{"report_id":"ca5f6b84-5717-4c35-816a-43493574de5c","version":6,"status":"done","tags":[],"date":"2025-08-28T08:55:29Z","url":{"schema":"http","addr":"appopener.com/web/plfjl4zof","fqdn":"appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"76.76.21.21","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.appopener.com/web/plfjl4zof","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"title":"AppOpener"},"submit":{"url":{"schema":"http","addr":"appopener.com/web/plfjl4zof","fqdn":"appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"76.76.21.21","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-02T08:55:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":3,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-28T08:55:07Z","timestamp":1756371307,"ip_dst":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":53474,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-28T08:55:07.601826+0000\",\"flow_id\":1649933588042259,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":53474,\"dest_ip\":\"216.24.57.7\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050129,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"appopener-backend-gs2q.onrender.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":937,\"bytes_toclient\":1654,\"start\":\"2025-08-28T08:55:07.594451+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-28T08:55:07Z","timestamp":1756371307,"ip_dst":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":53486,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-28T08:55:07.602725+0000\",\"flow_id\":1910133444252330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":53486,\"dest_ip\":\"216.24.57.7\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050129,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"appopener-backend-gs2q.onrender.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3448,\"start\":\"2025-08-28T08:55:07.594602+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-28T08:55:07Z","timestamp":1756371307,"ip_dst":{"addr":"216.24.57.251","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":37512,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-28T08:55:07.607542+0000\",\"flow_id\":507465844861823,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":37512,\"dest_ip\":\"216.24.57.251\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050129,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"appopener-backend-gs2q.onrender.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":937,\"bytes_toclient\":3524,\"start\":\"2025-08-28T08:55:07.600959+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"peeringannecultivate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"phishtank","sensor_type":"Blocklist","title":"PhishTank","description":"PhishTank","scan_date":"2024-10-02","alert":"Phishing - Other","trigger":"appopener.com/web/plfjl4zof","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-08-27T15:14:26.687687Z","alert_count":0,"request_count":7,"received_data":65885,"sent_data":3284,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-08-23T06:25:22.651006Z","alert_count":0,"request_count":1,"received_data":3723,"sent_data":500,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kit.fontawesome.com","ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":16651,"first_seen":"2019-03-29T02:12:52Z","last_seen":"2025-08-27T21:32:46.209639Z","alert_count":0,"request_count":1,"received_data":500,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-08-27T15:12:56.836113Z","alert_count":0,"request_count":7,"received_data":416354,"sent_data":5247,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-08-27T15:11:05.791298Z","alert_count":0,"request_count":7,"received_data":169634,"sent_data":3830,"comment":"","tags":null,"fingerprints":null},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-08-22T09:38:58.27174Z","alert_count":0,"request_count":5,"received_data":183737,"sent_data":2234,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.78.68.13","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-08-22T14:31:34.988902Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":457,"comment":"","tags":null,"fingerprints":null},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-08-27T05:03:54.731092Z","alert_count":1,"request_count":1,"received_data":377,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-08-22T06:18:22.747826Z","alert_count":0,"request_count":1,"received_data":6771,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-08-28T00:53:33.505682Z","alert_count":1,"request_count":1,"received_data":498,"sent_data":504,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"appopener.com","ip":{"addr":"76.76.21.21","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2020-08-15","domain_rank":640780,"first_seen":"2020-10-06T07:49:45Z","last_seen":"2025-08-09T03:51:07.728608Z","alert_count":1,"request_count":1,"received_data":1529,"sent_data":495,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Font Awesome","description":"Font Awesome is a font and icon toolkit based on CSS and Less.","website":"https://fontawesome.com/","common_platform_enumeration":"","icon":"Font Awesome.svg","categories":["Font scripts"]}]},{"fqdn":"appopener-backend-gs2q.onrender.com","ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"domain_registered":"2015-03-28","domain_rank":0,"first_seen":"2025-08-09T03:51:07.142916Z","last_seen":"2025-08-09T03:51:07.142916Z","alert_count":0,"request_count":3,"received_data":57477,"sent_data":1618,"comment":"","tags":null,"fingerprints":[{"name":"Render","description":"Render is a cloud computing platform that provides a wide range of services, including web hosting, cloud computing, and application development. Render offers several hosting options, including static site hosting, web application hosting, and managed databases.","website":"https://render.com","common_platform_enumeration":"","icon":"Render.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-08-26T21:51:48.445996Z","alert_count":0,"request_count":2,"received_data":171926,"sent_data":830,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-08-27T18:43:56.966874Z","alert_count":5,"request_count":5,"received_data":108628,"sent_data":2726,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.appopener.com","ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2020-08-15","domain_rank":1248691,"first_seen":"2023-01-09T05:56:44Z","last_seen":"2025-08-09T03:51:07.650706Z","alert_count":0,"request_count":15,"received_data":1083661,"sent_data":8281,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Font Awesome","description":"Font Awesome is a font and icon toolkit based on CSS and Less.","website":"https://fontawesome.com/","common_platform_enumeration":"","icon":"Font Awesome.svg","categories":["Font scripts"]}]},{"fqdn":"peeringannecultivate.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-08-28","domain_rank":2973802,"first_seen":"2024-10-18T15:56:57.506742Z","last_seen":"2025-08-09T03:51:07.537287Z","alert_count":5,"request_count":5,"received_data":84073,"sent_data":5363,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-08-26T21:51:48.43432Z","alert_count":0,"request_count":2,"received_data":992,"sent_data":1536,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-28T08:55:07Z","timestamp":1756371307,"ip_dst":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":53474,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-28T08:55:07.601826+0000\",\"flow_id\":1649933588042259,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":53474,\"dest_ip\":\"216.24.57.7\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050129,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"appopener-backend-gs2q.onrender.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":937,\"bytes_toclient\":1654,\"start\":\"2025-08-28T08:55:07.594451+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-28T08:55:07Z","timestamp":1756371307,"ip_dst":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":53486,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-28T08:55:07.602725+0000\",\"flow_id\":1910133444252330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":53486,\"dest_ip\":\"216.24.57.7\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050129,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"appopener-backend-gs2q.onrender.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3448,\"start\":\"2025-08-28T08:55:07.594602+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-28T08:55:07Z","timestamp":1756371307,"ip_dst":{"addr":"216.24.57.251","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":37512,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)","source":"{\"timestamp\":\"2025-08-28T08:55:07.607542+0000\",\"flow_id\":507465844861823,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":37512,\"dest_ip\":\"216.24.57.251\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050129,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"appopener-backend-gs2q.onrender.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":937,\"bytes_toclient\":3524,\"start\":\"2025-08-28T08:55:07.600959+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f62ca97e99acea4610f68ebc85081ab","sha1":"5c1f8dd1bbff9078de7a01abb3811ee635b26cd9","sha256":"d77fbd9717ee7e861c261ea7f73db9307d2115d6166782463f7b23936ad115a5","sha512":"df4cebc1b9727b322c7078f0d3ce61efca0e5fb36e4b99571d178deb28f06e3d7a90ef04309fdc3ec1f78cbc85ab9925ca2d69c69d1862c64a0164e6eebd8d14","ssdeep":"","tlshash":"25f0c828e570c670c27fc16451d77f8b65a14874f889010bb4286e860cb56be36d996f","size":564,"data":"","first_seen":"2024-08-19T22:07:39.351571Z","last_seen":"2025-08-28T08:55:33.328405Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/main.d4f5063e.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"28f2a1e70e094bb36a146113cd4385af","sha1":"aa29daaec56c0614ff5d9a249c5b6b420280bc8c","sha256":"f3baf9e723a69b3f1bdbb12643562b9e254afa171fa4a846c965dcf9e9817b05","sha512":"c89e15e403520e570a2a7f91d2b94105268f0a60e28d1a9289bb85c328002e1571573c71095d26bc3b66f0b96667e5baadfbe1b539e9d49856459c658fea1eae","ssdeep":"6144:NtqtRgqts7I2lNQSzYu75vjvmvpVARDQTH:X3I2LQA4vpVARDQTH","tlshash":"d3545cd93591f0616bf311b640af140bb37e191f680d89a0b221fce979b845da23bf9d","size":286388,"data":"","first_seen":"2025-08-28T08:55:33.283502Z","last_seen":"2025-08-28T08:55:33.283502Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/eb/23/87/eb2387b7d314fbad38da7f3ed15ea10f.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"25173499486e2c7107952b1c6f46899c","sha1":"e8448a6c7abe5f5483a93e6c394dcdd90b6f0536","sha256":"ece223f95905b2acbf7ea2b38cbdef3a25aa5f13ca21e5f4439851350162eb6b","sha512":"959d5b9cda5a9a20e6633aab168732fb004c3ae5a5217c1a436c9d18c8807ca862b619f36e169e5687768de472810e237bde9e14747889b3bbe34f3e8b02de28","ssdeep":"1536:cmt7BMZUs9piv3i6In8noteGF1XF3IaST6/hw:ckdv3i6C8notJZF4bL","tlshash":"59a3e9887f50f47d02da6036233f962ae1ee8e42154ee158d026edd53a68317e63ddb8","size":105744,"data":"","first_seen":"2025-08-28T08:55:33.326874Z","last_seen":"2025-08-28T08:55:33.326874Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-28T06:10:55.586079Z","times_seen":6590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/493.93f57a53.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2eac8ed7d504773dc60cabd51faf168f","sha1":"0c80843f37b21c0192f9ebc5d6c933489d18584a","sha256":"2fff47ddb919205bfd1dcf11c208e061160eb144702989675b36bd8215acc584","sha512":"87852883ddcc4273621750cba0d5c183e566b66b33dd1c89441336b3011888893d3853114ea1a2655237b95b9a38bdae91a3ade33c70fd78ec40cb043069669a","ssdeep":"1536:LTWQJax395imukThJzbpYcIYJDGKDRGNHV:LBoxNYmuczpQKRI","tlshash":"6f631964a191affcb52b08d4656ed00cb41e5f98da0f88e4b5be3c3527444e4ba27bcd","size":70646,"data":"","first_seen":"2025-08-28T08:55:33.279657Z","last_seen":"2025-08-28T08:55:33.279657Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/973.1f24e0dd.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3b25ca437632b573202a58664cb2a4f","sha1":"9488825fd799279a5895bba68943cf4a999d0819","sha256":"91350cdad812ec82103ae231a9d8ce5970394c5db6979c90a85849ba29e44904","sha512":"ac2a2b4d110f49a77da710309ca55adab7dd53a905661da7484f70fc7467aa6ac9cc0ffc11f963eff29424527f9fbd56f547bdc14a3f1786e729e8237c7d1ab9","ssdeep":"3072:K+EHYD3gDTMnWukiTgDTMnWf7+oo29n5wZy:KWD0MnWuMMnWf19n5wZy","tlshash":"ef140a4173dba8bb235290d40c7f8b0ab1ef16a45084d48cf5add9ee546ca46f06f73a","size":206654,"data":"","first_seen":"2025-08-09T03:51:12.307047Z","last_seen":"2025-08-28T08:55:33.320108Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/72.f1738f43.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e33bab618e95b455712bf32b4b4d8555","sha1":"64b6c389c41dc42642794081484bde95f3d02dde","sha256":"36f667ce9e8e2d1a9ab0acc49f5617b9dc03c2ec28cfd390e496b23c420e478d","sha512":"3dd8675029dbe95aa82c10444e7416874a2de15e9683ad03f16b38e723906411009691f603a9b34e5c50eb5a9ca3ae5f7030a6b1823c5ef24fe7050a43163f89","ssdeep":"1536:DqDFYwOuIPXx/c64Jysq7vYLkpkpgD9TVQYPiOpWC5D5UqcKjSBpS7n7GPqebU9z:RxP+LkfTaWAC5mqhuZhOI6","tlshash":"fff329857150b0a1d7db4499c87f0715f33a29943446c0acb23daccb6961ada72bbf3e","size":168859,"data":"","first_seen":"2025-08-09T03:51:12.228594Z","last_seen":"2025-08-28T08:55:33.315231Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"peeringannecultivate.com/e2/3e/01/e23e018b733e2e433886c45b49cc0cf3.js","fqdn":"peeringannecultivate.com","domain":"peeringannecultivate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"11098a19a01eaef29c677f5b4f7a78a4","sha1":"ed77de03459b780afda1090f9ab784fc809d8986","sha256":"1fe4b0772b0153afb392beb71940be9bf8d528c498b16ac47409325443ac0338","sha512":"92a4a7959673f9e2491d3fcb5083708e577efd9226fe8dbe82d8e6cd691f95555f9a427941fd1aa5300bbac420c0659fbd79cf06ba15c89fe1c660c3dee90fc8","ssdeep":"768:Y2b73jmGj0qw648+QhS8u+Jcj/XcdNjNx7OdY08kUbTehzbcep3Of:Y2b7V/4x5O+jvcCdY0U3o4","tlshash":"0d63c7483f91b27802e6b8fa712fa61af0265c1195d8e0d8f503f4deae66719f035f25","size":72714,"data":"","first_seen":"2025-08-28T08:55:33.325058Z","last_seen":"2025-08-28T08:55:33.325058Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/web/plfjl4zof","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b89576a0db850d4cf57e10b747d8ccd9","sha1":"99dbb2209bcd6d7c9b13c2f8e85ed7ebbf195d4f","sha256":"1835c57dbefd15bd85f4732cd49317b21c29a0663a61e7effa3ea1b384fd7322","sha512":"1fcaa7317940bd492e31b8b12c7d3a18cbc7cc45e612ba9ba40f6e53d73428b699096174725c9706c96ad87874021a9c9fc9727f93fb79a8962c7202e9b866dd","ssdeep":"","tlshash":"87b092b92a4b8ca5d2ff1ba20baf62446462732094903aa80836a15d6633e63a155d94","size":129,"data":"","first_seen":"2025-08-09T03:51:12.319084Z","last_seen":"2025-08-28T08:55:33.330365Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-P7L1ZVNFSF","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"56157f256d608f8d04ed52a2d35594c7","sha1":"e669c4d1414147e80e936f0eff20d28641caa665","sha256":"de6782d9f1d20640ef0f1024b5e22076f11b79ddf2a6a7981e650439660029b6","sha512":"cf9b65d19424864bb8760b5b89c932177e0bb35f52a3718baa9001dd6843c39e041d30b65cc39a23006ff77e54d462acdfcd204967006d55a69a17b40495e428","ssdeep":"6144:b4TQPdHIRomMr3V9lQaE54niDP3tyL9iIlp4A:0TQFHIRomMr3V9lQ6iNA","tlshash":"df94078e73d674625396f478803f018ba57b28a2b44cc899f1c9cde42e74a9a4177f7c","size":411771,"data":"","first_seen":"2025-08-28T08:55:33.294804Z","last_seen":"2025-08-28T08:55:33.294804Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/796.91ef4c2a.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eea1ad79e3f886a6fa9364796327ef86","sha1":"512bf6b154b6757064d38c2a0e5c2239a07d8ee2","sha256":"445cb7915284d346f7a5af22ff16d6e5bedccedf795a803f13cbd8c7b422a974","sha512":"f268015aaebd21aa803f569c92833248cb71f53f3fab5997c02b4cf9295cf37e64d8b601e766e00e318ff66e28cee4371b310679cdb8692a3f9545d29e72901b","ssdeep":"768:gs6reSFSgd9HbGWA/cfEUg17PKhXRtChrColf96nCnS8MBgOpdSSa1PEoTwHIlPj:Wdic0ytYaCIyUIlPCXyLEMj","tlshash":"1f4339957042307a5bef82d7e13fe759f6392601b00d8500f26b8e71ab58ad9e123f5e","size":56994,"data":"","first_seen":"2025-08-09T03:51:12.254031Z","last_seen":"2025-08-28T08:55:33.322326Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.dom\u0026eid=10\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.dom\u0026eid=10\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appopener-backend-gs2q.onrender.com/goto/web/plfjl4zof","fqdn":"appopener-backend-gs2q.onrender.com","domain":"appopener-backend-gs2q.onrender.com","tld":"onrender.com"},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onrender.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 04 Aug 2025 17:53:53 GMT","end":"Sun, 02 Nov 2025 18:53:51 GMT"},"fingerprint":{"sha1":"35:2E:63:E4:DA:F7:74:7C:3B:60:F4:1B:87:1E:16:3E:3A:E2:08:EF","sha256":"0B:CD:A7:A3:81:C8:03:9E:3A:E4:D3:64:62:27:BC:DB:90:A1:A8:B9:FE:5C:2D:EC:FF:20:A9:63:D1:A7:F3:39"}}},"request":{"raw":"OPTIONS /goto/web/plfjl4zof HTTP/1.1\r\nHost: appopener-backend-gs2q.onrender.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.appopener.com/\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-length: 0\r\naccess-control-allow-headers: content-type\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://www.appopener.com\r\nrndr-id: 57f3f29b-0398-45b5\r\nvary: Origin, Access-Control-Request-Headers\r\nx-powered-by: Express\r\nx-render-origin-server: Render\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 97629680ac467129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Render","description":"Render is a cloud computing platform that provides a wide range of services, including web hosting, cloud computing, and application development. Render offers several hosting options, including static site hosting, web application hosting, and managed databases.","website":"https://render.com","common_platform_enumeration":"","icon":"Render.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 27 Aug 2025 21:40:45 GMT\r\nexpires: Thu, 27 Aug 2026 21:40:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 40462\r\nlast-modified: Wed, 23 Apr 2025 16:07:25 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7816,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7816, version 1.0","md5":"25b0e113ca7cce3770d542736db26368","sha1":"cb726212d5d525021752a1d8470a0fb593e0c49e","sha256":"9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526","sha512":"a0d331e62ab4727f49ca286a1ee7fb81cddc5bb9edf71ef84f4bd4fa1552069af1a82752011ba88fae80862d034135926b7e99d70e59d626d66d4ede90e94c30","ssdeep":"192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4","tlshash":"a3f1af19d5de5a73f80032b45b6911ba7e42fa83bc68bbedf8046a10ad542cb467cc91","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-28T16:24:31.457448Z","times_seen":222397,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 440493e099ce6f421792d3b0051063ba\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":57,"dns":1,"connect":17,"send":0,"wait":24,"receive":20,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css\u0026l=4617\u0026fd=58","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css\u0026l=4617\u0026fd=58 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtag.config\u0026eid=9\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026epr=1G.2G\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtag.config\u0026eid=9\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026epr=1G.2G\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 27 Aug 2025 21:38:25 GMT\r\nexpires: Thu, 27 Aug 2026 21:38:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 40602\r\nlast-modified: Wed, 23 Apr 2025 16:07:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8000,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-04-28T16:20:27.449199Z","times_seen":220038,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJbecmNE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJbecmNE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39660\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 27 Aug 2025 22:51:20 GMT\r\nexpires: Thu, 27 Aug 2026 22:51:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 36228\r\nlast-modified: Wed, 23 Apr 2025 16:06:00 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39660,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39660, version 1.0","md5":"ae8f61e6b2b935b49a7ff31aecfc7696","sha1":"fa178df4468e867ccc1d8a2d585b48475acf52aa","sha256":"6b986471df6084ba6f89749100b2731200a722d3de0e00f48e1967f21eb2adc0","sha512":"a302e2bc4b577c5a3e10a4a69314a0a10a5a5f500fefd5205cb0a6c655a642ddd9d68f01b263118a84455822688e0b762a866f09057713f12f11e8f83906d787","ssdeep":"768:rju6dD7ASFiDbPIJ/JrMd3NrS5FUZOa0JMQdeAEJvGkQMV8SA:3u6dl2bPmryTOa0JejGkN8SA","tlshash":"0a03f129a04893cddc4f8abb124f4a7ae5c0856c96c0275733bad219d5bd4cc1f8bbd6","first_seen":"2025-04-24T07:50:54.273937Z","last_seen":"2026-04-28T14:40:22.259725Z","times_seen":7280,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":15,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 03:21:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"6275e5bb-135d1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 25942\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3KCX2eb8U0t%2Fzf%2BOpEnBN1CemHftbPM4RCWi4bWXJV%2B0rb98uvM5W0HKgS%2B6IrHr0x0V2IqS%2FMVcXs8MdK%2Bq%2FVa6GZYvvGnIA8BGUHRJSlw%3D\"}]}\r\ncf-ray: 9762968adf65be8f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79313,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"fc638645a938f69e69360c75335ffd1a","sha1":"143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4","sha256":"7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90","sha512":"53aa35f68eede2f65b272821573513db8d2505a051c8af7fbf2350eee39d0103b8536740f5c0815dd4004bd82f7493276ad362f6f87715e281cbb1dd6297fa34","ssdeep":"384:ZNFu8uVWgnu5uLlFlH/O/Qu7u/sjzbg/jxXlIPfL4jKgZQMkL0Vvaj7Z:ZNFu8uEgnu5uBu7uhKgZQMkL0Vvaj7Z","tlshash":"27731fad2991148456638a1d83df8e68673ce573181a9cef73c2488bcf8bf9c67c9147","first_seen":"2023-04-05T09:47:15Z","last_seen":"2026-01-17T18:50:06.222826Z","times_seen":1884,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":36,"dns":1,"connect":10,"send":0,"wait":18,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js\u0026l=382\u0026fd=24","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js\u0026l=382\u0026fd=24 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":476,"timings":{"blocked":194,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Roboto:wght@300;500;700;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22340,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"9cdcb78ebdf21b662df45928438fb350","sha1":"1b9b960e2c91ea0da147f909ba49fad1023928f3","sha256":"b38cf9e566f8fc0f32c035d7f78c02e182903d1c278afa46d1ffeff0db6a5152","sha512":"d54216eb50a399fc8b8b4d76247f529c3b39f873b0e22e8b34bffa49275be6d40ec521ad59890f973aa7a4e30b9f027d49ff5f11bec01bf1da2fe5a30ffe5377","ssdeep":"384:pjf5jgjPjrjyUj/qY4+j4jYjijfDjOjdjBjyaj/qY4QjGjmj4jfdjkjDj3jyQj/s:p90DXOU/R08mv65lOa/76icZwPLOQ/VG","tlshash":"62a212a1041740009b835ce223cebf35fe1f92517142d0b5abfd9b6badcbc66526939d","first_seen":"2025-06-18T22:31:13.494462Z","last_seen":"2025-08-29T03:28:33.247079Z","times_seen":17,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":182,"dns":1,"connect":28,"send":0,"wait":33,"receive":0,"ssl":155},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.init\u0026eid=2\u0026h=Ag\u0026tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast\u0026ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.init\u0026eid=2\u0026h=Ag\u0026tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast\u0026ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/media/next.175ebffc96129451a126.avif","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/media/next.175ebffc96129451a126.avif HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"next.175ebffc96129451a126.avif\"\r\ncontent-type: image/avif\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"604da2061ae664ab7f132cc8189dac79\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:10 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::44bhh-1756371307556-9a141804b828\r\ncontent-length: 2324\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":2324,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"604da2061ae664ab7f132cc8189dac79","sha1":"e7d2bc6c34929da1a948d2b3fbdc24de02e8a555","sha256":"545f0f998a85225a8d2b72d14abf7368f9469208205d8a9b789e6721f6c56cdb","sha512":"739a6617f34f7a28709f65fc84c9ee235d7f07770e4625f4c9eae0a3ee15abf1f6068fd6f145985918e53e0dc979fd995b6dded5119c2c22155276d1b46888f2","ssdeep":"","tlshash":"3041f92503a12dadd5c4533ec178c32213a087b7b7a321138917ba13d660b668dc5e28","first_seen":"2025-02-19T04:46:12.010176Z","last_seen":"2025-08-28T08:55:33.263788Z","times_seen":4,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appopener-backend-gs2q.onrender.com/getSugLinks","fqdn":"appopener-backend-gs2q.onrender.com","domain":"appopener-backend-gs2q.onrender.com","tld":"onrender.com"},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onrender.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 04 Aug 2025 17:53:53 GMT","end":"Sun, 02 Nov 2025 18:53:51 GMT"},"fingerprint":{"sha1":"35:2E:63:E4:DA:F7:74:7C:3B:60:F4:1B:87:1E:16:3E:3A:E2:08:EF","sha256":"0B:CD:A7:A3:81:C8:03:9E:3A:E4:D3:64:62:27:BC:DB:90:A1:A8:B9:FE:5C:2D:EC:FF:20:A9:63:D1:A7:F3:39"}}},"request":{"raw":"GET /getSugLinks HTTP/1.1\r\nHost: appopener-backend-gs2q.onrender.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: https://www.appopener.com\r\ncontent-encoding: br\r\netag: W/\"dabe-kKCijrgdxvvQyrfuFM3TyziIQuk\"\r\nrndr-id: c6ec3d29-7e73-45b1\r\nvary: Origin, Accept-Encoding\r\nx-powered-by: Express\r\nx-render-origin-server: Render\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 97629680ac457129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Render","description":"Render is a cloud computing platform that provides a wide range of services, including web hosting, cloud computing, and application development. Render offers several hosting options, including static site hosting, web application hosting, and managed databases.","website":"https://render.com","common_platform_enumeration":"","icon":"Render.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":55998,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d86c27ec5602a777d77db44be9fa6c9a","sha1":"90a0a28eb81dc6fbd0cab7ee14cdd3cb388842e9","sha256":"8353971c894f803df157688d7104cf82f33b916ddaec4dc0016247aaa213f448","sha512":"e066c4a5fd242ef6216ce56b9f74200d68c5a7538393d94ef6cc6c9f3d3d6a52a88e4909728453a2cbccb70af5257ca73a9ef67844c0c9d61aecdb590e1016c5","ssdeep":"768:snx1NbESvvRqh6QytbxXNUJ/7SsZLNsW/IW8kBaq/NDxyCq6R5:sxRJE3yJxY/7SsZpvAFkMmDxyCq6R5","tlshash":"ad432a633fa8992b5f0244d52d0e7478c95a973ad6c0e7e5b88de50007198fbe337ad4","first_seen":"2025-08-28T08:55:33.26694Z","last_seen":"2025-08-28T08:55:33.26694Z","times_seen":1,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":27,"dns":23,"connect":3,"send":0,"wait":616,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/7e/c0/ce/7ec0cee9c9eddc0313c7224f4bb9c235dcceed35221c66d90032359ec2e4b6ab.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /si/7e/c0/ce/7ec0cee9c9eddc0313c7224f4bb9c235dcceed35221c66d90032359ec2e4b6ab.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 6423\r\nserver: nginx/1.21.6\r\nlast-modified: Fri, 15 Aug 2025 01:09:57 GMT\r\netag: \"689e88e5-1917\"\r\nexpires: Sat, 30 Aug 2025 08:55:09 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6423,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"d8f143c53ef89fe568fb4f86eaaadd76","sha1":"57435a41ae46252e83eaa425e86c8d004fc82287","sha256":"2939c9713939fc59e054d5101edbb46015515ea52bd362372aeb6475d0a67a26","sha512":"1344497a4e548bea8882be8acbb9384fa7dcc15e31194cc670622945ba95d60825d069dffb2d3cd3a659c21df65909b3780e377c55202560be35db2aec41b680","ssdeep":"96:IElbw+iukgvhR4EpfmZe4iM/B+bNpqt9TJu5FY67pz97OPhk7fIOA+e1vRvzo:9wtwRfunBKMt9eY2pz9qa6RZvE","tlshash":"73d18e4a94192ba1ee9a49f8e8d73f03d22876716e66b63420830cfdbb12dfc4144741","first_seen":"2025-08-15T07:53:25.315072Z","last_seen":"2025-12-22T04:22:03.419479Z","times_seen":1333,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":39,"dns":1,"connect":19,"send":0,"wait":19,"receive":3,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Jersey+15\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Jersey+15\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":847,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"1c58e3026f5b10de88517b58c7914c54","sha1":"57a1f4dd438e4dcdfd522697b5e093eb895074a5","sha256":"c8907c3f82cf5b1678e9da6541b42594fd957b70ac6469b8b9c73f89fbbc8131","sha512":"a58812ffa96f309f028f645ba9baae4a422584f7abc058155fb189befe072767c3f853374a806d70790f78b9d37a1041ea482e9a79103ed2f7ddeb1a2302d48d","ssdeep":"","tlshash":"a001c282045ba600d7d30dc112ce7d37ee0f52d46444d9799efd08d8bc57c299356b0e","first_seen":"2025-08-09T03:51:12.30582Z","last_seen":"2025-08-28T08:55:33.270652Z","times_seen":2,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":136,"dns":0,"connect":14,"send":0,"wait":32,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto+Mono:wght@300;400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Roboto+Mono:wght@300;400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4442,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"622a709cc211b6bf804e7d63844f37e8","sha1":"31ad2a074038215e0d3ac1f821946d0c570f75f8","sha256":"0eb432a4b9a5f99ab809add240b35ff758b716baf6f9c5327f8302d565f2d9c7","sha512":"4613e59b6a3fa29063a2ce41969d3716338396b0bd912a57192c5938c5da8554690541bdafd99c66c5693d0c66b0a5bda51715d0c226c45d9d1f39d9fc2ce6c3","ssdeep":"96:8O1aN+2MO1aN+9FZLO1aN+W3JO1aN+cO1aN+SJc+u1O1aN+cNlOEaN+2MOEaN+9J:yN+2CN+fN+W3/N+SN+68N+7N+2jN+mNa","tlshash":"eb91acd1402b9410eb831cd627cf7e25fd4e6106a186c17d8bfd28a8acd7d32239175d","first_seen":"2025-05-27T12:55:06.52987Z","last_seen":"2025-09-11T10:17:42.462642Z","times_seen":12,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":180,"dns":1,"connect":30,"send":0,"wait":32,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/media/logo.98c002ff109d1ce7fb35.avif","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/media/logo.98c002ff109d1ce7fb35.avif HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 4538\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"logo.98c002ff109d1ce7fb35.avif\"\r\ncontent-type: image/avif\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"f7c85689f042d3ef79c3fbc5d635330e\"\r\nlast-modified: Thu, 28 Aug 2025 07:39:29 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::dt2nb-1756371307548-661b9547ff17\r\ncontent-length: 4528\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4528,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"f7c85689f042d3ef79c3fbc5d635330e","sha1":"fe04038b4c615db172bf96edf19ede6a65286688","sha256":"cfe8f9248bade5e2524c057f24bfa0dafa0bcd6ffbbf2d63aa732a709a695f22","sha512":"0b81bfde51fdd867bb7597a7ea6ec4b9224c265ec9b312b54e3def880c046777aae1cafb99c7f900e71097f5245a3f76ef4e286f1f4fa75d3b332558542aab9e","ssdeep":"96:rGghCv3C6bS8xl0qp/kgOLy8Nyx20cw0mmt3Dq2MbIzDleN0K:rG4Y3tbS8xl0W85+8NyIrVs2DO","tlshash":"3a914d197f62cb59c80823be48aa77b0373670a2d3a23674508d62f46479f36c931ca8","first_seen":"2025-02-19T04:46:12.014768Z","last_seen":"2025-08-28T08:55:33.273877Z","times_seen":3,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 21 Feb 2022 08:25:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"62134c60-1209\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 25942\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jG7Dmu5LvygnDcFtvSlQv6nkKmdirS4WAliiANDR0hjoGhRHXjnzPS6AhWpiTONeiRed44viFU0ykM9h18371wo1Cylnwaj9j04xNUpwJdo%3D\"}]}\r\ncf-ray: 9762968adf56be8f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4617,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"630f303dfe147dec2c4a226287393b69","sha1":"3e9f8270b84e09595181bd55de6785a89f53ba10","sha256":"967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7","sha512":"aa41feb60ccd79d5e3499f58fcdee9d8b14312a885901990af21f8b15cc21e84e57edf843c9dc69e8146b7151c4d010d0c2d2b4cf8dd46a312266bf73d88359d","ssdeep":"96:ynjK1CQxCqyjG+6VE1VOCXYAX5yIvcMpzsFuTOKoMGMp9h815/SgarZnA3AG5Nbd:QjK1C1qiG+6VE1VOib5yIvdpzsFuTOK+","tlshash":"a491eea202e70a40ea0bd5631bec4b027b7504c32e0ace59badd194c9fc197893d39b2","first_seen":"2023-05-18T19:42:30Z","last_seen":"2026-01-17T18:50:06.19479Z","times_seen":1110,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":35,"dns":1,"connect":8,"send":0,"wait":20,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 5982\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 04:02:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6275ef48-175e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 1727901\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ta%2FykzpF2W0uKon91WmjUqtjwKB3Kz3RJkR0LfsbeyCEob2tQRcjoenRbaYtGe4XUyCiVwtxKkk1gnqGAhDan81xk0J0hBNwdm9gRCX6FH8%3D\"}]}\r\ncf-ray: 9762968b5878be8f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced","md5":"c489ce2c491a22ee37a55e26a92dfd73","sha1":"2fa588ab09e94dd902e5bd24b48f98ad1949c9d6","sha256":"1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd","sha512":"fe6a53296238283eac984b1912bfe7fbbdf5f0692f59f86e7e1ca989555a81be786ff29b9f8644443b2ace8137d412b6d9a92b0edf7f595ddf36058702a2d0d0","ssdeep":"96:FSDZ/I09Da01l+gmkyTt6Hk8nTbo5GZNKEBX97O+co2RF9JNssCgSSiiFr4uolec:FSDS0tKg9E05TAYwEBPwF9JNsTgSSL3C","tlshash":"80c1afeff8a058cf4566b7021c8e4080fbaa713d835536b4d4a092dc958be4a0fd7475","first_seen":"2023-04-05T23:50:36Z","last_seen":"2026-04-26T18:13:43.934792Z","times_seen":4094,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/493.93f57a53.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/js/493.93f57a53.chunk.js HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 7132\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"493.93f57a53.chunk.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"10ddb7c0f4edb36c5a5c655e712dc104\"\r\nlast-modified: Thu, 28 Aug 2025 06:56:14 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ml8jl-1756371307445-7713e274367f\r\ncontent-length: 32593\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70646,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2eac8ed7d504773dc60cabd51faf168f","sha1":"0c80843f37b21c0192f9ebc5d6c933489d18584a","sha256":"2fff47ddb919205bfd1dcf11c208e061160eb144702989675b36bd8215acc584","sha512":"87852883ddcc4273621750cba0d5c183e566b66b33dd1c89441336b3011888893d3853114ea1a2655237b95b9a38bdae91a3ade33c70fd78ec40cb043069669a","ssdeep":"1536:LTWQJax395imukThJzbpYcIYJDGKDRGNHV:LBoxNYmuczpQKRI","tlshash":"6f631964a191affcb52b08d4656ed00cb41e5f98da0f88e4b5be3c3527444e4ba27bcd","first_seen":"2025-08-28T08:55:33.279657Z","last_seen":"2025-08-28T08:55:33.279657Z","times_seen":1,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 05:43:05 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KbSM77NTMXHA%2BRxQekzWLE%2BjnkwRnBeeGWpTFIf%2FFYNRE7XPZKI1h492FyAR%2Fy4O%2Bqduv6ppVwEsghBz7ToeFiOC76HXwyY8lZX2zGuNgsY%3D\"}]}\r\nage: 1727901\r\ncf-cache-status: HIT\r\netag: W/\"627606e9-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 9762968b5896be8f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-28T06:10:55.586079Z","times_seen":6590,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/main.d4f5063e.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:06.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/js/main.d4f5063e.js HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"main.d4f5063e.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:06 GMT\r\netag: \"c27b349c910c259d3aac0f8b8fdda9d7\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:09 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::nmndj-1756371306973-7264bf17c9f5\r\ncontent-length: 95709\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":286388,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"28f2a1e70e094bb36a146113cd4385af","sha1":"aa29daaec56c0614ff5d9a249c5b6b420280bc8c","sha256":"f3baf9e723a69b3f1bdbb12643562b9e254afa171fa4a846c965dcf9e9817b05","sha512":"c89e15e403520e570a2a7f91d2b94105268f0a60e28d1a9289bb85c328002e1571573c71095d26bc3b66f0b96667e5baadfbe1b539e9d49856459c658fea1eae","ssdeep":"6144:NtqtRgqts7I2lNQSzYu75vjvmvpVARDQTH:X3I2LQA4vpVARDQTH","tlshash":"d3545cd93591f0616bf311b640af140bb37e191f680d89a0b221fce979b845da23bf9d","first_seen":"2025-08-28T08:55:33.283502Z","last_seen":"2025-08-28T08:55:33.283502Z","times_seen":1,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@400;600;700;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Montserrat+Alternates:wght@400;600;700;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8324,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fcba3a2271b4ed3af5ef8158c609754","sha1":"1f89bc22bdb8112c4431ad65126117d88eafe851","sha256":"e141932c497de6c8c9574a3782730c64799abdcfaa9508f2706b44b643524449","sha512":"478416ff57506db4615dcbeec5bf4ba72216ccb86ca5f1307c37d6f8334d955c1b4005869baa7148fe0cf373df2b10e946a7cedf736bba11d1505f2310692fc0","ssdeep":"192:B5xBMuIv3afyWDnBWVYX1zcS7ZODXtIUo:brT6zuBQW","tlshash":"d902cb92002794009b470cc623ce7e3a9eaee0567451d17b7afd2dd9acead311369b3d","first_seen":"2025-08-09T03:51:12.268199Z","last_seen":"2025-08-28T08:55:33.286037Z","times_seen":2,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":138,"dns":1,"connect":29,"send":0,"wait":35,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/media/slogo.67950ab124831172c999.avif","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/media/slogo.67950ab124831172c999.avif HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"slogo.67950ab124831172c999.avif\"\r\ncontent-type: image/avif\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"af8905302ec20e26c32da4cc4ffe23ba\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:10 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::v58sj-1756371307538-260020365267\r\ncontent-length: 6130\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":6130,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"af8905302ec20e26c32da4cc4ffe23ba","sha1":"9353785350c460ac412cff9fe345bd2a240449d9","sha256":"01da982f8f6e5d5051c97e5514f5b8eaacfe3b3fd8864a3273eeb5bc90ba39a7","sha512":"776a85f6f40e3deaaa8ba0669b43e2a3787e1bc027522afd3565e79d5ba2c59cf7ce7b316b4fc88c01cbb40059ef66c98312ab80e9f32ab0f6423e7cb866f687","ssdeep":"96:+aj+G/6pAqllUYYANVJHV79RK3Y67AcrVbTXXXRBlDbwfEIq0qJwASU4GdW4C4ji:+azSp5kOj1ZRK3TAcrpXBvDbYEp0AcU+","tlshash":"8cc18d3a9eee0cd6e99c673a0c15dc0a02209629da20b272a8503d74cf3d174fe1b559","first_seen":"2024-08-19T14:29:22.369691Z","last_seen":"2025-08-28T08:55:33.288493Z","times_seen":7,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"peeringannecultivate.com/sbar.json?key=e23e018b733e2e433886c45b49cc0cf3\u0026uuid=b0d643d1-7a52-4fa4-a5e8-ab1877393437%3A3%3A1","fqdn":"peeringannecultivate.com","domain":"peeringannecultivate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"peeringannecultivate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 21:39:07 GMT","end":"Sat, 22 Nov 2025 21:39:06 GMT"},"fingerprint":{"sha1":"88:13:0F:BD:1F:B9:0D:6C:C5:9A:B1:27:01:18:E6:71:C4:BF:94:3D","sha256":"EB:5E:2C:5D:7E:02:CD:25:50:38:6C:34:EB:03:F3:7D:94:B4:4C:2A:55:F7:8E:6A:CA:83:F2:83:CF:A4:17:80"}}},"request":{"raw":"GET /sbar.json?key=e23e018b733e2e433886c45b49cc0cf3\u0026uuid=b0d643d1-7a52-4fa4-a5e8-ab1877393437%3A3%3A1 HTTP/1.1\r\nHost: peeringannecultivate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:08 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4870\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.appopener.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=b0d643d1-7a52-4fa4-a5e8-ab1877393437:3:1; expires=Thu, 04 Sep 2025 08:55:08 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Fri, 29 Aug 2025 08:55:08 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Fri, 29 Aug 2025 08:55:08 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Fri, 29 Aug 2025 08:55:08 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Fri, 29 Aug 2025 08:55:08 GMT; path=/; secure; SameSite=None\nu_pl22956505=1; expires=Fri, 29 Aug 2025 08:55:08 GMT; path=/; secure; SameSite=None\nslece23e018b733e2e433886c45b49cc0cf3=[6116561]; expires=Thu, 28 Aug 2025 08:55:13 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 212\r\nHost: peeringannecultivate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7007997ed8a8670127ba113c67a9a3d7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6264,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"596f8d9a14746c81ebbdf0e69534c6fb","sha1":"82f45a839c6f59701ac3f8e4157052336f75c0ff","sha256":"e7b86663c6b1dc952a86c99fd2a047aa874f3e4ce8193ae7cacdf1723f88a14f","sha512":"04e6193557472b129e8503ab344e7dca070e8aca5061d0fe968fd84bab1be14dcd33845439e13be69ebdbf5d6764ee3dcc41ea60984d2ef9d865293612805f26","ssdeep":"96:9zjCKg9ShL7mOTpBESTAdSXZA2s5uAMJoaTdGT9u1Tis/vQfH/Y/7y3o6:9zjCl9Shmw3TAcA2xAoiA8s/vmA/7y33","tlshash":"a8d18cae019af1ca29e64728ed6b5cf61c804ddbf0ccc895c9a762df4f0a0ca7c5461c","first_seen":"2025-08-28T08:55:33.291678Z","last_seen":"2025-08-28T08:55:33.291678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"peeringannecultivate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:09 GMT\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"e9d2e14beb088f37fae98294940a9dcd","sha1":"1dafc3c55550249c8c2d782d5616c7b445c8e005","sha256":"f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7","sha512":"64025ea9b660d5e1d45a593a27345e152ba6b5ef95daceee5e43201319a555eb5457cfe1ecdcc725202063a22c5f406f3ba4607863d5b714c378f144bcdea5f7","ssdeep":"384:pjf5jgjPjrjyUj/qY4+j4jYjpjfMj1jWj6jyhj/qY4XjNjtj4jfdjkjDj3jyQj/E:p90DXOU/R08toBy+Oh/EBpcZwPLOQ/VK","tlshash":"e5722291041740009b835ce223cebf35fe1f92117152d0b5abfd9b6badcbc66526939d","first_seen":"2025-06-02T17:27:24.212334Z","last_seen":"2026-01-19T16:22:17.33804Z","times_seen":5482,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-P7L1ZVNFSF","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:06.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /gtag/js?id=G-P7L1ZVNFSF HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1106:0\r\nreport-to: {\"group\":\"ascgcycc:1106:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 136989\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":411771,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6006)","md5":"56157f256d608f8d04ed52a2d35594c7","sha1":"e669c4d1414147e80e936f0eff20d28641caa665","sha256":"de6782d9f1d20640ef0f1024b5e22076f11b79ddf2a6a7981e650439660029b6","sha512":"cf9b65d19424864bb8760b5b89c932177e0bb35f52a3718baa9001dd6843c39e041d30b65cc39a23006ff77e54d462acdfcd204967006d55a69a17b40495e428","ssdeep":"6144:b4TQPdHIRomMr3V9lQaE54niDP3tyL9iIlp4A:0TQFHIRomMr3V9lQ6iNA","tlshash":"df94078e73d674625396f478803f018ba57b28a2b44cc899f1c9cde42e74a9a4177f7c","first_seen":"2025-08-28T08:55:33.294804Z","last_seen":"2025-08-28T08:55:33.294804Z","times_seen":1,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":95,"dns":1,"connect":8,"send":0,"wait":38,"receive":27,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.js\u0026eid=3\u0026h=Ag\u0026tr=1gct\u0026ti=1gct\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.js\u0026eid=3\u0026h=Ag\u0026tr=1gct\u0026ti=1gct\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/css/995.31d6cfe0.chunk.css","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/css/995.31d6cfe0.chunk.css HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"995.31d6cfe0.chunk.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"1660e328507f5fe3185e3cda90676f6a\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:09 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ml8jl-1756371307440-5f9ac903722e\r\ncontent-length: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/css/493.2c816d9d.chunk.css","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/css/493.2c816d9d.chunk.css HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"493.2c816d9d.chunk.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"682d701809e48aa94543b664336bf61f\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:09 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ktdzc-1756371307444-ba7f0c9dad4a\r\ncontent-length: 1519\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5008,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (4958)","md5":"001d0cc6cb336b6c74179082658b4351","sha1":"2bf1b395ca9f8749bf13e1dc1e690b176425a61d","sha256":"0cae373fd48090740dc108589897fd5aba1d6d43d140002a2a3101586430d083","sha512":"63fae9407c50ae75e5c8982627acbeab37caa36fd4d8073d16f405da3a3d85dedf18c0766c2f631bb5bf325d0030104764a5ca5e2b9a2514952bd518d1580006","ssdeep":"48:yxo951Y9fVYN6ggDcRD5USy50VQa0cLPYoFkgdgySMwyVx35bJYuCYDCCdaXWXb6:/569iN6PMWSy5mRfJquTCwiGAWTYwyrD","tlshash":"c0a150206a18261cf11f93d1bfd15a8a602dc587f2331ddd76adb6aac7c3089073da96","first_seen":"2025-08-28T08:55:33.296937Z","last_seen":"2025-08-28T08:55:33.296937Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b5ea1ebaabb2d674dd6090dba61b93ec\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html\u0026l=2977\u0026fd=165","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html\u0026l=2977\u0026fd=165 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/web/plfjl4zof","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-28T08:55:06.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /web/plfjl4zof HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=0\r\ncontent-disposition: inline; filename=\"index.html\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:06 GMT\r\netag: \"0ae6ee1cc8f9d9ebfc29085b739c60cd\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:08 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::7dt6w-1756371306613-e4a6b0cd9549\r\ncontent-length: 683\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Font Awesome","description":"Font Awesome is a font and icon toolkit based on CSS and Less.","website":"https://fontawesome.com/","common_platform_enumeration":"","icon":"Font Awesome.svg","categories":["Font scripts"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1142), with no line terminators","md5":"0ae6ee1cc8f9d9ebfc29085b739c60cd","sha1":"a5dfe9c8ff64eb341f77ba101a0f95944b79a888","sha256":"36b28efee192da7c9c27267d3eac63f38290843aff8c6b00bc8f257a780f1dce","sha512":"aaf566abb9f52d83ba31b50f52f5bc830e4cd49328713f1413f2ac61d4192e13246e25f47d3905d93ece6ec4c8d18f499e9a1e3535dbbe578c8319768cc9b5c8","ssdeep":"","tlshash":"7f210da3dc26c84c833017a76af6b11c9046b528b951ed952ceb30ad47a0fd7cd31a40","first_seen":"2025-08-28T08:55:33.299314Z","last_seen":"2025-08-28T08:55:33.299314Z","times_seen":1,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":70,"dns":41,"connect":1,"send":0,"wait":11,"receive":157,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=b0d643d1-7a52-4fa4-a5e8-ab1877393437\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=e23e018b733e2e433886c45b49cc0cf3\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=8","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:12:33 GMT","end":"Mon, 29 Sep 2025 15:12:32 GMT"},"fingerprint":{"sha1":"9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A","sha256":"FB:D4:A2:1D:0F:F1:FB:A8:D9:5E:88:03:1F:BB:94:D2:32:5C:CC:49:11:11:FC:04:7B:C6:43:40:CF:1E:A2:BA"}}},"request":{"raw":"GET /pxf.gif?uuid=b0d643d1-7a52-4fa4-a5e8-ab1877393437\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=e23e018b733e2e433886c45b49cc0cf3\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=8 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7bdf34efdd71ae8cb46f196a0a9cdff1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":735,"timings":{"blocked":310,"dns":1,"connect":101,"send":0,"wait":114,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css\u0026l=79313\u0026fd=59","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css\u0026l=79313\u0026fd=59 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":89,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"peeringannecultivate.com/impr.gif?sid=H4sIAAAAAAAC_1RSzWskxRuuTnL7HX64iuKCMIgHBTPpnu75cg-r6-5KcL_YD_YgCtVV1ZNyqrvaqu7p2TktBmSPs-JBb51nko0fq6w3Dwoy8RYVMoIwSHLJf6CQo8gkA9H38L5P1VNVPO_z1kcb-QHxkdPpjat6IJWiK_WqW3n5rky4Lmzl2u2K51bdc5W7MmkE5yr9WTK91zw_qLqvVN4SrKtXaq7nup7rVS5LIyLdXzlmIdPHba_adqtBrerVA_TNf9c2d2CpA947IGcg-eT_h9E7kGyMJH5yUdhuptNXL8W5opk26PHtO0k30UWC-BRGxkGUbM9PQ9sJIZ8uQCfb8w6ge5uzDhDKCVl4dh9hsj2XibC3daI0VBAJQv4_FL0xhBpD0jGYXofkewRgHNeuI4kfXdOmoPdOWDpjJ2Tp6C_IYkKW9p9BEn9zQcl-5ZZWeSZ1YtGPSsj-GLIzRprvIBssQBY7YNmHkPxXsnJ0BUm8ed0qDcmnL4UubwQ-95abtF5bDiIaLNO6aC3T0Gs1m37bD_zmsUUyGoPaReTWQS4d5JGDPHUQ82klcFsB86jfiNqcNd2ABgEXodtu1VyXtlkTOZtpHyJLh2BqCGbuIzX30ZUP9-pnYPIfYddKWO7AZgQ9XqIQBIUlKChBIQmKjKDolVtc2ZotH3Fl89Cb19q8-uVIZ50NuqWzjkgIqBnC8HJTph_YdbBscTSILB_pWaJhVo5oyMuN9IA8NXPWeW91iq6YVkTNF67XCpu-L2oi8P1Wq8GCehi0GXNZ5MPKEtIugFoHAzkh7TuXkMoJOft3FyHdgVU7YPJF0PwF0KIEXSsxSL6maapTkQhTZToG1yXSbAnZPWdDHZCzx8N99_YeBNt9fennWfwCZkqkpsT78ieCjnowuqkLsnlTF5Z8ez3NZCwHdDb4WxnNxOKXb4t7hTZ89aIdfvEGmxEz-Pi2sNkVmnCZdCz56oLkXJjL2jBBfli1d0V4I7drF3KT5OmVG29eXo1TI6yVOhmDyglx_jRgckKe_uy5408d_H4IacYweYk43yXzAEvvw6an2q0mMOqUD1MHRV6OTC083VRyQq5-8jmU2D3_8Xf73_9xeAQalrDiXxdP8cjQ2QtUlhv2ATrGAc3WkcQleqZET5WgagibL46y1Oye_80_DoTKGYXKOJuhMurhic1WTiuRL2rMdVvNhue3IuH5AWdRvRW0eYO6vi-Q2cnak-fVPwEAAP__X6tVSLYEAAA=","fqdn":"peeringannecultivate.com","domain":"peeringannecultivate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"peeringannecultivate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 21:39:07 GMT","end":"Sat, 22 Nov 2025 21:39:06 GMT"},"fingerprint":{"sha1":"88:13:0F:BD:1F:B9:0D:6C:C5:9A:B1:27:01:18:E6:71:C4:BF:94:3D","sha256":"EB:5E:2C:5D:7E:02:CD:25:50:38:6C:34:EB:03:F3:7D:94:B4:4C:2A:55:F7:8E:6A:CA:83:F2:83:CF:A4:17:80"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSzWskxRuuTnL7HX64iuKCMIgHBTPpnu75cg-r6-5KcL_YD_YgCtVV1ZNyqrvaqu7p2TktBmSPs-JBb51nko0fq6w3Dwoy8RYVMoIwSHLJf6CQo8gkA9H38L5P1VNVPO_z1kcb-QHxkdPpjat6IJWiK_WqW3n5rky4Lmzl2u2K51bdc5W7MmkE5yr9WTK91zw_qLqvVN4SrKtXaq7nup7rVS5LIyLdXzlmIdPHba_adqtBrerVA_TNf9c2d2CpA947IGcg-eT_h9E7kGyMJH5yUdhuptNXL8W5opk26PHtO0k30UWC-BRGxkGUbM9PQ9sJIZ8uQCfb8w6ge5uzDhDKCVl4dh9hsj2XibC3daI0VBAJQv4_FL0xhBpD0jGYXofkewRgHNeuI4kfXdOmoPdOWDpjJ2Tp6C_IYkKW9p9BEn9zQcl-5ZZWeSZ1YtGPSsj-GLIzRprvIBssQBY7YNmHkPxXsnJ0BUm8ed0qDcmnL4UubwQ-95abtF5bDiIaLNO6aC3T0Gs1m37bD_zmsUUyGoPaReTWQS4d5JGDPHUQ82klcFsB86jfiNqcNd2ABgEXodtu1VyXtlkTOZtpHyJLh2BqCGbuIzX30ZUP9-pnYPIfYddKWO7AZgQ9XqIQBIUlKChBIQmKjKDolVtc2ZotH3Fl89Cb19q8-uVIZ50NuqWzjkgIqBnC8HJTph_YdbBscTSILB_pWaJhVo5oyMuN9IA8NXPWeW91iq6YVkTNF67XCpu-L2oi8P1Wq8GCehi0GXNZ5MPKEtIugFoHAzkh7TuXkMoJOft3FyHdgVU7YPJF0PwF0KIEXSsxSL6maapTkQhTZToG1yXSbAnZPWdDHZCzx8N99_YeBNt9fennWfwCZkqkpsT78ieCjnowuqkLsnlTF5Z8ez3NZCwHdDb4WxnNxOKXb4t7hTZ89aIdfvEGmxEz-Pi2sNkVmnCZdCz56oLkXJjL2jBBfli1d0V4I7drF3KT5OmVG29eXo1TI6yVOhmDyglx_jRgckKe_uy5408d_H4IacYweYk43yXzAEvvw6an2q0mMOqUD1MHRV6OTC083VRyQq5-8jmU2D3_8Xf73_9xeAQalrDiXxdP8cjQ2QtUlhv2ATrGAc3WkcQleqZET5WgagibL46y1Oye_80_DoTKGYXKOJuhMurhic1WTiuRL2rMdVvNhue3IuH5AWdRvRW0eYO6vi-Q2cnak-fVPwEAAP__X6tVSLYEAAA= HTTP/1.1\r\nHost: peeringannecultivate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nCookie: uid_id2=b0d643d1-7a52-4fa4-a5e8-ab1877393437:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22956505=1; slece23e018b733e2e433886c45b49cc0cf3=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+7543bfe6ad23bb50acff82a6c86ec524=6116561; expires=Fri, 29 Aug 2025 08:55:09 GMT; path=/; secure; SameSite=None\niprc_l:6116561=3; expires=Fri, 29 Aug 2025 08:55:09 GMT; path=/; secure; SameSite=None\niprc_a+9097e37f13e53b04ff5bd16b775781aa=127602; expires=Sat, 30 Aug 2025 08:55:09 GMT; path=/; secure; SameSite=None\niprc_a:127602=1; expires=Sat, 30 Aug 2025 08:55:09 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: peeringannecultivate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d8157ef8b86f41b23e104ca1eb981ea6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"peeringannecultivate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@200;300;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Poppins:wght@200;300;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4804,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5c5ea5efe12c9aa03412064c9945e58c","sha1":"e3ce38f240edeb9eee6f3745aae523f6e3d88811","sha256":"cdb37dd4d8c1d595e19d2a027747ae785fe9a6b5e479077935e58e7faee723b3","sha512":"202a5c4543c94a44bdd6a8b481f0828c4e8d44b4e6e77023ab7eaef88fb18647cc84b7de473e2f0fb7405f5c353c1ab8a2124642a370e06d74dd9c8c59fb43ac","ssdeep":"96:SO6azO6a7Jc+ukO6ayN3O1aaO1aiJc+ukO1alN3OpaGOpa+Jc+ukOpa5N3OwhaMN:/qfeuwqd54uJongsa","tlshash":"d9a19cd1087be1049b871cc123cf7d36ee1ea155a810e5786bfd0c98adabc291372b2d","first_seen":"2025-08-09T03:51:12.288221Z","last_seen":"2025-08-28T08:55:33.301623Z","times_seen":2,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":270,"dns":1,"connect":30,"send":0,"wait":60,"receive":0,"ssl":240},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserratalternates/v17/mFTvWacfw6zH4dthXcyms1lPpC8I_b0juU0566fQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/montserratalternates/v17/mFTvWacfw6zH4dthXcyms1lPpC8I_b0juU0566fQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20220\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 22 Aug 2025 05:54:38 GMT\r\nexpires: Sat, 22 Aug 2026 05:54:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 529229\r\nlast-modified: Tue, 26 Apr 2022 16:42:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20220, version 1.0","md5":"e081dd60810b100f60a315f2c1c34df8","sha1":"215b1b75ff9835bbbe2b655a91af277368932c85","sha256":"d24bdc67d21e9bbc0ad7e665b3a575adf886dbfbaf751f8fdd8cdfe36b777fed","sha512":"26be32109bd3506be0056007c5bec874124f3f247af6f8470884d84f55fb05fdfebe608dd91e55fa36047ac9de5b50a70454fef13c8f81ab6da6ee96bb0f5838","ssdeep":"384:mZ7UTqVLZP9LaMu+C1Q5NZRnZL/WzuTYb8Edo5aUWx8l8wGFQgvnKEKY4i2:mZ7Yqxju+C1euuk8NWx8aFFZhKB","tlshash":"7e92e18bbc960d11e381a53bacbecd1e154d987ad5c122cb623fa0db1f4459f22d4714","first_seen":"2023-05-04T22:01:45Z","last_seen":"2026-04-27T21:15:22.881527Z","times_seen":326,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2159\u0026rd=2159\u0026fd=480\u0026bv=25.8.5278\u0026tmpl=136","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2159\u0026rd=2159\u0026fd=480\u0026bv=25.8.5278\u0026tmpl=136 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":662,"timings":{"blocked":284,"dns":1,"connect":92,"send":0,"wait":94,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"peeringannecultivate.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYscxRuu3t3b7_DDKIoBYRAPCu5s93TPR5tDNCaRxXyRD3IQheqq6tlyqrvaqu7pyZyCAclxIh701vvMJutHlHjzoCCz3laFjCAMkr3sf6CwR5HZHVh9D-_7VD1VxfM-b320WewRHwWdXbmoh1Iputasu7WXb8qU69LWLl2veW7dPVW7KdNWcKo2mCfTf83zg7r7Su0twXp6reF6ruu5Xu28NCLWg7VDFjJ7GHr10K0HjbrXDDAw_13bwoGlDnh_j5yA5NP_78fvQLIJ0uTRWWF7uc5ePZcUiubaoM-3b6S9VJcpkmMYGwdxur04DW2nhHy6BJ1uLzqA7m_NO0Akp2Tp2SeI0u2FTET9-0dKIwWRIuL_Q9mfQKgJJJ2A6TuQ_DEBGMely0iTB5e0KemtI5bO2SlZOfgLspySlSfPIE2-OaPkoHZNqyKXOrUYxBXkYALZnSArdpAPlyDLHbD8Q0j-K1k7uIA02bpslYbks5cil7cCn3urbdpsrAYxDVZpU3RWaeR12m0_9AO_fWiRjCegdhmFdVBIB0XsoMgcJHxWC9xOwDzqt-KQs7Yb0CDgInLDTsN1acjaKNhc-wh5NgJTIzBzG5m5jZ6897h5Aqb4EXajguUObE7Q5xVKQVBagpISlJKgzAnKfnWfK9uw1QOubBF5i9pYVL8a67y7Se_rvCtSAmpGMLzaktkH9g5YvjwexpaP9TzRKK_GNOLVZrZHnpo767y3PkNPzGqi4QvX60Rt3xcNEfh-p9NiQTMKQsZcFvuwsoK0S6DWwVBOSXjjHDI5JSf_7iGiO7BqB0y-CFq8AFpWoBsVhunXNMt0JlJh6kwn4LpClq8gv-Vsqj1y8nC4715_DMF2X1_5eR6_gJkKmanwvvyJoKvujq_qkmxd1aUl317OcpnIIZ0P_lpOc7H85dviVqkNXz9rR1-8webEHD68Lmx-gaZcpl1LvjojORfmvDZMkB_W7U0RXSnsxpnCpEV24cqb59eTzAhrpU4noHJKnD8NmJySpz977vBTB7_vQ5oJTFEhKXbJIsCy27DZsXarCYw65qPMQVlUY9OIjjeVnJKLn3wOJXZPf_zdk-__2D8AjSpY8a-Lx3hs6PwFKqtNexdd44Dmd5AmFfqmQl9VoGoEWyyP88zsnv7NPwxEyhlHyjhbkTLq3pHNVs5qzUbktzqdlohbPPa53_B52HRFGNCwFYRBE7mdbjx6Xv0TAAD__6PDxZa2BAAA","fqdn":"peeringannecultivate.com","domain":"peeringannecultivate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"peeringannecultivate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 21:39:07 GMT","end":"Sat, 22 Nov 2025 21:39:06 GMT"},"fingerprint":{"sha1":"88:13:0F:BD:1F:B9:0D:6C:C5:9A:B1:27:01:18:E6:71:C4:BF:94:3D","sha256":"EB:5E:2C:5D:7E:02:CD:25:50:38:6C:34:EB:03:F3:7D:94:B4:4C:2A:55:F7:8E:6A:CA:83:F2:83:CF:A4:17:80"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYscxRuu3t3b7_DDKIoBYRAPCu5s93TPR5tDNCaRxXyRD3IQheqq6tlyqrvaqu7pyZyCAclxIh701vvMJutHlHjzoCCz3laFjCAMkr3sf6CwR5HZHVh9D-_7VD1VxfM-b320WewRHwWdXbmoh1Iputasu7WXb8qU69LWLl2veW7dPVW7KdNWcKo2mCfTf83zg7r7Su0twXp6reF6ruu5Xu28NCLWg7VDFjJ7GHr10K0HjbrXDDAw_13bwoGlDnh_j5yA5NP_78fvQLIJ0uTRWWF7uc5ePZcUiubaoM-3b6S9VJcpkmMYGwdxur04DW2nhHy6BJ1uLzqA7m_NO0Akp2Tp2SeI0u2FTET9-0dKIwWRIuL_Q9mfQKgJJJ2A6TuQ_DEBGMely0iTB5e0KemtI5bO2SlZOfgLspySlSfPIE2-OaPkoHZNqyKXOrUYxBXkYALZnSArdpAPlyDLHbD8Q0j-K1k7uIA02bpslYbks5cil7cCn3urbdpsrAYxDVZpU3RWaeR12m0_9AO_fWiRjCegdhmFdVBIB0XsoMgcJHxWC9xOwDzqt-KQs7Yb0CDgInLDTsN1acjaKNhc-wh5NgJTIzBzG5m5jZ6897h5Aqb4EXajguUObE7Q5xVKQVBagpISlJKgzAnKfnWfK9uw1QOubBF5i9pYVL8a67y7Se_rvCtSAmpGMLzaktkH9g5YvjwexpaP9TzRKK_GNOLVZrZHnpo767y3PkNPzGqi4QvX60Rt3xcNEfh-p9NiQTMKQsZcFvuwsoK0S6DWwVBOSXjjHDI5JSf_7iGiO7BqB0y-CFq8AFpWoBsVhunXNMt0JlJh6kwn4LpClq8gv-Vsqj1y8nC4715_DMF2X1_5eR6_gJkKmanwvvyJoKvujq_qkmxd1aUl317OcpnIIZ0P_lpOc7H85dviVqkNXz9rR1-8webEHD68Lmx-gaZcpl1LvjojORfmvDZMkB_W7U0RXSnsxpnCpEV24cqb59eTzAhrpU4noHJKnD8NmJySpz977vBTB7_vQ5oJTFEhKXbJIsCy27DZsXarCYw65qPMQVlUY9OIjjeVnJKLn3wOJXZPf_zdk-__2D8AjSpY8a-Lx3hs6PwFKqtNexdd44Dmd5AmFfqmQl9VoGoEWyyP88zsnv7NPwxEyhlHyjhbkTLq3pHNVs5qzUbktzqdlohbPPa53_B52HRFGNCwFYRBE7mdbjx6Xv0TAAD__6PDxZa2BAAA HTTP/1.1\r\nHost: peeringannecultivate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nCookie: uid_id2=b0d643d1-7a52-4fa4-a5e8-ab1877393437:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22956505=1; slece23e018b733e2e433886c45b49cc0cf3=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: peeringannecultivate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e6a1e7f12f559d80c5a8216192b778d1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"peeringannecultivate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 01 Jul 2025 14:01:22 GMT","end":"Mon, 29 Sep 2025 14:59:36 GMT"},"fingerprint":{"sha1":"CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B","sha256":"8B:98:84:C0:8D:47:7C:1B:A7:26:4B:E4:9E:6E:FD:8E:E1:6D:6E:41:1D:E7:91:B7:70:A3:C1:D0:C0:85:6B:31"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 03:21:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zqPkP3NEm0z2vmsx9baFbccx27AOrXqTKoLe0NxOus%2B%2FA9mRXdd5kiGMPgcLc4d2f1DzmtCQ7UI2nnKUDN72kXEgABGfw0lhgyF3%2BPytdsg%3D\"}]}\r\nage: 263288\r\ncf-cache-status: HIT\r\netag: W/\"6275e5bb-17e\"\r\ncontent-encoding: br\r\ncf-ray: 9762968bb95abe8f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":382,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"4f5f05ab032dd8fc0db448fcf51a35e2","sha1":"78f94f93fdb792d95ea3ac293ac1b8e3bc13d609","sha256":"7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38","sha512":"66a1f6a4996b8a21631d4bbbe85654ee1a47562b478ebd97bac584e7efe9a9d431f59c52a495876295a1e59760f12adb083e299dc302bd15080e559e1adae206","ssdeep":"","tlshash":"f4e02b2052540234c3bbc19691cb6bcb6270451ad009050e641c575b1df2bb612c9e97","first_seen":"2023-05-19T20:45:50Z","last_seen":"2026-01-17T18:50:06.236167Z","times_seen":1120,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@400;600;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Poppins:wght@400;600;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 Aug 2025 08:55:07 GMT\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3591,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"cbb2c8beefdd3d385374090e93dc06e2","sha1":"3662e809c35dae2a4a6001d5f943f2cf8afe0258","sha256":"ffa6114198f08a545c00af3f476166d98b340293691587fc5e16a2366c3ac870","sha512":"0fc748960b2b641a38a7705c108f212249f3b44159e23454ddfbecfd7ef48dfc9ed8661ea9efa926e4f22c807e17edc18aae4a2ef9a583b190b2e0607bedfaf5","ssdeep":"","tlshash":"15719dd1087be104ab871cc123cf7d36ee1ea255b410e5746bfd0c98adabc694362b2d","first_seen":"2025-05-05T11:12:21.007527Z","last_seen":"2025-09-07T15:32:19.506027Z","times_seen":21,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":1,"connect":15,"send":0,"wait":32,"receive":0,"ssl":125},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/favicon.ico","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11635\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"favicon.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"84f0cb55ada33180db3bfe82f8f16b39\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:12 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mkdrz-1756371307958-18097c81c4d4\r\ncontent-length: 4230\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"84f0cb55ada33180db3bfe82f8f16b39","sha1":"061c2bc0c335d2d17fc27070e949b6d783131b2b","sha256":"b20547468ded98637684e833d5e4a98be85af32a9be1a8914ab79065725ee8a6","sha512":"a39e02761ae1a4e8d7867718fc8b6defa1286b04df0cba4347dd72428f3a4f3c26bf30b6e78c69ec22a63d9e8d353cec335e75769f01650982e18d395f862214","ssdeep":"192:fHFDr97Q+MlVpiaOM2AE8fhQPVBwI3Zhz4q:tDrG+aVpi9IhQP7j3ZL","tlshash":"1162b508bf7e9685c900fe71e193d7f36e855ee9af440d170919fe433a2e81560d68b1","first_seen":"2024-04-19T12:46:03Z","last_seen":"2025-08-28T08:55:33.308997Z","times_seen":22,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.78.68.13","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://www.appopener.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=b0d643d1-7a52-4fa4-a5e8-ab1877393437:3:1; expires=Sun, 26 Aug 2035 08:55:08 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8ae783529035df056eb4249c9383e8af","sha1":"f0caae8220747e583c9a63c6cec8c2adc0b7c239","sha256":"3c0622348c4cb8a973040dedea169f055a3f84dd0dc569263e6f864c28bb4a5c","sha512":"bd04290f868a86cefe96e5460f6bbe3fab838216a465959466bfa5332eab5d09cf8c55aaade4d688379ec4e7a8ef0be7973bbd5db20436e5c4fadbbd21c29b19","ssdeep":"","tlshash":"3490029120102860551808195a75b846d8220131441878100054c09128651810388482","first_seen":"2025-08-28T08:55:33.309955Z","last_seen":"2025-08-28T08:55:33.309955Z","times_seen":1,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":80,"dns":12,"connect":21,"send":0,"wait":21,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:18:37 GMT","end":"Mon, 29 Sep 2025 15:18:36 GMT"},"fingerprint":{"sha1":"1A:27:71:C0:8E:44:D4:6B:F5:AA:49:F0:F1:AF:E5:5F:30:23:A4:D4","sha256":"84:6C:2E:D6:ED:8A:2F:33:05:CC:E9:F2:24:E5:5C:E0:80:C2:04:2D:C3:21:06:64:E1:0D:14:81:A1:9A:00:1B"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0bd5d92ee8663efff3d62e6412812ee1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":61,"dns":0,"connect":17,"send":0,"wait":18,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 29 Mar 2022 08:27:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ut%2F%2FrvAiFimNux4AwytQZljYiewx9zKTYrJoiJugK89vsgJms4QM6F9kzwypLjqkk7p5vnASj5KGOTM3JHMH11avQJ6WkjVaUIMC7YWyPA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 976296893b52c0fd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2977,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"027fddd0d322239ada2f2b8b93934fda","sha1":"6f99560bca5c6d8d747c802f26058344eb179cec","sha256":"a5b2073d8f57ef0469b777f73d6c3f4a85cc17b4c2ed2a53aa3f1acb2273dbd5","sha512":"2c2eff668f38734b17c8847dfe11b5b40027948a1ebf24d6a763c44ab0b0fc63d260f69f9b3e0eefd8d82646223d88df36a256155ab3b7c21078a697e052afc8","ssdeep":"","tlshash":"26517d101fa8cc3670b08128a7233e2a7b9f6083931a6764317d5c255f949ea777f6f1","first_seen":"2023-05-18T23:46:38Z","last_seen":"2026-01-17T18:50:06.211937Z","times_seen":1108,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":30,"dns":1,"connect":8,"send":0,"wait":129,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=b0d643d1-7a52-4fa4-a5e8-ab1877393437\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=eb2387b7d314fbad38da7f3ed15ea10f\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=8","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:12:33 GMT","end":"Mon, 29 Sep 2025 15:12:32 GMT"},"fingerprint":{"sha1":"9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A","sha256":"FB:D4:A2:1D:0F:F1:FB:A8:D9:5E:88:03:1F:BB:94:D2:32:5C:CC:49:11:11:FC:04:7B:C6:43:40:CF:1E:A2:BA"}}},"request":{"raw":"GET /pxf.gif?uuid=b0d643d1-7a52-4fa4-a5e8-ab1877393437\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=eb2387b7d314fbad38da7f3ed15ea10f\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=8 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Thu, 28 Aug 2025 08:55:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fe2c619aa0b112eddf78b6fa43af966d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":658,"timings":{"blocked":281,"dns":1,"connect":92,"send":0,"wait":93,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"peeringannecultivate.com/pixel/sbs?c=1","fqdn":"peeringannecultivate.com","domain":"peeringannecultivate.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"peeringannecultivate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 21:39:07 GMT","end":"Sat, 22 Nov 2025 21:39:06 GMT"},"fingerprint":{"sha1":"88:13:0F:BD:1F:B9:0D:6C:C5:9A:B1:27:01:18:E6:71:C4:BF:94:3D","sha256":"EB:5E:2C:5D:7E:02:CD:25:50:38:6C:34:EB:03:F3:7D:94:B4:4C:2A:55:F7:8E:6A:CA:83:F2:83:CF:A4:17:80"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: peeringannecultivate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nCookie: uid_id2=b0d643d1-7a52-4fa4-a5e8-ab1877393437:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22956505=1; slece23e018b733e2e433886c45b49cc0cf3=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:10 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: peeringannecultivate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":285,"dns":1,"connect":93,"send":0,"wait":96,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"peeringannecultivate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appopener.com/web/plfjl4zof","fqdn":"appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"76.76.21.21","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-28T08:55:06.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 17:04:49 GMT","end":"Sun, 02 Nov 2025 17:04:48 GMT"},"fingerprint":{"sha1":"31:A4:F8:85:14:9A:F2:AC:FC:4E:97:39:FC:C4:0A:A8:CB:76:5B:CF","sha256":"47:A8:A1:47:70:21:B5:39:76:F0:EF:9E:5F:07:43:BF:C1:DE:F4:86:D6:AF:FD:D5:5C:14:6D:BE:07:A7:6B:8A"}}},"request":{"raw":"GET /web/plfjl4zof HTTP/1.1\r\nHost: appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 308 Permanent Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Thu, 28 Aug 2025 08:55:06 GMT\r\nlocation: https://www.appopener.com/web/plfjl4zof\r\nrefresh: 0;url=https://www.appopener.com/web/plfjl4zof\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::58kpw-1756371306503-fdb25e3a8969\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"Permanent Redirect","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Font Awesome","description":"Font Awesome is a font and icon toolkit based on CSS and Less.","website":"https://fontawesome.com/","common_platform_enumeration":"","icon":"Font Awesome.svg","categories":["Font scripts"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1142), with no line terminators","md5":"0ae6ee1cc8f9d9ebfc29085b739c60cd","sha1":"a5dfe9c8ff64eb341f77ba101a0f95944b79a888","sha256":"36b28efee192da7c9c27267d3eac63f38290843aff8c6b00bc8f257a780f1dce","sha512":"aaf566abb9f52d83ba31b50f52f5bc830e4cd49328713f1413f2ac61d4192e13246e25f47d3905d93ece6ec4c8d18f499e9a1e3535dbbe578c8319768cc9b5c8","ssdeep":"","tlshash":"7f210da3dc26c84c833017a76af6b11c9046b528b951ed952ceb30ad47a0fd7cd31a40","first_seen":"2025-08-28T08:55:33.299314Z","last_seen":"2025-08-28T08:55:33.299314Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":42,"dns":11,"connect":1,"send":0,"wait":10,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"Blocklist","title":"PhishTank","description":"PhishTank","scan_date":"2024-10-02","alert":"Phishing - Other","trigger":"appopener.com/web/plfjl4zof","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kit.fontawesome.com/759551443b.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:06.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /759551443b.js HTTP/1.1\r\nHost: kit.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-length: 9\r\ncf-ray: 9762967ca9fbb4ee-OSL\r\naccess-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3000\r\ncache-control: max-age=0, private, must-revalidate\r\nx-request-id: GF_iZe1QRHY47fNRz21B\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with no line terminators","md5":"722969577a96ca3953e84e3d949dee81","sha1":"3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5","sha256":"78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3","sha512":"54b2b4596cd1769e46a12a0ca6ede70468985cf8771c2b11e75b3f52567a64418bc24c067d96d52037e0e135e7a7ff828ad0241d55b827506e1c67de1caee8bc","ssdeep":"","tlshash":"26500000000c000c33c3030000000f000003030000030000cf000003000000c00c000c","first_seen":"2023-04-05T07:39:32Z","last_seen":"2026-04-28T15:26:56.451234Z","times_seen":26472,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":198,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026e=gtm.init\u0026eid=2\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview\u0026ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026e=gtm.init\u0026eid=2\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview\u0026ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appopener-backend-gs2q.onrender.com/goto/web/plfjl4zof","fqdn":"appopener-backend-gs2q.onrender.com","domain":"appopener-backend-gs2q.onrender.com","tld":"onrender.com"},"ip":{"addr":"216.24.57.7","port":443,"asn":397273,"as":"RENDER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onrender.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 04 Aug 2025 17:53:53 GMT","end":"Sun, 02 Nov 2025 18:53:51 GMT"},"fingerprint":{"sha1":"35:2E:63:E4:DA:F7:74:7C:3B:60:F4:1B:87:1E:16:3E:3A:E2:08:EF","sha256":"0B:CD:A7:A3:81:C8:03:9E:3A:E4:D3:64:62:27:BC:DB:90:A1:A8:B9:FE:5C:2D:EC:FF:20:A9:63:D1:A7:F3:39"}}},"request":{"raw":"POST /goto/web/plfjl4zof HTTP/1.1\r\nHost: appopener-backend-gs2q.onrender.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 63\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 28 Aug 2025 08:55:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 31\r\naccess-control-allow-origin: https://www.appopener.com\r\ncontent-encoding: br\r\netag: W/\"1b-eJKhD+zP4dtqOm1tPFSQBypXEGI\"\r\nrndr-id: 58796923-4498-4124\r\nvary: Origin, Accept-Encoding\r\nx-powered-by: Express\r\nx-render-origin-server: Render\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 97629681dd6b7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Render","description":"Render is a cloud computing platform that provides a wide range of services, including web hosting, cloud computing, and application development. Render offers several hosting options, including static site hosting, web application hosting, and managed databases.","website":"https://render.com","common_platform_enumeration":"","icon":"Render.svg","categories":["PaaS"]}],"data":{"size":27,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d5088e7b1263d1737f3eeea8994355ea","sha1":"7892a10feccfe1db6a3a6d6d3c5490072a571062","sha256":"9e477041248c149b86fc8823d5a90958e7b53095663c5e6c7856721b2d59d0aa","sha512":"6284e981e41509434611301c7b32f5c3b4d3f8073b141f4b3013bc95e974a4f7f85beca80c68488f0ebc69846bd81708f558978c51d042995a9bfabb44aac026","ssdeep":"","tlshash":"e080008c00a3230e28820a200ae00822808802a008202ea220008808000c0838c20cc8","first_seen":"2025-08-28T08:55:33.313553Z","last_seen":"2025-08-28T08:55:33.313553Z","times_seen":1,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/72.f1738f43.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/js/72.f1738f43.chunk.js HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"72.f1738f43.chunk.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"1b41d771f1fa69a0cc1699ee8322b096\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:09 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::rwrpk-1756371307426-e6b848348fa7\r\ncontent-length: 54848\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":168859,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65461)","md5":"e33bab618e95b455712bf32b4b4d8555","sha1":"64b6c389c41dc42642794081484bde95f3d02dde","sha256":"36f667ce9e8e2d1a9ab0acc49f5617b9dc03c2ec28cfd390e496b23c420e478d","sha512":"3dd8675029dbe95aa82c10444e7416874a2de15e9683ad03f16b38e723906411009691f603a9b34e5c50eb5a9ca3ae5f7030a6b1823c5ef24fe7050a43163f89","ssdeep":"1536:DqDFYwOuIPXx/c64Jysq7vYLkpkpgD9TVQYPiOpWC5D5UqcKjSBpS7n7GPqebU9z:RxP+LkfTaWAC5mqhuZhOI6","tlshash":"fff329857150b0a1d7db4499c87f0715f33a29943446c0acb23daccb6961ada72bbf3e","first_seen":"2025-08-09T03:51:12.228594Z","last_seen":"2025-08-28T08:55:33.315231Z","times_seen":2,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 22 Aug 2025 08:13:09 GMT\r\nexpires: Sat, 22 Aug 2026 08:13:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 520920\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-28T16:24:24.069383Z","times_seen":769423,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.load\u0026eid=12\u0026u=AgAAAAAAAAAAAIA\u0026h=Ag\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:34:03 GMT","end":"Mon, 29 Sep 2025 08:34:02 GMT"},"fingerprint":{"sha1":"A2:8A:24:AD:51:7D:A4:62:BB:34:6F:C9:21:A1:B9:E1:2D:A6:0E:C1","sha256":"9F:B9:94:8F:84:D3:44:71:A7:81:72:C8:80:4D:14:02:E3:E0:30:0C:F1:17:27:83:00:82:D9:C3:68:D3:B3:AF"}}},"request":{"raw":"GET /a?id=G-P7L1ZVNFSF\u0026v=3\u0026t=t\u0026pid=800376950\u0026cv=1\u0026rv=58q2\u0026tc=15\u0026tag_exp=101509157~103103155~103103157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948812~104948813~105427542~105427544\u0026es=1\u0026e=gtm.load\u0026eid=12\u0026u=AgAAAAAAAAAAAIA\u0026h=Ag\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Thu, 28 Aug 2025 08:55:09 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:09.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 22 Aug 2025 08:13:09 GMT\r\nexpires: Sat, 22 Aug 2026 08:13:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 520920\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-28T16:24:24.069383Z","times_seen":769423,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/css/main.d748a0de.css","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:06.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/css/main.d748a0de.css HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"main.d748a0de.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:06 GMT\r\netag: \"f04bfc4c61f4c5f2e7b6633130a8d3b3\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:09 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::tltq2-1756371306979-3260592ba0b9\r\ncontent-length: 44872\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":247372,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (50003)","md5":"b2f54a108a61852b108871a64edaec21","sha1":"3764840cce12c4396a61ca18d90a4f4b21f9be44","sha256":"74f279b266d55da3313cce0ecd7ebc5112458640f7c343cf1e0fc2e54c2f3dd6","sha512":"99183008b045a9895c3136afe8b66c292c046b378d0442ada9ae03809562b582e76e528bddce99ca0679c084f28d6f47b4bb6319999b17f13972097369ba68da","ssdeep":"6144:+Yd1hOZndVhUnRpun08UhnSj79hTPeZtal5pje60I4Prh:S0OMrh","tlshash":"9134e79bf681202ee853c1a9a0d1bffd412f6585eb225baaf413773487852d71963f0c","first_seen":"2025-08-09T03:51:12.296003Z","last_seen":"2025-08-28T08:55:33.318007Z","times_seen":2,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/973.1f24e0dd.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/js/973.1f24e0dd.chunk.js HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 9718\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"973.1f24e0dd.chunk.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"69e797070cdef47b9dbf49df533371fe\"\r\nlast-modified: Thu, 28 Aug 2025 06:13:08 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ktdzc-1756371307420-7d5bfad78e72\r\ncontent-length: 48791\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":206654,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65460)","md5":"e3b25ca437632b573202a58664cb2a4f","sha1":"9488825fd799279a5895bba68943cf4a999d0819","sha256":"91350cdad812ec82103ae231a9d8ce5970394c5db6979c90a85849ba29e44904","sha512":"ac2a2b4d110f49a77da710309ca55adab7dd53a905661da7484f70fc7467aa6ac9cc0ffc11f963eff29424527f9fbd56f547bdc14a3f1786e729e8237c7d1ab9","ssdeep":"3072:K+EHYD3gDTMnWukiTgDTMnWf7+oo29n5wZy:KWD0MnWuMMnWf19n5wZy","tlshash":"ef140a4173dba8bb235290d40c7f8b0ab1ef16a45084d48cf5add9ee546ca46f06f73a","first_seen":"2025-08-09T03:51:12.307047Z","last_seen":"2025-08-28T08:55:33.320108Z","times_seen":2,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/media/next.175ebffc96129451a126.avif","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/media/next.175ebffc96129451a126.avif HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/js/796.91ef4c2a.chunk.js","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/js/796.91ef4c2a.chunk.js HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 11637\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"796.91ef4c2a.chunk.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"f8e2a9221bb55e799476cf04fbb9e3f5\"\r\nlast-modified: Thu, 28 Aug 2025 05:41:09 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ktdzc-1756371307424-c0a5b3caf989\r\ncontent-length: 18795\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56994,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (56871)","md5":"eea1ad79e3f886a6fa9364796327ef86","sha1":"512bf6b154b6757064d38c2a0e5c2239a07d8ee2","sha256":"445cb7915284d346f7a5af22ff16d6e5bedccedf795a803f13cbd8c7b422a974","sha512":"f268015aaebd21aa803f569c92833248cb71f53f3fab5997c02b4cf9295cf37e64d8b601e766e00e318ff66e28cee4371b310679cdb8692a3f9545d29e72901b","ssdeep":"768:gs6reSFSgd9HbGWA/cfEUg17PKhXRtChrColf96nCnS8MBgOpdSSa1PEoTwHIlPj:Wdic0ytYaCIyUIlPCXyLEMj","tlshash":"1f4339957042307a5bef82d7e13fe759f6392601b00d8500f26b8e71ab58ad9e123f5e","first_seen":"2025-08-09T03:51:12.254031Z","last_seen":"2025-08-28T08:55:33.322326Z","times_seen":2,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.appopener.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 27 Aug 2025 21:38:50 GMT\r\nexpires: Thu, 27 Aug 2026 21:38:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 40577\r\nlast-modified: Wed, 23 Apr 2025 16:05:59 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-28T16:24:24.904466Z","times_seen":314678,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":68,"dns":1,"connect":14,"send":0,"wait":15,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.appopener.com/static/media/logo.98c002ff109d1ce7fb35.avif","fqdn":"www.appopener.com","domain":"appopener.com","tld":"com"},"ip":{"addr":"66.33.60.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.appopener.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 07:26:34 GMT","end":"Mon, 03 Nov 2025 07:26:33 GMT"},"fingerprint":{"sha1":"78:59:10:58:23:8D:97:3E:13:3B:70:FD:50:64:67:14:B3:3F:7B:A0","sha256":"CD:61:21:9E:D2:B3:BE:F8:36:38:1D:06:77:25:12:EC:5C:1C:FC:7C:34:05:57:5E:02:95:BC:A5:57:71:FC:BB"}}},"request":{"raw":"GET /static/media/logo.98c002ff109d1ce7fb35.avif HTTP/1.1\r\nHost: www.appopener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/web/plfjl4zof\r\nCookie: _ga_P7L1ZVNFSF=GS2.1.s1756371307$o1$g0$t1756371307$j60$l0$h0; _ga=GA1.1.1565952129.1756371307\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 4538\r\ncache-control: s-maxage=31536000, immutable\r\ncontent-disposition: inline; filename=\"logo.98c002ff109d1ce7fb35.avif\"\r\ncontent-type: image/avif\r\ndate: Thu, 28 Aug 2025 08:55:07 GMT\r\netag: \"f7c85689f042d3ef79c3fbc5d635330e\"\r\nlast-modified: Thu, 28 Aug 2025 07:39:29 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::n7c6s-1756371307516-a4bb3e56ccef\r\ncontent-length: 4528\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4528,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"f7c85689f042d3ef79c3fbc5d635330e","sha1":"fe04038b4c615db172bf96edf19ede6a65286688","sha256":"cfe8f9248bade5e2524c057f24bfa0dafa0bcd6ffbbf2d63aa732a709a695f22","sha512":"0b81bfde51fdd867bb7597a7ea6ec4b9224c265ec9b312b54e3def880c046777aae1cafb99c7f900e71097f5245a3f76ef4e286f1f4fa75d3b332558542aab9e","ssdeep":"96:rGghCv3C6bS8xl0qp/kgOLy8Nyx20cw0mmt3Dq2MbIzDleN0K:rG4Y3tbS8xl0W85+8NyIrVs2DO","tlshash":"3a914d197f62cb59c80823be48aa77b0373670a2d3a23674508d62f46479f36c931ca8","first_seen":"2025-02-19T04:46:12.014768Z","last_seen":"2025-08-28T08:55:33.273877Z","times_seen":3,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"peeringannecultivate.com/e2/3e/01/e23e018b733e2e433886c45b49cc0cf3.js","fqdn":"peeringannecultivate.com","domain":"peeringannecultivate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:07.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"peeringannecultivate.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 21:39:07 GMT","end":"Sat, 22 Nov 2025 21:39:06 GMT"},"fingerprint":{"sha1":"88:13:0F:BD:1F:B9:0D:6C:C5:9A:B1:27:01:18:E6:71:C4:BF:94:3D","sha256":"EB:5E:2C:5D:7E:02:CD:25:50:38:6C:34:EB:03:F3:7D:94:B4:4C:2A:55:F7:8E:6A:CA:83:F2:83:CF:A4:17:80"}}},"request":{"raw":"GET /e2/3e/01/e23e018b733e2e433886c45b49cc0cf3.js HTTP/1.1\r\nHost: peeringannecultivate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:07 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29452\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: peeringannecultivate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8a404178d47623f5f6af37626fe5c5b0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":72714,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"11098a19a01eaef29c677f5b4f7a78a4","sha1":"ed77de03459b780afda1090f9ab784fc809d8986","sha256":"1fe4b0772b0153afb392beb71940be9bf8d528c498b16ac47409325443ac0338","sha512":"92a4a7959673f9e2491d3fcb5083708e577efd9226fe8dbe82d8e6cd691f95555f9a427941fd1aa5300bbac420c0659fbd79cf06ba15c89fe1c660c3dee90fc8","ssdeep":"768:Y2b73jmGj0qw648+QhS8u+Jcj/XcdNjNx7OdY08kUbTehzbcep3Of:Y2b7V/4x5O+jvcCdY0U3o4","tlshash":"0d63c7483f91b27802e6b8fa712fa61af0265c1195d8e0d8f503f4deae66719f035f25","first_seen":"2025-08-28T08:55:33.325058Z","last_seen":"2025-08-28T08:55:33.325058Z","times_seen":1,"resource_available":true,"data":null}},"time_used":865,"timings":{"blocked":328,"dns":54,"connect":91,"send":0,"wait":109,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"peeringannecultivate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/eb/23/87/eb2387b7d314fbad38da7f3ed15ea10f.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.appopener.com/web/plfjl4zof","date":"2025-08-28T08:55:08.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /eb/23/87/eb2387b7d314fbad38da7f3ed15ea10f.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.appopener.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Thu, 28 Aug 2025 08:55:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38547\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2e1027de81f373e7bb7dc57b1331ea3b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105744,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"25173499486e2c7107952b1c6f46899c","sha1":"e8448a6c7abe5f5483a93e6c394dcdd90b6f0536","sha256":"ece223f95905b2acbf7ea2b38cbdef3a25aa5f13ca21e5f4439851350162eb6b","sha512":"959d5b9cda5a9a20e6633aab168732fb004c3ae5a5217c1a436c9d18c8807ca862b619f36e169e5687768de472810e237bde9e14747889b3bbe34f3e8b02de28","ssdeep":"1536:cmt7BMZUs9piv3i6In8noteGF1XF3IaST6/hw:ckdv3i6C8notJZF4bL","tlshash":"59a3e9887f50f47d02da6036233f962ae1ee8e42154ee158d026edd53a68317e63ddb8","first_seen":"2025-08-28T08:55:33.326874Z","last_seen":"2025-08-28T08:55:33.326874Z","times_seen":1,"resource_available":true,"data":null}},"time_used":755,"timings":{"blocked":282,"dns":1,"connect":92,"send":0,"wait":98,"receive":93,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-28","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}