{"report_id":"cc32973e-5fca-4a51-90cc-840c8fd8a818","version":6,"status":"done","tags":[],"date":"2025-09-19T05:52:56Z","url":{"schema":"http","addr":"track.trckacbm.com/url/ver/864219246/3391698/7e96e9d0c1b35b0647f13fe0a0c4a46e/","fqdn":"track.trckacbm.com","domain":"trckacbm.com","tld":"com"},"ip":{"addr":"185.2.150.180","port":0,"asn":29119,"as":"Aire Networks Del Mediterraneo Sl Unipersonal","country":"Spain","country_code":"ES"},"final":{"url":{"schema":"https","addr":"metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"title":"Meta Business Support"},"submit":{"url":{"schema":"http","addr":"track.trckacbm.com/url/ver/864219246/3391698/7e96e9d0c1b35b0647f13fe0a0c4a46e/","fqdn":"track.trckacbm.com","domain":"trckacbm.com","tld":"com"},"ip":{"addr":"185.2.150.180","port":0,"asn":29119,"as":"Aire Networks Del Mediterraneo Sl Unipersonal","country":"Spain","country_code":"ES"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-24T05:52:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"track.trckacbm.com","ip":{"addr":"185.2.150.180","port":443,"asn":29119,"as":"Aire Networks Del Mediterraneo Sl Unipersonal","country":"Spain","country_code":"ES"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":741655,"sent_data":546,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sud.short.gy","ip":{"addr":"91.197.243.143","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":741496,"sent_data":543,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":1222,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":90966,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":1678,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":276891,"sent_data":933,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.gtranslate.net","ip":{"addr":"104.26.12.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":101861,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":13750,"sent_data":398,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"metahelp-livechat.com","ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":9,"request_count":9,"received_data":1169785,"sent_data":4729,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap:5.2.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.6.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}]},{"fqdn":"i.imgur.com","ip":{"addr":"199.232.196.193","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":3309,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":426909,"sent_data":866,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b75ae000439862b6a97d2129c85680e8","sha1":"90d15036ef48fcb336a135bae812b45669f19044","sha256":"9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b","sha512":"8bd7047c9c14c158843c529d0b57a7cf86511818fc610a3a401c854c5f766171e2ef0682ab27b1bd10fbe52e4d553b12893bfbaca5aa1bd639785c6646c3a7d0","ssdeep":"1536:p4SMTGR2t4n+3ifBHJR9WbUHk3j8YY+PwRM3CGJI9BqQM6kF:b4Fj8GPwRM3CiI9Bt8","tlshash":"6973c6593254b4770ade45b68037420bf2265d98b24b802cb5bcadde2a7dc863277f7c","size":80420,"data":"","first_seen":"2023-03-08T16:08:57Z","last_seen":"2026-05-21T15:43:06.996276Z","times_seen":7823,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ff03fafd037bc32b32d4ce0d1116bd3","sha1":"06421da958d2d1e447ffbf95b33b401d128b2506","sha256":"42d5e11c5351b854f40f383d246de1655a651f154dfff1dd186a1073c1b554b0","sha512":"6affc2dcccbbcbb8ab31cfb31463336289e56b7019d6c251a1029910326919f9038b1c6baee3392f0794a7ceb0f37ca059d5c53ec9b28a25acee547829dcb16b","ssdeep":"","tlshash":"e8d023953d79c9316195034a20b6d3a4266471a07b21b540c2cdcd1f5f11dd345b155c","size":217,"data":"","first_seen":"2025-09-19T05:53:22.856399Z","last_seen":"2025-09-19T05:53:22.856399Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7694d1b18075398e160b8b8c91e0f1da","sha1":"e23b3b93ca0b06f24e22fdbb46d013baff02a97b","sha256":"38754e91a201d2d1ca9af96647f62703d0c2ea9654b6ce16340f41fbeb5fe4fe","sha512":"e52be261aa326ef8850baa28a512ed4071f72af62cdbd30969dca2b2f915c4354b0aa60dfa6d431c081e0777e935afde1a6afc56764eb11a2d4bd2a9233f3b1a","ssdeep":"","tlshash":"c8f068ab21b2419c25f360168b07b784233352d73410c8aab94c83402f84f4e86bbfc9","size":468,"data":"","first_seen":"2025-08-18T14:02:42.188823Z","last_seen":"2026-01-25T05:41:11.371767Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"377c30a61b4a4c2c7e7f12281ed615d2","sha1":"cc8fe1c777c7aacf18f46539fb407a53c1dff279","sha256":"60048c5431ff0621a9ef16573c377be458921f35a1a8b21ea6dcbe8bfa86b8ab","sha512":"ac4cf8d563b9418d76dddc9adf1e0f38a5c6fd4ba8485b016ad8470c7f4fda89f4403ca8fd37abe8f7941100a5d8f9bc650c68f86cace5ffb7518b1f9f7181df","ssdeep":"96:MHquMW1I4V2P7p2wC5+tpO4vWw+kwJ3w++hBfE:sXl13+3C5ipO4vd+7JAzlE","tlshash":"d0e15f13f64329719abba0bf2ad701823ab95243bd04de05383cd5055fd7f47aab6389","size":7396,"data":"","first_seen":"2025-08-18T14:02:42.189724Z","last_seen":"2026-01-25T05:41:11.374426Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0aec80c6e972e58989dfe58e098b0eba","sha1":"6fb88c501463311180b573dcc80ab6f549831a1f","sha256":"51b76721e7e9b70b6fd2a3820cc006f59ee842f0dc0c8e1d16cc12b5a399a3ba","sha512":"a7fbb0127f23c18c8c80cd4f52dc06f419afb5a92fb6cf6707cf04b1ae5a721dc61fab6e6c55bca6ae69443c1f5ba19d5d739565b4bdffe4f4286de7dd33358d","ssdeep":"","tlshash":"01b0920e6039bcbc331e201caa923e81a83d44e942702e28f3aa46264b82406031d103","size":125,"data":"","first_seen":"2024-01-31T13:25:17Z","last_seen":"2026-05-20T07:03:18.075995Z","times_seen":155,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.6.2/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3ccb7fb2a471b100e7ed8183c55ef25","sha1":"0801a72aeb865769b6051770bbc5f9485882f998","sha256":"da4ad864a87ffcf71c851b5df87f95cb242867f7b711cae4c6133cc9cc0048f0","sha512":"b561e5bad167b86d02ea7411969beb121138429906d679f630e50c5a651e45e3e5e1edc0922d1507a5b5bf7a0b8c5b5dd2154eb5143d3c7a527cdeaeebf41791","ssdeep":"1536:uNjxXUcrnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQK:uhqmCU3zhINzfmR4lb3e34UQ47GKL","tlshash":"5c9318ddb2c6b06247a770ba407f610ff136199d684d4400f169d8e9bc78a4a827bf7d","size":89942,"data":"","first_seen":"2023-03-09T22:11:25Z","last_seen":"2026-05-21T02:57:35.801785Z","times_seen":1015,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"41b7e9451bdf2fc9846c6e5f3f1d173d","sha1":"55f9fda572acf04d082323868a787072db7e8b21","sha256":"fa7f29175f91c8b6574916acb2f1d605eaed2fc02aa6571c02665c358f24174a","sha512":"28093c2caebf9c028b5cbb294aae90cb8142787b219d4895a5f4acc628d3c4676959eb5aa6b6a50257768a74048f4989a6a974f1d45b7dc46974b8a5d344d69b","ssdeep":"","tlshash":"a71104753b1a5534c5c5414b317ee7a83d3260717e02a084c36ccc295d18d8314dfcbe","size":902,"data":"","first_seen":"2025-09-19T05:53:22.861112Z","last_seen":"2025-09-19T05:53:22.861112Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/widgets/latest/dropdown.js","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.12.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2292a28d2c6532fc8768f31ecd007881","sha1":"bda77f167795d553acdabfbed65dbf959bc1cee2","sha256":"6722cc3277e7ee4367bf249229a8e4c3f4965e349c13ef6f59eec2c53653a5c9","sha512":"2644dfb8b8169f35935715f92a1e335c725a59978cab5d146342af48ed72b24bef63bf04afbd5c1c0caf8ebbdd00e202f83687c874d55fcd695d2e2c6a5a4a3f","ssdeep":"192:2PzCvSMaV0ZATrR09wMmQZcNt3bwkWOXS0ZgAcyyL2dDmZFVxGy4nlfF:AzCKMPZATN09o0mtrwkK5SdDU8n","tlshash":"4f42e78a11b6107e5a271124fffe2a1c64f502874015fd21bfeecd439f81a98d36bb95","size":13064,"data":"","first_seen":"2024-12-21T23:47:55.83197Z","last_seen":"2026-05-04T23:53:40.660676Z","times_seen":749,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0a99466a425cdfc0866e877f6a1f0ca","sha1":"156e05a811ff0a4e84190da87ad68c03b65bf874","sha256":"15b90a05165af1003ad8b7040a693e7721b794ddda77c6ea1d0f7a272f3e6cec","sha512":"78e3f83256df4d65fae96fce85da7e34239738e6f9b768633b427fb1b0409c09f8c1d126dd58935f771314a80587b079692015ff94052bf91e6e7da690ce58c0","ssdeep":"192:aF5Otst9rFZxfPx9q/ALknqGMsd47FZNP7P4xL9cx/Cim:aKIZZxn7q/tqGMp7fNTIT/","tlshash":"1222f9973e7069d9079a5e93106f3ddb614ecd7284443d8603132e90be3229836defa9","size":9930,"data":"","first_seen":"2025-09-19T05:27:19.459733Z","last_seen":"2025-09-19T05:53:22.843533Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"metahelp-livechat.com/assets/WusY_bjv4z0.css","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /assets/WusY_bjv4z0.css HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 27 Nov 2024 18:21:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6747633e-32da2\"\r\ncontent-encoding: gzip\r\nage: 2039\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s0DC2Ogc2pg9ZZt1Mf5pUBWzISppCOoOJhL9dI30W0ou1mS6StHUETqyIf41b9O5zgcZkt4ipSSsbJSuRMWTESuxVgK7WrST4l9xBgj6v0GN6g%3D%3D\"}]}\r\ncf-ray: 9816b959f92756bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":208290,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (59539), with CRLF line terminators","md5":"b4ec8d2254c89bb8e49fe88dc630cd6c","sha1":"bb5f0a9d2559096bb2b9b933cbe237f451752107","sha256":"3715b1ec5219695050dc424c41fa5b868a44d6b4dfe25d27eaedab27f79c14cf","sha512":"8ba7f1ef4d3c84900c5a72731b4e09d0d573b298f204ce189e817fdb80a3fa5f031c1fb9537ae06e7a90a152a856dc49de283b63875bc9e9717e58d9761cd80f","ssdeep":"1536:UagTmZRPI7oVwaQE8IxfkzJe8V04Tvv01+qws2qFaPWMqiiStA1uqrJVfS:LoIP3Q1T02qaOIip17V6","tlshash":"2f1454ddb761d33cfe27a51b938dba7ca1047d02ce5299e2fa42a455a5c3ff40632118","first_seen":"2025-01-15T20:35:35.739766Z","last_seen":"2026-01-25T05:41:11.368897Z","times_seen":71,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/iwK5Knv.png","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.196.193","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /iwK5Knv.png HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://metahelp-livechat.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Thu, 07 Nov 2024 11:13:56 GMT\r\netag: \"9455e56c1e9acb15a6f137c605f8a7dd\"\r\nx-amz-storage-class: STANDARD_IA\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: zWVnRQ9JehUKnbetOEzZcfuvVgv0HNWqLVjoqBpfzUI5n4GfBkhpUA==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nage: 198306\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\nx-served-by: cache-iad-kcgs7200078-IAD, cache-hel1410031-HEL\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 38, 0\r\nx-timer: S1758260172.184385,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 414800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":414800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 265 x 1686, 8-bit/color RGBA, non-interlaced","md5":"9455e56c1e9acb15a6f137c605f8a7dd","sha1":"65e63ac726fcdd0c24a95f641ad9ba6d4e79a1cf","sha256":"9df82d427f6ab56c4b9a4caf1b649e81e65e3cfe0f0c69b6220eaef593e00ce7","sha512":"0281a0ea7f583ea2c1ddaa6955d5002668a3f3def341c61e353fac8a41d3ccd1c9eae82fa9d1c31e1784d47661cc3b71ba96464e43a189daa1a875b65ed7ba7e","ssdeep":"12288:RcRBLukmTLg3VZ6Dsys3236nxz5y8HzWq0+eL4FHIrt:KR5ukmPa6Dn/36nxVeH+eL46","tlshash":"2e9423ea55cd4edf73eb03d451925621efa5403200db0562d00abbe2eec37b96cea725","first_seen":"2024-11-14T04:12:54.213982Z","last_seen":"2026-01-25T05:41:11.360648Z","times_seen":28,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":93,"dns":6,"connect":29,"send":0,"wait":28,"receive":98,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f78657f80e4b/main.js?","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/f78657f80e4b/main.js? HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9816b95cdbbf56bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9930,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9930), with no line terminators","md5":"e0a99466a425cdfc0866e877f6a1f0ca","sha1":"156e05a811ff0a4e84190da87ad68c03b65bf874","sha256":"15b90a05165af1003ad8b7040a693e7721b794ddda77c6ea1d0f7a272f3e6cec","sha512":"78e3f83256df4d65fae96fce85da7e34239738e6f9b768633b427fb1b0409c09f8c1d126dd58935f771314a80587b079692015ff94052bf91e6e7da690ce58c0","ssdeep":"192:aF5Otst9rFZxfPx9q/ALknqGMsd47FZNP7P4xL9cx/Cim:aKIZZxn7q/tqGMp7fNTIT/","tlshash":"1222f9973e7069d9079a5e93106f3ddb614ecd7284443d8603132e90be3229836defa9","first_seen":"2025-09-19T05:27:19.459733Z","last_seen":"2025-09-19T05:53:22.843533Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"track.trckacbm.com/url/ver/864219246/3391698/7e96e9d0c1b35b0647f13fe0a0c4a46e/","fqdn":"track.trckacbm.com","domain":"trckacbm.com","tld":"com"},"ip":{"addr":"185.2.150.180","port":443,"asn":29119,"as":"Aire Networks Del Mediterraneo Sl Unipersonal","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-19T05:36:09.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"acblnk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 Aug 2025 23:05:20 GMT","end":"Thu, 27 Nov 2025 23:05:19 GMT"},"fingerprint":{"sha1":"4E:D6:26:17:1C:37:0E:C1:14:0F:3B:E6:90:1D:7F:8C:6D:6C:00:4E","sha256":"F6:38:C3:2C:89:F2:09:D3:4A:49:B1:2C:29:B8:CC:59:BB:BF:9E:63:17:92:68:41:8E:D6:8E:1D:69:EE:C3:02"}}},"request":{"raw":"GET /url/ver/864219246/3391698/7e96e9d0c1b35b0647f13fe0a0c4a46e/ HTTP/1.1\r\nHost: track.trckacbm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Fri, 19 Sep 2025 05:36:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://sud.short.gy/GQWsYC?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail\r\ncontent-language: en\r\nvary: Accept-Language, Origin, Cookie\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":741199,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-21T17:23:37.112312Z","times_seen":15507115,"resource_available":true,"data":null}},"time_used":360,"timings":{"blocked":143,"dns":1,"connect":44,"send":0,"wait":73,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-19T05:36:09.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZSEvRIqDylF6WDDAy8KwirfpxrYwlVOA1gOstOTaCNudqnHTDqNwvLOaSqcNhDRKTnoNxxr%2Fmua41XNsR3iSaciES5M5T2HnaULRF0bd5TgJUA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=ped0hls84paockdo452khsjm5v; Path=/\r\ncf-ray: 9816b94e8fb156bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap:5.2.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.6.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":741199,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (55293), with CRLF line terminators","md5":"c55824e5654dff174c88e3c8676ce6fa","sha1":"5ee9ccec1a192a39a3a799fb828900d13907703d","sha256":"e6c7318dff1fa91e085796037f64cd554a64965eb6a891af76cd6a2cd9cae5bc","sha512":"07253686c93e38e7c7b69af891837836a327715dc38f4cd61e4969b3a5022d8a3686f37211751d23c2ccd3b21320f91389cdf667e3f4f58b3012c59502d3a6db","ssdeep":"12288:2WrQMCiy2DgjzLcfrs8vpaS4+/V+OeHsB8/pk3AMtiNjg18IwpCzbVr64yhSZb9N:2WUxR3gDBL/V+vMB8RkBi618IwpCzbVD","tlshash":"d9f4e030b152b42a257b02e684715b5dfe6ad743d1024fe4f5ed72f26fbb698c823a04","first_seen":"2025-09-19T05:53:22.846938Z","last_seen":"2025-09-19T05:53:22.846938Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1232,"timings":{"blocked":22,"dns":0,"connect":1,"send":0,"wait":1188,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/assets/NS6uQcHt1fI.css","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /assets/NS6uQcHt1fI.css HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 28 Nov 2024 18:48:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6748bb00-1392d\"\r\ncontent-encoding: gzip\r\nage: 2039\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VegHXZ%2B9iy%2B3roospreOsyzHH%2BiuoJi%2BdUoF6KSCbf6%2FPeI6rNqM1cQb%2BhCLdo8NaYSL1S8TS7Iu4BO7NlCXOkFe1oSe5EU9TP30fsuYUiv6cw%3D%3D\"}]}\r\ncf-ray: 9816b959f92556bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24657), with CRLF line terminators","md5":"95c64e83c9d5bea558fc9557b9c9117c","sha1":"bc14ec8b805ba5d4bf1aaaf574baea642d88ae2e","sha256":"1be0e0aa1bef3637d9534c0f232fe0ca8b00d7456ef3474a30ec8a6296135266","sha512":"234158798211c9293dcf43e976ded13524c0199e7dd212d9262bb2fbfc6f59b21ff7ca5bb9f14006fd95d3207cc4dfb7822b08ab7e60b68eea667cff6f0d33a3","ssdeep":"768:1opW1p9g080TxJD/8s0s+08JNTimYKakdlzy:UWRn6JER","tlshash":"f27333221989313dfd23c731f8a86bc63039c787e6f35b7ea4653978e2415e49933a94","first_seen":"2025-01-03T18:37:11.452847Z","last_seen":"2026-01-25T05:41:11.367444Z","times_seen":68,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.6809820185189369:1758256994:BI_UM_n1OukwX-iLH3Yql6TDF3TukUgBKWdiGIQI49c/9816b94e8fb156bb","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.6809820185189369:1758256994:BI_UM_n1OukwX-iLH3Yql6TDF3TukUgBKWdiGIQI49c/9816b94e8fb156bb HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12159\r\nOrigin: https://metahelp-livechat.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\nserver: cloudflare\r\nset-cookie: cf_clearance=pCV9kn5t_AkjJYvzf8VEszfMYmdjtH5gAnlWmfiwsLY-1758260172-1.2.1.1-fWENPXPIUbD5HiuaeHpY18DfDzZ9QHct2Jw2TxOErTA3hin4WAvy4b5cPeDRs0vm0liGRzJd_V0SWbl_03GoD0tPBT1lb895epeTAdVObIhad5nWTpWW1_NvFBVW3ngo0bjEasfj7UiKcdFYwcmzruxa51umoPmOFQbIEgiKQ6PVWSm.kYBdWCEKsdHAMP4ifZOTjcl1hikw9cZ98A8dznK45pE_83TTT61dMrXGRGo; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=metahelp-livechat.com; Expires=Sat, 19 Sep 2026 05:36:12 GMT\r\ncf-ray: 9816b95dcc7256bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-21T17:23:37.112312Z","times_seen":15507115,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sud.short.gy/GQWsYC?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","fqdn":"sud.short.gy","domain":"short.gy","tld":"gy"},"ip":{"addr":"91.197.243.143","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-19T05:36:09.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.short.gy","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 08 Sep 2025 00:00:00 GMT","end":"Sun, 07 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"19:D8:23:6A:91:1E:A3:9A:1F:80:03:DE:F1:19:09:16:F3:D4:57:B6","sha256":"78:E9:3C:FB:91:4F:1F:87:77:93:2D:35:B0:A1:CA:8C:8B:D6:15:1A:01:81:35:2B:AA:DA:8A:DA:2D:49:60:88"}}},"request":{"raw":"GET /GQWsYC?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail HTTP/1.1\r\nHost: sud.short.gy\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: no-cache, no-store, must-revalidate\r\nlocation: https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail\r\npragma: no-cache\r\nx-content-type-options: nosniff\r\ncontent-length: 0\r\ndate: Fri, 19 Sep 2025 05:36:09 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":741199,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-21T17:23:37.112312Z","times_seen":15507115,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":79,"dns":1,"connect":1,"send":0,"wait":21,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.6.2/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.2/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metahelp-livechat.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 28098\r\ncf-ray: 9816b95a0c5256a2-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"63989504-6dc2\"\r\nlast-modified: Tue, 13 Dec 2022 15:06:44 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1950630\r\nexpires: Wed, 09 Sep 2026 05:36:11 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=m730aH3IUJLKqivEdT8qolDeGWRZhOlGJHAjFJZoZq8%2BEuRpfhnZ%2B8ASLC4cVzRT68ubLjz9%2Fr4%2B74u%2FH75k6L3%2F5dnc8xhKrjOUqER2Ycx9rrC4FaVcvUTqa7YSh7hZB7RMMGIK\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89942,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"e3ccb7fb2a471b100e7ed8183c55ef25","sha1":"0801a72aeb865769b6051770bbc5f9485882f998","sha256":"da4ad864a87ffcf71c851b5df87f95cb242867f7b711cae4c6133cc9cc0048f0","sha512":"b561e5bad167b86d02ea7411969beb121138429906d679f630e50c5a651e45e3e5e1edc0922d1507a5b5bf7a0b8c5b5dd2154eb5143d3c7a527cdeaeebf41791","ssdeep":"1536:uNjxXUcrnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQK:uhqmCU3zhINzfmR4lb3e34UQ47GKL","tlshash":"5c9318ddb2c6b06247a770ba407f610ff136199d684d4400f169d8e9bc78a4a827bf7d","first_seen":"2023-03-09T22:11:25Z","last_seen":"2026-05-21T02:57:35.801785Z","times_seen":1015,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":15,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.2.3/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metahelp-livechat.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.2.3\r\nx-jsd-version-type: version\r\netag: W/\"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\nage: 3198688\r\nx-served-by: cache-fra-etou8220160-FRA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":194901,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65305)","md5":"3f30c2c47d7d23c7a994db0c862d45a5","sha1":"7791dd1f3173a0d62cc39c21d2ad71fc8dad0e72","sha256":"c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a","sha512":"49b891fdebaca612a8315557cac4ca1bfed5b1e5a28be63715d1ebb741292a0a53a1979e9a1a8779978b58b849badcffdaeb76570d6e4048f631b445f9354150","ssdeep":"1536:ZtGg9JfWgeQK5wlP72qgOfI3N9LsqkVkpz600I4lp:ZtGg9JfWD9kVkpz600I4lp","tlshash":"991482d6f190307d98a7c2499591fefd866fa585d7120aaaf0137b6807ca7c30963ecc","first_seen":"2023-04-05T16:04:29Z","last_seen":"2026-05-21T16:52:13.773945Z","times_seen":7867,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":56,"dns":0,"connect":28,"send":0,"wait":27,"receive":9,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metahelp-livechat.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.2.3\r\nx-jsd-version-type: version\r\netag: W/\"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\nage: 2587599\r\nx-served-by: cache-fra-eddf8230084-FRA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 24659\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80420,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"b75ae000439862b6a97d2129c85680e8","sha1":"90d15036ef48fcb336a135bae812b45669f19044","sha256":"9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b","sha512":"8bd7047c9c14c158843c529d0b57a7cf86511818fc610a3a401c854c5f766171e2ef0682ab27b1bd10fbe52e4d553b12893bfbaca5aa1bd639785c6646c3a7d0","ssdeep":"1536:p4SMTGR2t4n+3ifBHJR9WbUHk3j8YY+PwRM3CGJI9BqQM6kF:b4Fj8GPwRM3CiI9Bt8","tlshash":"6973c6593254b4770ade45b68037420bf2265d98b24b802cb5bcadde2a7dc863277f7c","first_seen":"2023-03-08T16:08:57Z","last_seen":"2026-05-21T15:43:06.996276Z","times_seen":7823,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":60,"dns":4,"connect":26,"send":0,"wait":29,"receive":20,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/assets/YNN7mTKzEpW.css","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /assets/YNN7mTKzEpW.css HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 28 Nov 2024 07:54:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"674821ba-16b4b\"\r\ncontent-encoding: gzip\r\nage: 2039\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HLiM7oC4dQ%2FRJqTGp%2FVfXZJNz0TuC7WJ6joiU9%2FLb%2BLE1Z5%2B2OaeCbgdvNq6%2FNFZDjGGz4vz58VWMPUx80jA%2FNE29d7kL4R45KksIplqSzGSvA%3D%3D\"}]}\r\ncf-ray: 9816b95a093456bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93003,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (518), with CRLF line terminators","md5":"42c833ad56da95ac2c39a3e317ea86da","sha1":"68aa884e83878c8d9fc7cd56c427eaf1144b9e09","sha256":"834d447bfb0739f160b8d9dd8b83411fe59970c8c708b5b65a0f81b2dc7deaf5","sha512":"3e71bccd5318cbc275c766a7371251d64b0a0d5f97f645d61aae81bbc0ca311047eb4c6fb1953a4c01778bc9b043b8fc2d7aa481480949c4878108d6e9bd7ac2","ssdeep":"1536:GaHTnsJWV5xutEbrhifcQAUq0Tk3k7FR4D:tHLsJWV5aE8fcATYkb4D","tlshash":"01930c208a03354bb3338f74abb40645fe660b379e864179b7d4719c8ff49b85a21e9d","first_seen":"2025-08-18T14:02:42.180608Z","last_seen":"2026-01-25T05:41:11.357421Z","times_seen":22,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/widgets/latest/dropdown.js","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.12.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:11.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtranslate.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Sep 2025 00:58:13 GMT","end":"Tue, 02 Dec 2025 01:58:08 GMT"},"fingerprint":{"sha1":"7F:BD:69:96:67:8F:C1:80:B4:56:CA:2D:BF:6F:D7:53:85:AA:5F:49","sha256":"AA:9D:26:FB:CB:9A:0B:7E:9D:10:97:23:1E:00:BD:73:1D:C4:E3:24:4F:90:DD:89:36:30:85:35:4F:35:2A:EA"}}},"request":{"raw":"GET /widgets/latest/dropdown.js HTTP/1.1\r\nHost: cdn.gtranslate.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:11 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 18 Dec 2024 23:02:20 GMT\r\nvary: accept-encoding\r\nexpires: Sat, 29 Aug 2026 04:51:34 GMT\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 1817077\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eP9S9kTJkqOrHOIQ7UlxRF%2FViZLkztaeLVQyO8swNSXwFVpEaBv4md3Ep5is2VISX9sBpIwBfKVW8Ksyt%2FgCiSl4jrZtI5IKjhhSqHhRGA%3D%3D\"}]}\r\netag: W/\"6763547c-3308\"\r\ncontent-encoding: br\r\ncf-ray: 9816b95a39dda0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13064,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3129)","md5":"2292a28d2c6532fc8768f31ecd007881","sha1":"bda77f167795d553acdabfbed65dbf959bc1cee2","sha256":"6722cc3277e7ee4367bf249229a8e4c3f4965e349c13ef6f59eec2c53653a5c9","sha512":"2644dfb8b8169f35935715f92a1e335c725a59978cab5d146342af48ed72b24bef63bf04afbd5c1c0caf8ebbdd00e202f83687c874d55fcd695d2e2c6a5a4a3f","ssdeep":"192:2PzCvSMaV0ZATrR09wMmQZcNt3bwkWOXS0ZgAcyyL2dDmZFVxGy4nlfF:AzCKMPZATN09o0mtrwkK5SdDU8n","tlshash":"4f42e78a11b6107e5a271124fffe2a1c64f502874015fd21bfeecd439f81a98d36bb95","first_seen":"2024-12-21T23:47:55.83197Z","last_seen":"2026-05-04T23:53:40.660676Z","times_seen":749,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":19,"dns":0,"connect":1,"send":0,"wait":10,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/Vaz7lim.png","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.196.193","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /Vaz7lim.png HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://metahelp-livechat.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Thu, 07 Nov 2024 10:41:37 GMT\r\netag: \"2001ab68e1a68613f7cdceccebfce842\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: PHL50-C1\r\nx-amz-cf-id: hdrXP2dXjQ-lU1Pox0zuHNG8r2zmK95Zg3LhnZKcEqA3yw5zRuVzKw==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\nage: 538118\r\nx-served-by: cache-iad-kjyo7100173-IAD, cache-hel1410031-HEL\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 217, 1\r\nx-timer: S1758260172.182820,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 10565\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":10565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 1103, 8-bit/color RGBA, non-interlaced","md5":"2001ab68e1a68613f7cdceccebfce842","sha1":"c285ab4c342a7c1db03f7b4a9ccc33f468801f85","sha256":"af83d90b8a554c2a4e8f963f572b539cdae4af41b94c97b8ee0c24431626e3a9","sha512":"de8e647609d3e5d6203b5bde3e61b0c97c456c81a3a25f77f3c7c8ad3ef82c5a2e1afec36989c534c5c53c91d1dd3fbc0e1e4205051dcbc378782e21c86c7e03","ssdeep":"192:fftpsGr3tUz4FKT2Q56vNsewFmLCoIk1bSsZwnY1DS9xzYoWczP5aQJ3:nH3tUz4FKT2UMiIO9k1usT2XUbczPsQh","tlshash":"1f22b0cc05f296d180c8a472917ebacbbe793dca28cb65d276bd4bc4107a07f1c801da","first_seen":"2024-11-14T04:12:54.207657Z","last_seen":"2025-09-19T06:05:15.185105Z","times_seen":31,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":95,"dns":9,"connect":26,"send":0,"wait":28,"receive":2,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/assets/zSaFQ46AO2w.woff2","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /assets/zSaFQ46AO2w.woff2 HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metahelp-livechat.com/assets/YNN7mTKzEpW.css\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11020\r\nserver: cloudflare\r\nlast-modified: Thu, 28 Nov 2024 07:50:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"674820d0-2b0c\"\r\naccept-ranges: bytes\r\nage: 2039\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y21FYv0kDH%2BkUfWU7aXo4694%2Bq8EHdxBLrGxx9P4Nufin8YlFIEMcbRhXXJAtBwgM9lhgRFPuZ5KoAbUmOWKk2xPYRDpB%2BHHpTXgaxTUkCz0Jg%3D%3D\"}]}\r\ncf-ray: 9816b95b8ae956bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11020,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11020, version 1.0","md5":"a59072f933169d3f2db497f44ca4cbbe","sha1":"5789e81a66958aabc7590c1ddd41058335636027","sha256":"0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e","sha512":"127525e8c8cd9bd71126ea6acf26f79285d0fd83c3e8dc0544919c71b538a961137e65b54ecb0a95b0b8c566270a92d33642608be9473a9600175484419031a7","ssdeep":"192:plawu5HPwH5Vgyn469P2/WX9brFZ9ZamIEyh2pK7Sfau5SXUB901itip:WYH5VgynxEO9bv9sEyhUK7SfDIp","tlshash":"6032bffe359ce6678c6335f0c0ae43b6144a3283d1b3c9346809f7629d75aa4a2315ea","first_seen":"2023-04-05T15:00:23Z","last_seen":"2026-05-20T17:22:12.272432Z","times_seen":10474,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/assets/c_1vdG88uNh.woff2","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /assets/c_1vdG88uNh.woff2 HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metahelp-livechat.com/assets/YNN7mTKzEpW.css\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11016\r\nserver: cloudflare\r\nlast-modified: Thu, 28 Nov 2024 07:51:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67482104-2b08\"\r\naccept-ranges: bytes\r\nage: 2039\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3VGuMM8b08e%2FDJQ5y%2Fub0%2B3DM70n5vMt%2BGHdlaDKzLPQumFxBZKM7%2Ffo7nt8IPDcz5PVPdyv5tUy8cCeZ8BW0FbcX2kjLOvl%2BPswyA5PTBSZqw%3D%3D\"}]}\r\ncf-ray: 9816b95b9aed56bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-05-20T17:22:12.286444Z","times_seen":33683,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metahelp-livechat.com/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"metahelp-livechat.com","domain":"metahelp-livechat.com","tld":"com"},"ip":{"addr":"104.26.5.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metahelp-livechat.com/?utm_campaign=ind\u0026utm_medium=email\u0026utm_source=acumbamail","date":"2025-09-19T05:36:12.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metahelp-livechat.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 00:59:16 GMT","end":"Thu, 18 Dec 2025 01:59:12 GMT"},"fingerprint":{"sha1":"73:15:19:7F:1A:93:D0:29:AC:57:35:48:D9:B8:FF:75:62:C9:4B:34","sha256":"19:83:47:74:56:9B:EF:67:C9:06:6D:DF:D8:65:3E:DD:64:95:DC:B0:67:3F:91:C4:C3:D9:87:47:2A:91:BB:2F"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: metahelp-livechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ped0hls84paockdo452khsjm5v\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 19 Sep 2025 05:36:12 GMT\r\ncontent-length: 0\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f78657f80e4b/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 9816b95cab9e56bb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9930,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-21T17:23:37.112312Z","times_seen":15507115,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-19","alert":"Sinkholed","trigger":"metahelp-livechat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}