{"report_id":"d37656d2-113c-43ed-baed-21a5d9916c91","version":6,"status":"done","tags":[],"date":"2026-01-14T17:17:51Z","url":{"schema":"http","addr":"1pt.co/help-center-here-appeal-now","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/?i=1","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"title":"Privacy Center","dom":{"size":108370,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (635)","md5":"87eb7f70b2442ae92318d7267b2db33b","sha1":"c5ab90a5bbf29451aa26d867d547d75f03f2ae9e","sha256":"968e80d09ee627d9fcf57806015bf633f2ca538ffb66a2cf2a922ff95831fe49","sha512":"5fcc3b62aefbd3367fcdb650ca0337fbce6650b6bbd3532ad8d83de93bc710e6d7b72c8f8a6db24ab37bb2678987f05714f3398f8860fa5304c2e221a2f19d38","ssdeep":"1536:rwrQmUxzakosxm0yaWUHoV88EGtM/8+YMO7k9F8PV4gklmoLrlm6AJOklVY7EE:s50yaWcy88/48+YMO7AyV1Xcp","tlshash":"a0b3e8de7275e411144fa9ad23d92b3a1694a013c106db103bac5a7c9f8ee89cd733ed","dom_hash":"domhashfd8936bb9a72931b57e7ca9ffe644d05","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"1pt.co/help-center-here-appeal-now","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-18T17:17:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"1pt.co","ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2018-11-08","domain_rank":0,"first_seen":"2015-04-16T16:53:25Z","last_seen":"2026-01-12T07:16:58.485777Z","alert_count":14,"request_count":7,"received_data":12978,"sent_data":3267,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}]},{"fqdn":"errors.infinityfree.net","ip":{"addr":"104.26.9.174","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-18","domain_rank":3024566,"first_seen":"2022-05-27T01:14:37Z","last_seen":"2026-01-14T12:37:03.712776Z","alert_count":0,"request_count":1,"received_data":659,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"upload.wikimedia.org","ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"domain_registered":"2003-03-16","domain_rank":4329,"first_seen":"2012-05-21T09:39:45Z","last_seen":"2026-01-12T05:17:24.369763Z","alert_count":0,"request_count":1,"received_data":17108,"sent_data":545,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}]},{"fqdn":"appeal-now-bad-post-here2.page.gd","ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2025-07-25","domain_rank":0,"first_seen":"2026-01-14T17:17:51.74312Z","last_seen":"2026-01-14T17:17:51.74312Z","alert_count":8,"request_count":4,"received_data":123628,"sent_data":2110,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-11T22:24:29.090978Z","alert_count":0,"request_count":2,"received_data":254184,"sent_data":1055,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ik.imagekit.io","ip":{"addr":"54.240.174.126","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2016-01-17","domain_rank":153981,"first_seen":"2017-04-02T12:17:08Z","last_seen":"2026-01-14T14:08:44.788623Z","alert_count":0,"request_count":1,"received_data":30854,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"ImageKit","description":"ImageKit is a real-time image and video transformation, optimization, and delivery service with built-in digital asset management, powered by a global CDN.","website":"https://imagekit.io/","common_platform_enumeration":"","icon":"ImageKit.svg","categories":["CDN","Digital asset management"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"resource2.heygen.ai","ip":{"addr":"52.84.50.29","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-02-15","domain_rank":2030685,"first_seen":"2024-10-08T01:29:51Z","last_seen":"2026-01-08T16:33:05.298187Z","alert_count":0,"request_count":1,"received_data":1573561,"sent_data":570,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"thakkaha.dev.fast.sheridanc.on.ca","ip":{"addr":"142.55.32.52","port":443,"asn":5664,"as":"SHERIDAN-NET","country":"Canada","country_code":"CA"},"domain_registered":"2000-10-03","domain_rank":0,"first_seen":"2026-01-12T07:16:57.95987Z","last_seen":"2026-01-12T07:16:57.95987Z","alert_count":0,"request_count":1,"received_data":389,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"1pt.co/resources/js/redirect.js?2","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb6e12db3829c771d191c6db6122cf7c","sha1":"f9b91aadf9289da6fa185d58206bbe1302889aad","sha256":"ddbb12befd480963f2068453c9566bc38bf69d521322e53e20cbf528ff24f4c2","sha512":"fc511a553f0ae36a8c07cd09010a4da7d4f16150c8bfdb77aa7abdf351b8fd7a7b2c34013a8cb8e42bfd231e41924c02d4b08988acbe53a744a8b6a610ff7f03","ssdeep":"","tlshash":"b711218e7108221a27fa72358b2bd204fb7b446742000009364cd0c02f3467dd2befee","size":1035,"data":"","first_seen":"2026-01-12T07:17:03.742502Z","last_seen":"2026-03-15T16:57:52.22118Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"d0de6001dd089eb71847f4da6faea174","sha1":"1c804a7bb0eb4d428a4f51e14475c580b6b094ef","sha256":"88f119269fe32bc045017a96e4478d74b83ff4bdc885c313ac660d2a48379ec2","sha512":"9f75dc9dbb46726adf1599ef017933e7fa36c9aaa622abdcf2fbd346bae41e45bf7577fccb8ec2793600469bba6f716300116bc1208bbdd489bd67308e2c266f","ssdeep":"","tlshash":"dcf00274f030a1984bc05056087b550f942216a2f503c2ebd00696a469a29dc0a9de2f","size":621,"data":"","first_seen":"2026-01-14T17:17:56.202307Z","last_seen":"2026-01-14T17:17:56.202307Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/aes.js","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc66e046447092c606f2587837f96874","sha1":"fcf354a8044f494ee1f9fe868dde3f570f50e593","sha256":"5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96","sha512":"51cd149b2876e90621afc579fb172e253548a851d4c202181e1faba812f5beb1ae9ccf9f153137f60c569e05a79dcb272176e0126eceac54316208d2699a689f","ssdeep":"192:4hsoEj776Bn/tnHcgaollys/6+EgH3JLg7oLu0MyMVu:i50/3xoGs/jE839g2FB1","tlshash":"355200c203894a7cf2c92ed68c2f605620f3e54a3d251249efb399dbbc77d895075a36","size":13733,"data":"","first_seen":"2023-10-15T19:29:47Z","last_seen":"2026-05-19T15:43:06.821277Z","times_seen":7289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/?i=1","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d6001b3b96c0af0826a61ec86a9e482","sha1":"3d44330a8039528eebe6e9b56f6dd7c68f36588b","sha256":"c5c38056a10691354b1fa2b4129d1105c6932e38b00188f96092dd557129839c","sha512":"033e2f57b8c05131f9f7c934d4018f0cf4b3198e3c1af91993a2771e646b58227d915afe441a5e81cfbecf6f3d1c371baed49b6a74ff22d125f21388cb8a2692","ssdeep":"1536:N/8+YMO7k9F8PV4gklmoLrlm6AJOklVY7En:58+YMO7AyV1Xc8","tlshash":"e45394dc7238f960458f7d6e228c2b38599420239652e7513b6c5a391f8de4ecd732ae","size":61366,"data":"","first_seen":"2026-01-14T17:17:56.204083Z","last_seen":"2026-01-14T17:17:56.204083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"1pt.co/help-center-here-appeal-now","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-14T17:17:28.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1pt.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 07:04:37 GMT","end":"Fri, 27 Mar 2026 07:04:36 GMT"},"fingerprint":{"sha1":"B7:F7:45:40:3C:51:AE:2E:FD:C5:19:AD:C8:F9:A2:6C:49:B3:6F:25","sha256":"4E:FE:FA:FE:6B:28:2F:BF:34:A4:C3:43:6A:F4:D7:4B:6A:B5:03:8F:D0:59:E5:62:25:CF:BA:BC:ED:95:4F:B5"}}},"request":{"raw":"GET /help-center-here-appeal-now HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: GitHub.com\r\ncontent-type: text/html; charset=utf-8\r\nx-origin-cache: HIT\r\naccess-control-allow-origin: *\r\netag: W/\"68e19849-7c8\"\r\ncontent-encoding: gzip\r\nx-proxy-cache: HIT\r\nx-github-request-id: 43E2:A8884:1F5C82:1FCE09:6967CFA8\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 14 Jan 2026 17:17:28 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410032-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1768411049.736596,VS0,VE120\r\nvary: Accept-Encoding\r\nx-fastly-request-id: a383df8fd1dbf40e60f36a34fcb306e610f582f7\r\ncontent-length: 772\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":1992,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"5131c864e635830bc84a08f5ae531e75","sha1":"7d2e432bb61d0eba2c06626c7f62142d672f9698","sha256":"54b515d9589eb11c3ee125907ebc9221a789e86f12037b38d0883b749a6f4313","sha512":"4b0159dc63a369b6856a2aae8fd9a312e9f40504a7790bb1feff1addd4394667b1d19284d5a466822b5052fa3fd3bd94cea397ead87641de154ad9e547381d9e","ssdeep":"","tlshash":"ee41e1935c80ac29633291184b96b10dca13d5d7ca693c18f2cf119f5ff2ee484e3a6b","first_seen":"2023-05-10T21:55:37Z","last_seen":"2026-03-15T16:57:52.217734Z","times_seen":8,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":103,"dns":41,"connect":26,"send":0,"wait":147,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"1pt.co/help-center-here-appeal-now","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":80,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-14T17:17:28.968Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /help-center-here-appeal-now HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nConnection: keep-alive\r\nContent-Length: 162\r\nServer: GitHub.com\r\nContent-Type: text/html\r\nLocation: https://1pt.co/help-center-here-appeal-now\r\nX-GitHub-Request-Id: DAF0:A8884:1F5CB1:1FCE36:6967CFA8\r\nAccept-Ranges: bytes\r\nAge: 0\r\nDate: Wed, 14 Jan 2026 17:17:29 GMT\r\nVia: 1.1 varnish\r\nX-Served-By: cache-hel1410030-HEL\r\nX-Cache: MISS\r\nX-Cache-Hits: 0\r\nX-Timer: S1768411049.016528,VS0,VE125\r\nVary: Accept-Encoding\r\nX-Fastly-Request-ID: c13d8c456e1e2bfbed60aca7e62fec1754d09a5b\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":1992,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T15:11:14.857117Z","times_seen":15442225,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":25,"dns":1,"connect":27,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-14T17:17:30.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"page.gd","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 03 Jan 2026 00:00:00 GMT","end":"Fri, 03 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:FB:C9:96:6F:DE:F0:22:AA:CD:F8:55:68:AE:29:6C:7B:AE:73:EB","sha256":"ED:53:F7:9E:A7:85:2E:D2:53:08:38:DB:FB:1B:5A:19:D6:1C:56:B4:2E:01:3E:94:A7:2F:F2:B3:FB:59:26:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: appeal-now-bad-post-here2.page.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1pt.co/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Wed, 14 Jan 2026 17:17:30 GMT\r\nContent-Type: text/html\r\nContent-Length: 860\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":860,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (860), with no line terminators","md5":"b8f7473fc52fbe6aaafe21ec06fd6191","sha1":"e57ddb343789bc2e88b37d070584284e6fab1a6f","sha256":"281f3d6ba9807dcc2ba08094d77c6af4836fd83de85e77bd752568eb01ce5f64","sha512":"1b6ed770d6c8674cd244480af664ff1cc0a3826761c6cb8b83d2e6198435e0137570f87c0ade173d27d804841238487093dc048b56a1874209ea092d99a5ad96","ssdeep":"","tlshash":"f21146b4ec60e0859bc000d51876d55f6812d5b6f502caafd0c142e865e17dc0e8dd3f","first_seen":"2026-01-14T17:17:56.179156Z","last_seen":"2026-01-14T17:17:56.179156Z","times_seen":1,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":305,"dns":152,"connect":34,"send":0,"wait":34,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://appeal-now-bad-post-here2.page.gd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 14 Jan 2026 17:17:31 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\ncf-ray: 9bdec98f5a3e56b9-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2213382\r\nexpires: Mon, 04 Jan 2027 17:17:31 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CrDzdX72s17YC8Fq0fVJN9q9asdD%2Bo4qf70dX0btF6E7AsId2wYjRw7PQalg%2BdMekj9rPiVey5cVAD18MShPrtUSl81W3G8I0AABR8dfw%2FP%2FXfa98YW%2BmMHN50MHCeyRCB7etfVx\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-05-19T14:59:36.330554Z","times_seen":35994,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":16,"dns":1,"connect":0,"send":0,"wait":13,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"errors.infinityfree.net/errors/404/","fqdn":"errors.infinityfree.net","domain":"infinityfree.net","tld":"net"},"ip":{"addr":"104.26.9.174","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"infinityfree.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 18:28:04 GMT","end":"Thu, 26 Mar 2026 19:27:52 GMT"},"fingerprint":{"sha1":"AD:AC:6A:92:F0:7E:1F:96:89:B4:DD:CC:BD:4F:F3:3F:AA:FB:8F:DE","sha256":"16:25:0A:47:85:C4:FD:AA:C5:92:AB:45:1C:01:49:C4:D0:3B:AA:EF:E6:FC:5F:2E:AF:05:51:DC:79:0E:48:7F"}}},"request":{"raw":"GET /errors/404/ HTTP/1.1\r\nHost: errors.infinityfree.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 14 Jan 2026 17:17:32 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: frame-ancestors *\r\nx-content-type-options: nosniff\r\nx-frame-options: ALLOWALL\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ndi97%2Bz64jR9abMExw6A3vJPGpKoUeI1GqHNfuaSpB3awz%2F%2Bxb0pN6wRT6PdIkatyaqOI5omDY2j6tpXBZw%2BIeIN1DWUmI4WMW7iCKJdmzUG15zD\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9bdec992d9a52efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T15:11:14.857117Z","times_seen":15442225,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":16,"connect":1,"send":0,"wait":180,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1pt.co/resources/favicon/favicon-16x16.png?v=2","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1pt.co/help-center-here-appeal-now","date":"2026-01-14T17:17:29.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1pt.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 07:04:37 GMT","end":"Fri, 27 Mar 2026 07:04:36 GMT"},"fingerprint":{"sha1":"B7:F7:45:40:3C:51:AE:2E:FD:C5:19:AD:C8:F9:A2:6C:49:B3:6F:25","sha256":"4E:FE:FA:FE:6B:28:2F:BF:34:A4:C3:43:6A:F4:D7:4B:6A:B5:03:8F:D0:59:E5:62:25:CF:BA:BC:ED:95:4F:B5"}}},"request":{"raw":"GET /resources/favicon/favicon-16x16.png?v=2 HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1pt.co/help-center-here-appeal-now\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Oct 2025 21:57:29 GMT\r\naccess-control-allow-origin: *\r\netag: \"68e19849-18e\"\r\nexpires: Wed, 14 Jan 2026 16:32:26 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 3BC6:21B0F6:14716C:14B78F:6967C2C2\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 14 Jan 2026 17:17:29 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410032-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1768411050.523644,VS0,VE140\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 0bf4780119710173060378086bf8a6bff09d9aa7\r\ncontent-length: 398\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"aa61d53a4e586d8bf233b63ee6b6ee18","sha1":"57c91b9cd8f861efa46b90311c77fe9809600308","sha256":"efc6d1d0eeabec6a11833fe598acd486dd3658dd79c41da51b7e0d839f88cfab","sha512":"1998572b4db6661629be7514540c6d8bb2451cf24e78652a8f92e0045b81a46f9689ddbf639b99ee969a19665462b354303a50e145c94961c1363ff6d19ba42c","ssdeep":"","tlshash":"bde0f1e79673fdb5cced512527d2c690513d993f138074ca7436803035484c4da20b03","first_seen":"2023-05-10T21:55:37Z","last_seen":"2026-05-06T22:52:32.476235Z","times_seen":11,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ik.imagekit.io/alibrohi/download.png?updatedAt=1756102262767","fqdn":"ik.imagekit.io","domain":"imagekit.io","tld":"io"},"ip":{"addr":"54.240.174.126","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagekit.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 22 Nov 2025 00:00:00 GMT","end":"Sun, 20 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3B:8A:6A:40:5B:EB:4E:98:B8:8F:7B:11:50:B7:82:1A:41:96:CC:CD","sha256":"38:E4:87:60:37:CC:3A:5A:FC:01:83:79:F1:F0:17:D1:2C:40:48:94:55:FB:CF:49:8D:0B:0F:6F:6D:D2:34:C0"}}},"request":{"raw":"GET /alibrohi/download.png?updatedAt=1756102262767 HTTP/1.1\r\nHost: ik.imagekit.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 30004\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: *\r\ntiming-allow-origin: *\r\nx-server: ImageKit.io\r\nx-request-id: 8649eb0f-a44a-4c47-b550-6b8ba6e4858b\r\ncache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate\r\netag: \"55930547c0bc9b5c3faddcc9ea629fcb\"\r\nlast-modified: Mon, 22 Dec 2025 09:10:31 GMT\r\nserver-timing: transformation;dur=698,download;dur=339\r\ndate: Wed, 14 Jan 2026 17:17:31 GMT\r\nvia: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nvary: Accept\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: QAYEDc1g8hqVD1f7VNkaXWR2x17DP3yEKillYNYrntk4GNGOwo0_fA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"ImageKit","description":"ImageKit is a real-time image and video transformation, optimization, and delivery service with built-in digital asset management, powered by a global CDN.","website":"https://imagekit.io/","common_platform_enumeration":"","icon":"ImageKit.svg","categories":["CDN","Digital asset management"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":30004,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"55930547c0bc9b5c3faddcc9ea629fcb","sha1":"ddddf8ecb80f346323818ba4ee172d414526713d","sha256":"bbf9ee640fe3b413ba822efc2334ab2fe5b0b94b8c1d61ccb0b61e4fe6531fc2","sha512":"4aaf470d19c60439bb8eda8ef595e78a7629568ce99cbe1e987b8266cc4b10987a5d1222e4efea4a4df651d5d1e663c5b3bd78f55c663b35207413544355d1d3","ssdeep":"768:cX4cT1W1W2AA9ma/8bHxWw7k6d2YqssEeUGjXiD:cXJT1Wt9LUHxWV6UYqssDBX","tlshash":"96d2c06e167d9affdd03b93f1c3a1115da9038e49614301b11ee6c52baf726074fa89c","first_seen":"2025-12-05T15:09:30.029252Z","last_seen":"2026-04-22T00:57:37.789145Z","times_seen":9,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":147,"dns":137,"connect":1,"send":0,"wait":320,"receive":253,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"resource2.heygen.ai/video_translate/94087358030a4df8b20e73f1fba92ed5-en/720p.mp4","fqdn":"resource2.heygen.ai","domain":"heygen.ai","tld":"ai"},"ip":{"addr":"52.84.50.29","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heygen.ai","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A1:D0:6B:90:3F:35:39:4E:C9:3B:AB:7D:D5:4A:EC:F7:45:1A:14:37","sha256":"89:27:49:8D:4B:B3:C3:7F:06:94:95:9A:1A:62:FA:38:8E:39:A1:03:63:E4:F0:F9:44:CC:03:1E:C5:9A:FB:B7"}}},"request":{"raw":"GET /video_translate/94087358030a4df8b20e73f1fba92ed5-en/720p.mp4 HTTP/1.1\r\nHost: resource2.heygen.ai\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\ncontent-length: 6398129\r\nlast-modified: Thu, 04 Sep 2025 10:48:23 GMT\r\nx-amz-storage-class: INTELLIGENT_TIERING\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: WYAoEckIV4bCg.UTCqAFmP4x7HRF6Qfw\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 14 Jan 2026 04:41:07 GMT\r\netag: \"5d74e7e2b1277828ad94f144394dd79b\"\r\ncontent-range: bytes 0-6398128/6398129\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 67fb37d4b7930077be54eaea3254b4ec.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 4z9YtN3R05JGcDTjn-mPLqT4uhoJiD29KWR6Ro08sx4iJji_wX0oLA==\r\nage: 45385\r\nvary: Origin, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1572864,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"018cb423a2c4598b79547b57945c5dd5","sha1":"a47d980e28fef01c7fbcc9de1f657b6f398f361f","sha256":"dda517b7841e7cc8e71de8b15499004e5d3cfa285f492aa617295d22a921b6a1","sha512":"5db0039cfbb97249ef6bd474882a45b60ac2f3eeb6fe6e001807aaa3979e593b95fde9caa362ff14a2e05854157ac7c84f2dc8d7e07a97e183b833f0bea5e1a8","ssdeep":"24576:ZKz28riR7mba9fUHf5A+Tf5j5Qzz2rdzPXQq6iLrcuLd5:r8riKaNM1himPsiLrVv","tlshash":"8e25233ea3b3558acd917d3442e24320b0b0fe45bf419adbdb817705b8b1793aa469f0","first_seen":"2026-01-08T16:33:08.206957Z","last_seen":"2026-05-14T18:34:37.784923Z","times_seen":14,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":380,"dns":86,"connect":1,"send":0,"wait":26,"receive":78,"ssl":290},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1pt.co/help-center-here-appeal-now","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-14T17:17:29.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1pt.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 07:04:37 GMT","end":"Fri, 27 Mar 2026 07:04:36 GMT"},"fingerprint":{"sha1":"B7:F7:45:40:3C:51:AE:2E:FD:C5:19:AD:C8:F9:A2:6C:49:B3:6F:25","sha256":"4E:FE:FA:FE:6B:28:2F:BF:34:A4:C3:43:6A:F4:D7:4B:6A:B5:03:8F:D0:59:E5:62:25:CF:BA:BC:ED:95:4F:B5"}}},"request":{"raw":"GET /help-center-here-appeal-now HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: GitHub.com\r\ncontent-type: text/html; charset=utf-8\r\nx-origin-cache: HIT\r\naccess-control-allow-origin: *\r\netag: W/\"68e19849-7c8\"\r\ncontent-encoding: gzip\r\nx-proxy-cache: HIT\r\nx-github-request-id: 43E2:A8884:1F5C82:1FCE09:6967CFA8\r\naccept-ranges: bytes\r\ndate: Wed, 14 Jan 2026 17:17:29 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410032-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1768411049.192062,VS0,VE1\r\nvary: Accept-Encoding\r\nx-fastly-request-id: f877324a745d5a892a6ebcecf80b49a90a4767c1\r\ncontent-length: 772\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":1992,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"5131c864e635830bc84a08f5ae531e75","sha1":"7d2e432bb61d0eba2c06626c7f62142d672f9698","sha256":"54b515d9589eb11c3ee125907ebc9221a789e86f12037b38d0883b749a6f4313","sha512":"4b0159dc63a369b6856a2aae8fd9a312e9f40504a7790bb1feff1addd4394667b1d19284d5a466822b5052fa3fd3bd94cea397ead87641de154ad9e547381d9e","ssdeep":"","tlshash":"ee41e1935c80ac29633291184b96b10dca13d5d7ca693c18f2cf119f5ff2ee484e3a6b","first_seen":"2023-05-10T21:55:37Z","last_seen":"2026-03-15T16:57:52.217734Z","times_seen":8,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/?i=1","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-14T17:17:31.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"page.gd","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 03 Jan 2026 00:00:00 GMT","end":"Fri, 03 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:FB:C9:96:6F:DE:F0:22:AA:CD:F8:55:68:AE:29:6C:7B:AE:73:EB","sha256":"ED:53:F7:9E:A7:85:2E:D2:53:08:38:DB:FB:1B:5A:19:D6:1C:56:B4:2E:01:3E:94:A7:2F:F2:B3:FB:59:26:5D"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: appeal-now-bad-post-here2.page.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nCookie: __test=d2f39ba48e9af298175ca08f02f4cc46\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Wed, 14 Jan 2026 17:17:31 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 108172\r\nConnection: keep-alive\r\nLast-Modified: Fri, 02 Jan 2026 18:27:30 GMT\r\nETag: \"1a68c-6476bdcc0930e\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Fri, 13 Feb 2026 17:17:31 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108172,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (629)","md5":"4f3eda2c6580e57e975d67749b6c2641","sha1":"4ab907e25b741bfa7c1a9461ca0ddd8f2f64a872","sha256":"7739bcf75765de6d7f27f18311d7ecf2846a8f94b051c75f964dd91d4d25d15a","sha512":"de3df53d12afc3a9c053a54683208c7d98fb68a5b64cfd3daa88f57a06e31cd727d026883223e5104d81078f49335816307bda547bf226c46fa4cf01d812d7d6","ssdeep":"1536:/wrQmUxzakosxm0yaWU3VStEGtD/8+YMO7k9F8PV4gklmoLrlm6AJOklVY7EA:o50yaWmSt/h8+YMO7AyV1XcN","tlshash":"53b3e8de7275e421544fa9ad23d82b3a1694a013c146db103bac5a7c8f8ee89cd733dd","first_seen":"2026-01-14T17:17:56.18885Z","last_seen":"2026-01-14T17:17:56.18885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 14 Jan 2026 17:17:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 9bdec98ebae156a8-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 53512\r\nexpires: Mon, 04 Jan 2027 17:17:31 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=etf%2BotiL3dlBd3SOP88W9PstYY%2BozkltK8hp90S5Xv%2FiDMcC1TgD0WZn31tUaLJYOUeT0QlIzvxbYeghmV94LJSbRT7mkS3gOgzcLSyXF2%2BhrBiWzj%2Bqc9KC8zRNHhWk23lGI6Gg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-05-19T14:59:36.324013Z","times_seen":48927,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":116,"dns":96,"connect":1,"send":0,"wait":13,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1pt.co/resources/js/redirect.js?2","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1pt.co/help-center-here-appeal-now","date":"2026-01-14T17:17:29.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1pt.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 07:04:37 GMT","end":"Fri, 27 Mar 2026 07:04:36 GMT"},"fingerprint":{"sha1":"B7:F7:45:40:3C:51:AE:2E:FD:C5:19:AD:C8:F9:A2:6C:49:B3:6F:25","sha256":"4E:FE:FA:FE:6B:28:2F:BF:34:A4:C3:43:6A:F4:D7:4B:6A:B5:03:8F:D0:59:E5:62:25:CF:BA:BC:ED:95:4F:B5"}}},"request":{"raw":"GET /resources/js/redirect.js?2 HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1pt.co/help-center-here-appeal-now\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sat, 04 Oct 2025 21:57:29 GMT\r\naccess-control-allow-origin: *\r\netag: W/\"68e19849-40b\"\r\nexpires: Wed, 14 Jan 2026 16:32:26 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 2B0A:C3524:141345:145A0C:6967C2C2\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 14 Jan 2026 17:17:29 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410032-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1768411049.325408,VS0,VE131\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 5503573f066f74d59ab7690a6774965f676e5842\r\ncontent-length: 526\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":1035,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fb6e12db3829c771d191c6db6122cf7c","sha1":"f9b91aadf9289da6fa185d58206bbe1302889aad","sha256":"ddbb12befd480963f2068453c9566bc38bf69d521322e53e20cbf528ff24f4c2","sha512":"fc511a553f0ae36a8c07cd09010a4da7d4f16150c8bfdb77aa7abdf351b8fd7a7b2c34013a8cb8e42bfd231e41924c02d4b08988acbe53a744a8b6a610ff7f03","ssdeep":"","tlshash":"b711218e7108221a27fa72358b2bd204fb7b446742000009364cd0c02f3467dd2befee","first_seen":"2026-01-12T07:17:03.742502Z","last_seen":"2026-03-15T16:57:52.22118Z","times_seen":4,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1pt.co/resources/css/redirect.css","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1pt.co/help-center-here-appeal-now","date":"2026-01-14T17:17:29.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1pt.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 07:04:37 GMT","end":"Fri, 27 Mar 2026 07:04:36 GMT"},"fingerprint":{"sha1":"B7:F7:45:40:3C:51:AE:2E:FD:C5:19:AD:C8:F9:A2:6C:49:B3:6F:25","sha256":"4E:FE:FA:FE:6B:28:2F:BF:34:A4:C3:43:6A:F4:D7:4B:6A:B5:03:8F:D0:59:E5:62:25:CF:BA:BC:ED:95:4F:B5"}}},"request":{"raw":"GET /resources/css/redirect.css HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1pt.co/help-center-here-appeal-now\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: text/css; charset=utf-8\r\nlast-modified: Sat, 04 Oct 2025 21:57:29 GMT\r\naccess-control-allow-origin: *\r\netag: W/\"68e19849-3c4\"\r\nexpires: Wed, 14 Jan 2026 16:32:26 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 21F8:C3524:141346:145A0D:6967C2C2\r\naccept-ranges: bytes\r\ndate: Wed, 14 Jan 2026 17:17:29 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410032-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1768411049.325543,VS0,VE120\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 6a0b4fc8b8b237186979894ee31ee2a65284aa80\r\ncontent-length: 490\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":964,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"eb6c743af853e97749d688855a70c23f","sha1":"b405cfe15170310dc74f37655c54e75b06abdc45","sha256":"29b89ca2b271d8abab0f25cd1d11fefec4c81179be7390ba7b43062e263186d5","sha512":"f9653a696085fbb34da5a6f051a93964cdd4f0b78431ca8d072bc19205c895c0dcd9940a904e860a2f197c2bbb8f6e571de511b53e3bc2bc41c1dba093e23bed","ssdeep":"","tlshash":"4811d055aa570403aa1bc60437ea879113ad9517c807c77d77d2b268cf8a26c77f274c","first_seen":"2023-05-10T21:55:37Z","last_seen":"2026-03-15T16:57:52.219125Z","times_seen":8,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1pt.co/resources/favicon/apple-touch-icon.png?v=2","fqdn":"1pt.co","domain":"1pt.co","tld":"co"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1pt.co/help-center-here-appeal-now","date":"2026-01-14T17:17:29.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1pt.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 07:04:37 GMT","end":"Fri, 27 Mar 2026 07:04:36 GMT"},"fingerprint":{"sha1":"B7:F7:45:40:3C:51:AE:2E:FD:C5:19:AD:C8:F9:A2:6C:49:B3:6F:25","sha256":"4E:FE:FA:FE:6B:28:2F:BF:34:A4:C3:43:6A:F4:D7:4B:6A:B5:03:8F:D0:59:E5:62:25:CF:BA:BC:ED:95:4F:B5"}}},"request":{"raw":"GET /resources/favicon/apple-touch-icon.png?v=2 HTTP/1.1\r\nHost: 1pt.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1pt.co/help-center-here-appeal-now\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 04 Oct 2025 21:57:29 GMT\r\naccess-control-allow-origin: *\r\netag: \"68e19849-145\"\r\nexpires: Wed, 14 Jan 2026 17:27:29 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 43F6:218F2A:1F1976:1F8A69:6967CFA9\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 14 Jan 2026 17:17:29 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410032-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1768411050.523306,VS0,VE133\r\nvary: Accept-Encoding\r\nx-fastly-request-id: c887c4b86a7ea8039c4682ec75c4ed27f04dcaf7\r\ncontent-length: 325\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 4-bit colormap, non-interlaced","md5":"049f8e33b47c6627338554452104786a","sha1":"83406a0c8b91738990ba6e10d5072b57da63dc28","sha256":"0e540cd12eb1908821cd8904b8699ae80c70541d33b182167ec8306a822d1d13","sha512":"44c9dbdf637ac7ac174b28e9e1f093f399628ad3eef2311c20f95fd0b79d95680f69096a710ee284eca1712f254dce3de05216c6a10ba8efee9c481e8265afd1","ssdeep":"","tlshash":"01e07dee9faddbe14546796e4277424ae23cf05f02c8ad9ff5148060387b0d5c155782","first_seen":"2023-05-10T21:55:37Z","last_seen":"2026-05-06T22:52:32.475598Z","times_seen":11,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"1pt.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"thakkaha.dev.fast.sheridanc.on.ca/1pt/getURL.php?url=help-center-here-appeal-now","fqdn":"thakkaha.dev.fast.sheridanc.on.ca","domain":"sheridanc.on.ca","tld":"on.ca"},"ip":{"addr":"142.55.32.52","port":443,"asn":5664,"as":"SHERIDAN-NET","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://1pt.co/help-center-here-appeal-now","date":"2026-01-14T17:17:29.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thakkaha.dev.fast.sheridanc.on.ca","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Sun, 08 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:4B:D7:58:8F:92:DC:10:0C:B5:93:34:ED:80:24:A2:6C:42:73:3A","sha256":"1B:BE:29:5F:C9:37:5A:17:7A:10:C7:85:2D:B9:89:9E:CC:E3:5E:2D:AF:E5:C7:BE:F4:6E:BF:D1:59:68:64:EB"}}},"request":{"raw":"GET /1pt/getURL.php?url=help-center-here-appeal-now HTTP/1.1\r\nHost: thakkaha.dev.fast.sheridanc.on.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://1pt.co\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1pt.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Wed, 14 Jan 2026 17:17:29 GMT\r\nServer: Apache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST\r\nAccess-Control-Allow-Headers: X-Requested-With\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: application/json\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T15:11:14.857117Z","times_seen":15442225,"resource_available":true,"data":null}},"time_used":1366,"timings":{"blocked":347,"dns":147,"connect":96,"send":0,"wait":667,"receive":4,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/aes.js","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://appeal-now-bad-post-here2.page.gd/","date":"2026-01-14T17:17:30.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"page.gd","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 03 Jan 2026 00:00:00 GMT","end":"Fri, 03 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:FB:C9:96:6F:DE:F0:22:AA:CD:F8:55:68:AE:29:6C:7B:AE:73:EB","sha256":"ED:53:F7:9E:A7:85:2E:D2:53:08:38:DB:FB:1B:5A:19:D6:1C:56:B4:2E:01:3E:94:A7:2F:F2:B3:FB:59:26:5D"}}},"request":{"raw":"GET /aes.js HTTP/1.1\r\nHost: appeal-now-bad-post-here2.page.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13733,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13733), with no line terminators","md5":"fc66e046447092c606f2587837f96874","sha1":"fcf354a8044f494ee1f9fe868dde3f570f50e593","sha256":"5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96","sha512":"51cd149b2876e90621afc579fb172e253548a851d4c202181e1faba812f5beb1ae9ccf9f153137f60c569e05a79dcb272176e0126eceac54316208d2699a689f","ssdeep":"192:4hsoEj776Bn/tnHcgaollys/6+EgH3JLg7oLu0MyMVu:i50/3xoGs/jE839g2FB1","tlshash":"355200c203894a7cf2c92ed68c2f605620f3e54a3d251249efb399dbbc77d895075a36","first_seen":"2023-10-15T19:29:47Z","last_seen":"2026-05-19T15:43:06.821277Z","times_seen":7289,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upload.wikimedia.org/wikipedia/commons/thumb/7/7b/Meta_Platforms_Inc._logo.svg/1200px-Meta_Platforms_Inc._logo.svg.png","fqdn":"upload.wikimedia.org","domain":"wikimedia.org","tld":"org"},"ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.wikimedia.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 07:10:52 GMT","end":"Sat, 14 Mar 2026 07:10:51 GMT"},"fingerprint":{"sha1":"2F:5C:84:59:D5:30:00:E0:37:A2:1D:EB:D0:9C:0C:C7:A4:17:88:77","sha256":"F5:68:C5:ED:48:C7:A4:1A:86:BA:C6:95:8C:B8:7B:F5:F6:0D:EE:3E:CF:94:35:A3:03:3F:5B:20:B8:51:8B:33"}}},"request":{"raw":"GET /wikipedia/commons/thumb/7/7b/Meta_Platforms_Inc._logo.svg/1200px-Meta_Platforms_Inc._logo.svg.png HTTP/1.1\r\nHost: upload.wikimedia.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 14 Jan 2026 09:44:19 GMT\r\netag: ae1993fa43511cec4fc1579c762fd173\r\nserver: ATS/9.2.11\r\ncontent-type: image/webp\r\ncontent-disposition: inline;filename*=UTF-8''Meta_Platforms_Inc._logo.svg.webp\r\nlast-modified: Mon, 02 Sep 2024 09:39:23 GMT\r\ncontent-length: 15776\r\nage: 27192\r\naccept-ranges: bytes\r\nx-cache: cp3076 hit, cp3076 hit/226\r\nx-cache-status: hit-front\r\nserver-timing: cache;desc=\"hit-front\", host;desc=\"cp3076\"\r\nstrict-transport-security: max-age=106384710; includeSubDomains; preload\r\nreport-to: { \"group\": \"wm_nel\", \"max_age\": 604800, \"endpoints\": [{ \"url\": \"https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error\u0026schema_uri=/w3c/reportingapi/network_error/1.0.0\" }] }\r\nnel: { \"report_to\": \"wm_nel\", \"max_age\": 604800, \"failure_fraction\": 0.05, \"success_fraction\": 0.0}\r\nx-client-ip: 91.90.42.154\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache\r\ntiming-allow-origin: *\r\nset-cookie: WMF-Uniq=4WsMCVYzZ7fO-xOZXzv-RQLoAAAAAFvdgD0tkU5NxDHg7eZFTIE18HSE8Of7hZ65;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Thu, 14 Jan 2027 00:00:00 GMT\r\nx-request-id: 106e67f6-c404-4c34-8293-66e385c8d39f\r\nx-analytics: \r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}],"data":{"size":15776,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ae1993fa43511cec4fc1579c762fd173","sha1":"c08f1a07b37b2d4c07dbd64c02066eef73ca130b","sha256":"47e80aead7e6a51b0026621f020cddfe33b9e65a3fa0c95225abee092869a62f","sha512":"40cb77be8b38a2d1b69adc6af2c041abdb6a08eea4321d734e486e96332c10e2f4ab7757c4676ffd85c3c3f2ed022e740c82ecf8e487f9becdc024ce4378abe2","ssdeep":"384:bnRliIipQlTRxioDhalXKPvaspUVN48O3G:bnEGxioDAaPVpw4+","tlshash":"5662c0695e3a46607cf89c6297ed5176f6c20c5cb10afb80df0c0e67235a999b0d48bf","first_seen":"2025-09-25T15:06:02.244095Z","last_seen":"2026-03-06T10:21:19.05147Z","times_seen":4,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":226,"dns":161,"connect":24,"send":0,"wait":47,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appeal-now-bad-post-here2.page.gd/favicon.ico","fqdn":"appeal-now-bad-post-here2.page.gd","domain":"page.gd","tld":"gd"},"ip":{"addr":"185.27.134.97","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://appeal-now-bad-post-here2.page.gd/?i=1","date":"2026-01-14T17:17:31.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"page.gd","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 03 Jan 2026 00:00:00 GMT","end":"Fri, 03 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"50:FB:C9:96:6F:DE:F0:22:AA:CD:F8:55:68:AE:29:6C:7B:AE:73:EB","sha256":"ED:53:F7:9E:A7:85:2E:D2:53:08:38:DB:FB:1B:5A:19:D6:1C:56:B4:2E:01:3E:94:A7:2F:F2:B3:FB:59:26:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: appeal-now-bad-post-here2.page.gd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appeal-now-bad-post-here2.page.gd/?i=1\r\nCookie: __test=d2f39ba48e9af298175ca08f02f4cc46\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: openresty\r\nDate: Wed, 14 Jan 2026 17:17:31 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 227\r\nConnection: keep-alive\r\nLocation: https://errors.infinityfree.net/errors/404/\r\nCache-Control: max-age=2592000\r\nExpires: Fri, 13 Feb 2026 17:17:31 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T15:11:14.857117Z","times_seen":15442225,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-14","alert":"Sinkholed","trigger":"appeal-now-bad-post-here2.page.gd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}