CF:C6:E1:92:BE:9D:15:A0:50:90:8A","sha256":"08:BB:D8:8D:66:76:D6:FE:64:D7:BF:15:CF:68:AB:53:58:76:9C:B6:66:AF:8D:6F:FB:8D:92:A5:F4:25:6C:CF"}}},"request":{"raw":"GET /feeds/posts/default?alt=json-in-script\u0026start-index=17\u0026max-results=1\u0026callback=jQuery111001300496830480642_1760556982650\u0026_=1760556982652 HTTP/1.1\r\nHost: www.omniklusive.com.ng\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1; pp_main_26044c9034d41067e4eeac3c8b2a25ba=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=throbcrunchsurely.com; sb_main_c2a4795bd129ec38aabf8f830c396956=1; sb_count_c2a4795bd129ec38aabf8f830c396956=3; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"f22114dcafb9cbe704d9ce57f1e0a7a9d2e3629f36f75b6538c8edd6369e2008\"\r\ndate: Wed, 15 Oct 2025 19:36:30 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nserver: blogger-renderd\r\nexpires: Wed, 15 Oct 2025 19:36:31 GMT\r\ncache-control: public, must-revalidate, proxy-revalidate, max-age=1\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nlast-modified: Wed, 15 Oct 2025 11:48:01 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 3286\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12765,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (12727)","md5":"399c7b7427fedea3a1a9e215b27aa0f4","sha1":"83e890c7a05397fc321ee64fbf6c78fc37907219","sha256":"38b5d4a070b18318b22cbf36903f0a12e16c5fe79053c5ff091cc99e407ca730","sha512":"d8b1af74277c6cc3a19847260d6725cc2e483265b62b6cc0e24672d579f4331bad4ec4495e1e16f4272a02dea571285d1de682e4bfd61689635ecdc1748f838c","ssdeep":"96:HsoVQj00rKQ3YKXAVjbDoH77YMTdvKqLSQ4miuBIEFhIoE5p+3R5DYKAG:Hso20YKTKXAV0A6yPkFKov3R58KAG","tlshash":"1c4250f3b384e93546434a58ccb1fb9da4a4e853075ce8b98cbf4d2ec18c565225a37e","first_seen":"2025-10-15T19:37:20.822788Z","last_seen":"2025-10-15T19:37:20.822788Z","times_seen":1,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":342,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1526263903265.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.omniklusive.com.ng/2024/02/certificate-of-origin-how-to-get-it.html","date":"2025-10-15T19:36:26.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1526263903265.js?key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.omniklusive.com.ng\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.omniklusive.com.ng/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzg4MiwiayI6IjA0M2Y2ZjUxNWIwZjRlMjM2MDk2ODI4ZGNkMGJlNzhkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ5Z3A4NWhuZWQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9tbmlrbHVzaXZlLmNvbS5uZy8yMDI0LzAyL2NlcnRpZmljYXRlLW9mLW9yaWdpbi1ob3ctdG8tZ2V0LWl0Lmh0bWwiLCJhciI6W119fQ.fyNl2ue7OhYk5-FDzdRl1DK3UNxlUKgLAMM_oe4sqQ8; uid_id2=d9ba9615-9bd2-4999-a50d-16680a3363b1:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl23823882=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Wed, 15 Oct 2025 19:36:26 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.omniklusive.com.ng\r\naccess-control-allow-credentials: true\r\nlocation: https://torchfriendlypay.com/watch.1526263903265.js?dev=e\u0026key=da4057f56deac1caae7482053a78f1aa\u0026kw=%5B%22certificate%22%2C%22of%22%2C%22origin%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22get%22%2C%22it%22%2C%22omniklusive%22%5D\u0026pst=1760557046\u0026rb=\u0026refer=https%3A%2F%2Fwww.omniklusive.com.ng%2F2024%2F02%2Fcertificate-of-origin-how-to-get-it.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f05ed564753b99fdb6ad4a17652d95b5c0aac115e1429738b94c354a1320929cb75c0142079555522a520c78ff1c4f0dde540497badad8329d3c171a21801793699c476e765aebcb0e31f5eb6181af23d33c2e34eae291c3834b5c\u0026tz=0\u0026uuid=d9ba9615-9bd2-4999-a50d-16680a3363b1%3A1%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyMzgyMzk5NiwiayI6ImRhNDA1N2Y1NmRlYWMxY2FhZTc0ODIwNTNhNzhmMWFhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDQ2MzA1LCJwaWQiOjIwMDgyMDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoicDF5ajN0YmNuIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vbW5pa2x1c2l2ZS5jb20ubmcvMjAyNC8wMi9jZXJ0aWZpY2F0ZS1vZi1vcmlnaW4taG93LXRvLWdldC1pdC5odG1sIiwiYXIiOltdfX0.cBjrUEQBxa9UBRRIOA4jctzFrQxyuur-b4mSBoLJeLg; expires=Wed, 15 Oct 2025 19:37:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3f8e812d2a7118223cea0ee2860a78e9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4720,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}