{"report_id":"dc8a8346-60e2-4fa0-b29e-552eb22df56b","version":6,"status":"done","tags":[],"date":"2025-10-17T09:19:02Z","url":{"schema":"http","addr":"www.immediateserax.net/","fqdn":"www.immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"104.21.84.211","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"title":"Immediate Serax 360 Official Website - Including Immediate Serax 2.0 version 5.0"},"submit":{"url":{"schema":"http","addr":"www.immediateserax.net/","fqdn":"www.immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"104.21.84.211","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-21T09:19:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"s.w.org","ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1993-12-01","domain_rank":27695,"first_seen":"2017-01-30T04:56:16Z","last_seen":"2025-10-12T22:22:06.489623Z","alert_count":0,"request_count":4,"received_data":5359,"sent_data":1831,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.immediateserax.net","ip":{"addr":"104.21.84.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-12-26","domain_rank":0,"first_seen":"2025-10-17T09:19:03.996491Z","last_seen":"2025-10-17T09:19:03.996491Z","alert_count":4,"request_count":1,"received_data":167711,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"immediateserax.net","ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-12-26","domain_rank":0,"first_seen":"2025-10-17T09:19:04.005036Z","last_seen":"2025-10-17T09:19:04.005036Z","alert_count":123,"request_count":31,"received_data":1541792,"sent_data":15294,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Mailcheck:2.0.16","description":"Mailcheck is a JavaScript library designed to address the issue of misspelled email addresses during user input.","website":"https://github.com/mailcheck/mailcheck","common_platform_enumeration":"","icon":"Mailcheck.png","categories":["JavaScript libraries"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"GeneratePress GP Premium:2.5.0","description":"GP Premium is a premium add-on plugin for the GeneratePress WordPress theme.","website":"https://docs.generatepress.com/article/installing-gp-premium/","common_platform_enumeration":"","icon":"generatepress.png","categories":["WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"GeneratePress","description":"GeneratePress is a lightweight WordPress theme that focuses on speed, stability, and accessibility","website":"https://generatepress.com","common_platform_enumeration":"","icon":"generatepress.png","categories":["WordPress themes"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"WPML:4.6.13","description":"WPML plugin makes it possible to build and run fully multilingual WordPress sites.","website":"https://wpml.org/","common_platform_enumeration":"","icon":"WPML.svg","categories":["WordPress plugins","Translation"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"f25b4bd043a21d3c0b789db7c0dcb4ef","sha1":"41689d5a09ef28debdf3b0dad39d8ae3601d014c","sha256":"6ae447e40363a7e50cf54c15d7da56196dfe7b6d1c9f53d5498b2744410d6ab1","sha512":"09c7960815a282a0eacb94254dc8532d2cf761ff1deab9b9c658032e6d3192f33428e758e3848b3e942e304b55180ff91301d350001578331fb62e2b9da727d3","ssdeep":"","tlshash":"21b0121d06024991c0d612ba1542020001fe901d9039c76cbb3c439c3f421ae6fd18a7","size":104,"data":"","first_seen":"2023-10-22T16:22:44Z","last_seen":"2026-03-29T06:54:38.241408Z","times_seen":552,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c8d926d887909904dab4316508bacc6","sha1":"455db3d80b61fefab3797bacd140f95229fa7518","sha256":"50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8","sha512":"8281e2ec7632f785570764ece44bfdb308fde7664af663669feb6c72c496ccc44ced9b5b5f7cfd1d55313aefa4ff1e19d9aad733fa75284a53523604ee9f070f","ssdeep":"192:cVABvuAZzR3rNjHOYzh2AWGVpPK5NBiNizDN:IARRnrNjuYzh2AWGVpPK5WQ/N","tlshash":"b0e187647160223500bb16db31ffd2c936f558deac16901538eace8d2db99cb12a1fe9","size":6795,"data":"","first_seen":"2023-03-29T23:12:02Z","last_seen":"2026-04-06T07:54:21.16606Z","times_seen":2801,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"443de93866d65f762354c9446ad8b366","sha1":"19e310996d2549b6ad99f17dc800799571472aec","sha256":"90a82d38c851758d27264c3808c81e7e52e4b04e03f5adb29e0e5df5021fa4b1","sha512":"f1dde58ab3c4773a4cb2d99a75dc8baef2c5bb80ef74d8ce342e381165a56fa2605a3a3920ae37ef86d837b75fbcf1882de7360b9ab389fef22bce51fa0b9fee","ssdeep":"","tlshash":"54218fc0b44c13f9127f73cab4b3da20345b9025f7b136095f0264b92c6a5a4e73a957","size":1295,"data":"","first_seen":"2023-03-07T13:18:58Z","last_seen":"2026-04-06T01:23:25.286399Z","times_seen":601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"67148b2ff82038d0faf6385f182c5644","sha1":"7452d643e468caf6db8ecf07618f1cb7ff3f7651","sha256":"5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974","sha512":"24cb8e3c4f17abc7cf1ba96407ac1eda4e6c5d7c669ac213024a9b428e19cef574cefdb06c4dd28c013f1f8d3c775fb8f98c5a15c142783ba0f25b46f0c6e7ad","ssdeep":"192:iQqHlWQZgROnqWgpkgJMhqDi92FY+alT/fnGtxTbvm:bqHngROnvgJUqDi9cNYTnGvTbvm","tlshash":"6ee112fa964412bb04ef29ca74e6e5c07b7568fdea0184302579c84d1fe8dc202e6bf5","size":7333,"data":"","first_seen":"2024-08-31T11:00:29Z","last_seen":"2026-04-06T10:31:47.419685Z","times_seen":9963,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"4950423c548a646372ae58f7bbe67d1f","sha1":"f54943150a9cc3db37bba49e9abb8f1206b8b12b","sha256":"ab69f8053e420d7f3c043b55a1bfebd9981ccf92c21b4fd823031ab51967323a","sha512":"d5a096ca163c2767e6740c62681b3b6b0ac6f0e8bf2dc782beb956f81272d5ff49eb05d45231ab2e932a1c49602cca77a6be1f7c645b0f14d74111a4605e7d99","ssdeep":"","tlshash":"cf814051a2a12ca599b060dd388fb445a47aec252b8cecf8f654aca15e3471070fbced","size":4015,"data":"","first_seen":"2023-03-07T12:02:36Z","last_seen":"2026-03-29T09:59:13.257859Z","times_seen":457,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca1e68e1ae2dbb2206d21481576bbb45","sha1":"eecac929830764dba8b0734241090f2403671fa8","sha256":"ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d","sha512":"1544aed0f5def1ef73206a17cf7f540ad8b4d58a5e9b84d0c16639d8a4500b534c940184c310ecc9d4d458edbfa933ed1d0f542c7dc2ee67446029c7e48b21cd","ssdeep":"96:99BBG3KIUhniQscmPS8qeBxJmSjfijAzpFnIFW6fI2WsnSSORdgAL:NB7p6dmiFN61WsnSSqn","tlshash":"5ae1a6ea35607473caeb42b6a22f534677301163344b2054a36ddcdc39b5aa6835bfb8","size":6883,"data":"","first_seen":"2023-11-19T10:25:22Z","last_seen":"2026-04-06T09:25:22.222338Z","times_seen":1861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"2129b18d2d9ecfc60b38e56cf45c5db6","sha1":"f17736e1f5c77f572efacbfe432436b88fcf150f","sha256":"65e55e1c25e736f840dd0470a7e371b80685aa301f9a3c8df0f95befc74c5509","sha512":"1909f3dc220a723052bbc0ec51d497ea0b419e8cdc310e4fb8074e75ac5e2261c08d1877921aca885ee2e4b953c154cc60c3eaf50519fe741007f4cd42f913ec","ssdeep":"","tlshash":"c801671905230f91c4e356fd6bd6251540bb659ef839a52a725083443e9665c33a2fc7","size":657,"data":"","first_seen":"2025-01-02T23:01:58.701628Z","last_seen":"2025-10-17T09:19:10.169597Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b726f5f5ebbabd8a23da41ddb777bc2","sha1":"1e496c70f38413337b092caa4ec7b32bc040c8c5","sha256":"888eb75cb6a5a676d4781b6061383dce54ccb4d23cdbbb636a0dab22a79cb5f4","sha512":"867b6dc7df0c373a281fbada54084e301bc5e719839ae144778007c1d87afa89e83805a813bbad4cc9acb3464932c8e37a934ebee31967e7387ee52d58377ef4","ssdeep":"384:PpKML27MoYj1dgLYikUDyks/DckDOFHL5VCAdwTRZ03eSf8e2vwQ3jETKGp+eWC7:PfL27MWLB8/DcKOZfG9mujB6QltY","tlshash":"0f3362585da700b15ab36afe6fdf2202727490477848cd447eaca3841f88d9627f4fe9","size":52663,"data":"","first_seen":"2024-10-04T11:14:09.137195Z","last_seen":"2026-03-29T06:54:38.234079Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d7765bae213b8cf43ba5f06960055ec","sha1":"b97311bed465062adfe3b0f20f363441be2d4881","sha256":"e889e4e37ac5bce51552e6432402bad41853158bd662f41bbc50acceaff5a1f6","sha512":"a8d97281baf2c7924da3a90de1f08bd44f2b090fd36a0930c0dac7d58b85f80463a35abfeac55205f8c7ae872c28af0a0bd04c1a6aaaf1232a4b8b446020b9df","ssdeep":"768:0sqD7GzOoS+D45YMJR3QWG6UdC8OxgtmKg3vTpzaDvCYHJ:CfHQWodCjgtmKgNzazCU","tlshash":"78d2099973551237a89aa0a1687f16472ebf30015a84cc9cb87ecdcc1feced9a1b5734","size":29500,"data":"","first_seen":"2023-05-02T01:14:21Z","last_seen":"2026-03-29T09:59:13.260549Z","times_seen":398,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"9b78b28b396646badfc6017235ee4be9","sha1":"18103240bf0cb760cdf7febc628b56b8fca44319","sha256":"215f517010a20f2f4c55d34dd3c574568bd0fb83662f0b915ddb6561f97c3904","sha512":"6b82e20e99e8a57178afd50be19a2d5ecbf7062879808d851b3b5aa2b0a8a629ef06413f19dc9a6cd7a22d23e5d67e133fb70ff8030e0f6d6a494260d0085739","ssdeep":"","tlshash":"a9d0123a6b562b320997a7a266efb7413b6306b564c105135c75c8892f34dc981754ca","size":260,"data":"","first_seen":"2023-03-07T01:03:19Z","last_seen":"2026-04-06T07:53:53.280399Z","times_seen":7082,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fc35421139ef9851bc72d3edb90cfba","sha1":"0091cadf005c865d7c4ef093fac9d35566fd1e48","sha256":"3310986e26439bd35318188bd35b0c326bd3334e6699ca0469fd4f0b7d497098","sha512":"0fda88fda5b8a67c7b750712da3543e4572cb89565284cf1cbffb1ec0927f21626ff78d6fe9fa4ac13ce9f780ddc0c36ca46fedeb1c2e7f754573d7acddc7432","ssdeep":"","tlshash":"0401d0fd1190553514fb8695739fbf41393120a686039411812ccca0f5a8ce7f912bc7","size":737,"data":"","first_seen":"2024-09-02T00:59:07Z","last_seen":"2026-04-06T09:25:22.290971Z","times_seen":2875,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-06T10:06:04.608107Z","times_seen":642710,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"36b6264c7cef7454ab66f28e63fc0b1a","sha1":"47a2ff8432203e340aa1b1d2596bdb461007ab54","sha256":"000e580fb5f0233300ffd016893fa214ae25f735fc3655ab18a1037a6823d815","sha512":"d58defa78dea0e8ddc326c077c2d1abbd48db733a5420b13f08f8a5786d99ff94172819c3aa0ef9db557e974b0fb76016bd9e25a2e572055ac8dc205534c2f4f","ssdeep":"","tlshash":"b38000a382082c082300b00e2008000028308000a0808a8020888b283c0820cc0088c8","size":32,"data":"","first_seen":"2023-03-07T12:03:46Z","last_seen":"2026-04-04T20:13:22.016594Z","times_seen":1553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"26909cfee4ad69861654476cc84ae9a5","sha1":"71f267bfb81a8ea66aa934dd29833965d7df1c88","sha256":"84f28dd8d2ffccd5f1667989378ef32f97e118058f8306bf4cdff127698e7468","sha512":"eeab0542d3bf14f67c87671615e886afe659decd40b0fab964b6e55a21f48da57eacf9b56e31a1c8bc7502cae3eaa4e378a372607c861cf5d2a20a98bc3c0e80","ssdeep":"","tlshash":"f1b0120a901b449200ec1306c6863d577730004240216c50cae9de144488f3539ef160","size":105,"data":"","first_seen":"2023-12-29T10:54:45Z","last_seen":"2026-04-06T01:18:10.924686Z","times_seen":1490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"e891393f0be3a6ffaa3923b307180e7e","sha1":"bc0a7332b9846a5762a71b9b9811c1a8b19df194","sha256":"2d1778345d3607ceb641cc5f21b0a2c045fa70052361ac91a17c39b2c9d96f71","sha512":"12674ec69eecfa043bcf9ee8529e5ec274a1bb55e068a2ae64a91d6362997f7e532325c77785b1bc980f42592cadbed487549bae0a5298077cb1cf9c02ff589f","ssdeep":"","tlshash":"eeb09b6c51439a33c19266445384d423e07509dc420d881ff195d0dc6945da31ccd457","size":127,"data":"","first_seen":"2023-03-07T01:03:19Z","last_seen":"2026-04-06T05:06:20.061807Z","times_seen":4237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"bec9c700df243a74235f459eeaa0d9cb","sha1":"47c8b6aff8817c560284ab7f629d1fb9903a4391","sha256":"b419ddf3962f2f32b55824f2bc29e97b342f8df820c6913c9f58e91cb1608df8","sha512":"a07708e0fa26478c89c7e1e0a70398aaf01c3df35e81c8c61bd3558190feea7f9eb5641a7c25cd695a7973fd3b49b2ded69c4666e4dedb31161cf5df4ec82805","ssdeep":"","tlshash":"cc900471d405443145d74d0035c04014f5fcd414c5cfc511fdd5d545d351c00447d140","size":46,"data":"","first_seen":"2023-03-07T01:07:33Z","last_seen":"2026-04-06T05:06:20.062352Z","times_seen":1870,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"12855fe710661551c42e95a9c9290600","sha1":"72c56f9f3584405934289059ccd5ed678ddcb00c","sha256":"df0797876b146528f534dc356f34fd6408384ca47baae6ecdfcdf0463294f142","sha512":"70cfb09e51c3e5423473cd6332be0e45ce739f57d2356da4e6abbcec6402f98385e29809d91c8294fd5fbd9662c8cd3c79e577da01d736fc1ee08341a3c3001c","ssdeep":"3072:yxJ0MDz3ojrs3OwPl0n04Xl31AfO+2x1+w+Whnz6RNC7sSUrVjHoLOTpCAtQ594F:yxJRDY9lx1+w+WwugV","tlshash":"8c34ceebda3c9736a1d97b35968eb3cd5a8cbc93c848567826c3b54f53788e0706c205","size":245226,"data":"","first_seen":"2023-03-08T11:47:53Z","last_seen":"2026-03-29T09:59:13.250497Z","times_seen":435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3344f9ef0a1c140f85494c830d1ad5d","sha1":"59c16daee5dbc6942fa6d91c28b8aacbe2b0bf51","sha256":"5dda80b2f1d2b87f6e961a0ea006e9e4a5076fd8cca9f77a296965d496094cfb","sha512":"870ef3b96b5176c6772cd2360aa82048a61f0cad509973fd5ea37098edb53b4c89fe1bb0d32867a10d25d52194578ef158e18a007c9594748dd50610716954d4","ssdeep":"384:Ap9nylLGEIbn6R5EbZeSf8xdwTRZ03bX2vwQ+x8wK0cfDGMkO9m3Gje2vEdBjY:ArALL8n6JPfi9mWjdQlY","tlshash":"39d25f1859a700a11ab379fe6fdf2242767490a73848cd44be4ca3846f94d6127f5fec","size":29537,"data":"","first_seen":"2024-10-04T11:14:09.138798Z","last_seen":"2026-03-29T09:59:13.251041Z","times_seen":234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"immediateserax.net/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:51 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-1ca5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7333,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7333), with no line terminators","md5":"67148b2ff82038d0faf6385f182c5644","sha1":"7452d643e468caf6db8ecf07618f1cb7ff3f7651","sha256":"5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974","sha512":"24cb8e3c4f17abc7cf1ba96407ac1eda4e6c5d7c669ac213024a9b428e19cef574cefdb06c4dd28c013f1f8d3c775fb8f98c5a15c142783ba0f25b46f0c6e7ad","ssdeep":"192:iQqHlWQZgROnqWgpkgJMhqDi92FY+alT/fnGtxTbvm:bqHngROnvgJUqDi9cNYTnGvTbvm","tlshash":"6ee112fa964412bb04ef29ca74e6e5c07b7568fdea0184302579c84d1fe8dc202e6bf5","first_seen":"2024-08-31T11:00:29Z","last_seen":"2026-04-06T10:31:47.419685Z","times_seen":9963,"resource_available":true,"data":null}},"time_used":8575,"timings":{"blocked":5780,"dns":0,"connect":0,"send":0,"wait":2795,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-e549\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58697,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58697), with no line terminators","md5":"82a65dc43ead999e4c89efe2c1bbeb40","sha1":"075bfb9ec99cfce789e3f3ac0ef2ff104dc1d50b","sha256":"af770f5afec3e9f10196ea60476a44dde4d80010e680500685b578fee468c8c7","sha512":"059efbf42781d4cc95ec585aef3eb9bc4601bf4b7c2a821481d6ff57d3ef1bd5dcce51b528c487d7011e836a3fe12b71a7057464c5e46288df56de174fea3f39","ssdeep":"768:KiCDXbwqffcFca12YjJVsD3szqMiCDXbwqffcFD:KxVa12YjJVsD3szqMxA","tlshash":"7343402197605ebcd4bf87331ef079349423d961c90b67c9e9e2f354a6cb54606b3b0a","first_seen":"2023-08-02T07:54:49Z","last_seen":"2026-03-28T10:51:06.320355Z","times_seen":446,"resource_available":false,"data":null}},"time_used":2659,"timings":{"blocked":515,"dns":1,"connect":19,"send":0,"wait":1570,"receive":0,"ssl":550},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-15601\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"resource_available":true,"data":null}},"time_used":5743,"timings":{"blocked":3978,"dns":0,"connect":0,"send":0,"wait":1764,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/uploads/2023/12/dark-main-background-3-scaled.jpg","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:49.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/uploads/2023/12/dark-main-background-3-scaled.jpg HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 226117\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nETag: \"671e37a2-37345\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":226117,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1483, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2765], baseline, precision 8, 2560x1373, components 3","md5":"ebe7abec7b4411caf81b6a716b9d1140","sha1":"d5b29f62241dd6ba1f32b45b8b957226c6a3fa01","sha256":"b9df4786cb52e40ded46cbd133062cf99b1d11aa083b87113ba69ff4ffe66e63","sha512":"4dab05fa435e904319fdcd66961d965c1084933ed337279fb5e4736f23eff5a83c1ac4a6a9ec83ab8b5ac3a651190b2cc7071f648b914256b28acb62b82ed159","ssdeep":"6144:3M0brzwBHibmatfgX9k/iMzRh5bkxbalQ4X:ccrzw+XfgX9HwhhooQm","tlshash":"3a24120aa310054ad4ddc7f616a38b34fa37a3611a6e4b3737dc63b7af823446d295c5","first_seen":"2024-01-16T06:52:05Z","last_seen":"2025-12-22T00:11:41.281972Z","times_seen":59,"resource_available":false,"data":null}},"time_used":8804,"timings":{"blocked":1796,"dns":0,"connect":0,"send":0,"wait":5130,"receive":1878,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/css/intlTelInput.min.css?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/css/intlTelInput.min.css?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-5ea5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"89ce447c1755a488d17bec881196adf3","sha1":"1c0dd6b8549bf7023e9f302bc2490944aa5d998e","sha256":"5ae1a7abb598b54b3dc3529b788bbee60faf9e68296b4d04154072cb8eec56f2","sha512":"0216a585ef34e8923b1cee34f23c95de74ed69a2494852799ef7bdaf1ec6d48cab49319bfd1ffd41283724ba4f29d21c644645acf3b6a4e46290abcbded9712b","ssdeep":"384:KTg9F7FFmjTSBhPQ66n1hwzshHH7L7y9x26GC529PygQp:d9F7FFmjPJnM","tlshash":"8eb2fd778bb33c65f91bd1a129f906623b375c47b01a4a2ef2963dbc5f420e025f2981","first_seen":"2023-05-02T01:14:21Z","last_seen":"2026-03-29T09:59:13.255311Z","times_seen":401,"resource_available":false,"data":null}},"time_used":2680,"timings":{"blocked":509,"dns":1,"connect":21,"send":0,"wait":1599,"receive":0,"ssl":546},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-7361\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29537,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d3344f9ef0a1c140f85494c830d1ad5d","sha1":"59c16daee5dbc6942fa6d91c28b8aacbe2b0bf51","sha256":"5dda80b2f1d2b87f6e961a0ea006e9e4a5076fd8cca9f77a296965d496094cfb","sha512":"870ef3b96b5176c6772cd2360aa82048a61f0cad509973fd5ea37098edb53b4c89fe1bb0d32867a10d25d52194578ef158e18a007c9594748dd50610716954d4","ssdeep":"384:Ap9nylLGEIbn6R5EbZeSf8xdwTRZ03bX2vwQ+x8wK0cfDGMkO9m3Gje2vEdBjY:ArALL8n6JPfi9mWjdQlY","tlshash":"39d25f1859a700a11ab379fe6fdf2242767490a73848cd44be4ca3846f94d6127f5fec","first_seen":"2024-10-04T11:14:09.138798Z","last_seen":"2026-03-29T09:59:13.251041Z","times_seen":234,"resource_available":true,"data":null}},"time_used":5576,"timings":{"blocked":3827,"dns":0,"connect":0,"send":0,"wait":1749,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:52.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:55 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-867\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2151,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"974c06c22e80fbf8fc59a64946494b43","sha1":"6f25ac4d1108e81458e684ff3cd2fdbd8ac32786","sha256":"1e4455cdccea0ee7e1e5d9e13c5b2be8b964c3012341201f22092952036489a7","sha512":"d8374ac71bcba7cca5bc8707297280283110adb04814c30e369d0e7a1c3c3a1a77487bb4b7090aa485ead581de29abdc3b94d987784caf37b580d158e2f7f814","ssdeep":"","tlshash":"0a41e115ca058d6b0a81009ab8a9365773a5509b8d9d381dbb28136e0fded6f22772bc","first_seen":"2024-01-29T05:49:51Z","last_seen":"2026-03-28T10:51:06.26075Z","times_seen":292,"resource_available":false,"data":null}},"time_used":3730,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":3514,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:50 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-1ae3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6883,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6883), with no line terminators","md5":"ca1e68e1ae2dbb2206d21481576bbb45","sha1":"eecac929830764dba8b0734241090f2403671fa8","sha256":"ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d","sha512":"1544aed0f5def1ef73206a17cf7f540ad8b4d58a5e9b84d0c16639d8a4500b534c940184c310ecc9d4d458edbfa933ed1d0f542c7dc2ee67446029c7e48b21cd","ssdeep":"96:99BBG3KIUhniQscmPS8qeBxJmSjfijAzpFnIFW6fI2WsnSSORdgAL:NB7p6dmiFN61WsnSSqn","tlshash":"5ae1a6ea35607473caeb42b6a22f534677301163344b2054a36ddcdc39b5aa6835bfb8","first_seen":"2023-11-19T10:25:22Z","last_seen":"2026-04-06T09:25:22.222338Z","times_seen":1861,"resource_available":true,"data":null}},"time_used":7640,"timings":{"blocked":5508,"dns":0,"connect":0,"send":0,"wait":2132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:46 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-3bdea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":245226,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1654)","md5":"12855fe710661551c42e95a9c9290600","sha1":"72c56f9f3584405934289059ccd5ed678ddcb00c","sha256":"df0797876b146528f534dc356f34fd6408384ca47baae6ecdfcdf0463294f142","sha512":"70cfb09e51c3e5423473cd6332be0e45ce739f57d2356da4e6abbcec6402f98385e29809d91c8294fd5fbd9662c8cd3c79e577da01d736fc1ee08341a3c3001c","ssdeep":"3072:yxJ0MDz3ojrs3OwPl0n04Xl31AfO+2x1+w+Whnz6RNC7sSUrVjHoLOTpCAtQ594F:yxJRDY9lx1+w+WwugV","tlshash":"8c34ceebda3c9736a1d97b35968eb3cd5a8cbc93c848567826c3b54f53788e0706c205","first_seen":"2023-03-08T11:47:53Z","last_seen":"2026-03-29T09:59:13.250497Z","times_seen":435,"resource_available":true,"data":null}},"time_used":4096,"timings":{"blocked":2082,"dns":0,"connect":0,"send":0,"wait":1995,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:47 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-cdb7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52663,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"2b726f5f5ebbabd8a23da41ddb777bc2","sha1":"1e496c70f38413337b092caa4ec7b32bc040c8c5","sha256":"888eb75cb6a5a676d4781b6061383dce54ccb4d23cdbbb636a0dab22a79cb5f4","sha512":"867b6dc7df0c373a281fbada54084e301bc5e719839ae144778007c1d87afa89e83805a813bbad4cc9acb3464932c8e37a934ebee31967e7387ee52d58377ef4","ssdeep":"384:PpKML27MoYj1dgLYikUDyks/DckDOFHL5VCAdwTRZ03eSf8e2vwQ3jETKGp+eWC7:PfL27MWLB8/DcKOZfG9mujB6QltY","tlshash":"0f3362585da700b15ab36afe6fdf2202727490477848cd447eaca3841f88d9627f4fe9","first_seen":"2024-10-04T11:14:09.137195Z","last_seen":"2026-03-29T06:54:38.234079Z","times_seen":143,"resource_available":true,"data":null}},"time_used":4089,"timings":{"blocked":2079,"dns":0,"connect":0,"send":0,"wait":2009,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.6.2 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:44 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-1b72b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112427,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57765)","md5":"319580d7d8944a1a65f635e0d11e5da5","sha1":"e23bc18ef1b0f78f7010e3c16e4c5e1f333248bd","sha256":"fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5","sha512":"743825eaea11208277528e506c115ec786ab060095ae4250c65a9b02fe9e5cb2ac5ac386532486a2678b9615490ce75ba096a9fd2041200989ad07a726b5d9d0","ssdeep":"1536:pZeJWfZglWQg5MG7+qehN2pUkxWLZQql3Pq:pZeJwkWQg5MG7+qehN2pUk4LaU3Pq","tlshash":"51b3614417b4dcf935ffa73a5e4ee258a103aa41c68a67e7e066d190618ca490cf3f0f","first_seen":"2024-09-10T22:43:30Z","last_seen":"2026-04-06T10:32:56.728588Z","times_seen":12757,"resource_available":false,"data":null}},"time_used":1795,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1794,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/rank-math-snippet.css?ver=3.0.72","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/rank-math-snippet.css?ver=3.0.72 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:49 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-185\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":389,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (389), with no line terminators","md5":"45977ac32578852ab779878e707c5cfc","sha1":"db52f8d7fc8d76beb51d3091b94c511a0810c8cd","sha256":"a39445bf758c3548d49b5da4a18bb3ecb3e263ed0aa97a29a83a9822cd222d30","sha512":"e7bb3c5b5245358b84dac6f6aed2f55b289f21b539f8a5a244aee03b33ebda620001f0357bcd52bb34aeef8fb57847b150ee112da1e6e87798a9ab3baf7e3cd2","ssdeep":"","tlshash":"a9e0d80578346ebcdd53561808d7c1f135155d6a879f95e78c06183dca3f385e32536c","first_seen":"2023-08-10T04:28:32Z","last_seen":"2026-04-02T22:31:26.746183Z","times_seen":256,"resource_available":false,"data":null}},"time_used":6208,"timings":{"blocked":4025,"dns":0,"connect":0,"send":0,"wait":2183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/uploads/2023/11/colored-background-scaled.jpg","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:49.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/uploads/2023/11/colored-background-scaled.jpg HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 75057\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nETag: \"671e37a2-12531\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75057,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3067, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=4600], baseline, precision 8, 2560x1707, components 3","md5":"a93b24e3e76528daf14c7d481f4b4fc7","sha1":"7bc62027462c5851f5d4f3515f21abf08cd37c6f","sha256":"44fdb2c84e03369312612c41edce94283583c9ce101cbbecf7fdac3ed57c4d85","sha512":"a968445ab036814830d447c1bf7b3a3cdb13275bd5517d3bb08a6425181432c24f8722ff31f0f63d7fb7dc01cf665b5055efa9b62f92badb5ca12321c48343f9","ssdeep":"768:Qgw4pjjzdv2ENdYtqznBU5PmoHRlTWRdNAdo02YP2nrYlCGKwILxqqyD9uHabkZj:Lw4HvBYUTBU5bxkRsoFYP2nrcMLx3Zj","tlshash":"4473f733ef059a57c4dc6b7088e71b293f6748b993510203f7ad59386bbb398bd49880","first_seen":"2024-01-16T06:52:05Z","last_seen":"2025-12-22T00:11:41.258258Z","times_seen":56,"resource_available":false,"data":null}},"time_used":6549,"timings":{"blocked":2727,"dns":0,"connect":0,"send":0,"wait":3802,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:46 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-4c38\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19512,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512), with no line terminators","md5":"b7e067012db6249774c29e4c56b4f2c0","sha1":"7523574074e98d492a8da515f0daf7446cc504e0","sha256":"c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56","sha512":"c77b609b39ddf4ab8b6a89aba1b8daa2e8824312b1032eed8270c82167794dd438ec9878dc5e5e19853565f3f95c24315e3f164b5919cbed8c772e84f7078bba","ssdeep":"384:sk1JAWvwWZ34igipTh3dGr5PL3NatuylxQp9svaQW4M+ght5NsKa4TqSD6CE:hAWvwWZ34igipTh3dGr5PL3NatuylxQo","tlshash":"3f9209a2aaf1242cb177831ffbd0e16c3565d522d30b95dab897d700c9cab67026379c","first_seen":"2024-08-28T15:41:57Z","last_seen":"2026-04-06T10:31:47.418715Z","times_seen":8954,"resource_available":false,"data":null}},"time_used":3847,"timings":{"blocked":1708,"dns":0,"connect":0,"send":0,"wait":2138,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/uploads/2023/12/Rated-stars-300x15-1.png","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/uploads/2023/12/Rated-stars-300x15-1.png HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:52 GMT\r\nContent-Type: image/png\r\nContent-Length: 4349\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nETag: \"671e37a2-10fd\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4349,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 15, 8-bit/color RGBA, non-interlaced","md5":"e25ae6cee9c5bbbc63679cabebcb3622","sha1":"f62ddfe71b47c74ff73cda5209ca56c4f0e8c4d9","sha256":"26e8b9b1ad5d3adf8622aa981e62947b50f4bee82ae2a3e02d2c85429ec280fd","sha512":"e72ff4739b3315b49dd3a7ddc97a4a2b353ffe8615ad19cf3b4f51cbeccc343deed6d1ef8951c725fad1fa64bffe3c4e60b62bf7c5b2e9ccdb9f941fd6eecffa","ssdeep":"96:E5QjtlMZrQ6CLrgNx6AFFSTnImkh4rYwGpOTHcD4c:WatlwdetImI4rh+MHckc","tlshash":"67916da4091aff7cfd22e354892056ccf981e9a9c367721a9ffa4804c1508cee1c289f","first_seen":"2024-01-16T06:52:04Z","last_seen":"2025-12-22T00:11:41.280752Z","times_seen":60,"resource_available":false,"data":null}},"time_used":9199,"timings":{"blocked":6219,"dns":0,"connect":0,"send":0,"wait":2980,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-425\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1061,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1061), with no line terminators","md5":"340df9cb2c8a1e5d5428a81637866c40","sha1":"759e7dffd2c0427030749b61e4193046b515f6ef","sha256":"d5d086ab8dd7703a41e01c913e225fafdc942be3bbd121dbd3c615f33091875f","sha512":"6690c375a3591d2d5905e4d76cec1424ee7212d28fdb1c094da21b4fe6780a63dd8e7d9932c4d6f532d5fc660f6827d30f5b36c5f73ba98eadc3d2437cbcf3d4","ssdeep":"","tlshash":"58118e73319e1214a21b833a5dd3ffa93c25e602ae554f14ee00519ec9862b5f31470a","first_seen":"2023-05-20T14:10:10Z","last_seen":"2026-04-06T01:23:25.289563Z","times_seen":583,"resource_available":false,"data":null}},"time_used":2673,"timings":{"blocked":499,"dns":1,"connect":25,"send":0,"wait":1604,"receive":0,"ssl":540},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:47 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-7362\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29538,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26958)","md5":"0d7765bae213b8cf43ba5f06960055ec","sha1":"b97311bed465062adfe3b0f20f363441be2d4881","sha256":"e889e4e37ac5bce51552e6432402bad41853158bd662f41bbc50acceaff5a1f6","sha512":"a8d97281baf2c7924da3a90de1f08bd44f2b090fd36a0930c0dac7d58b85f80463a35abfeac55205f8c7ae872c28af0a0bd04c1a6aaaf1232a4b8b446020b9df","ssdeep":"768:0sqD7GzOoS+D45YMJR3QWG6UdC8OxgtmKg3vTpzaDvCYHJ:CfHQWodCjgtmKgNzazCU","tlshash":"78d2099973551237a89aa0a1687f16472ebf30015a84cc9cb87ecdcc1feced9a1b5734","first_seen":"2023-05-02T01:14:21Z","last_seen":"2026-03-29T09:59:13.260549Z","times_seen":398,"resource_available":true,"data":null}},"time_used":4163,"timings":{"blocked":2081,"dns":0,"connect":0,"send":0,"wait":2081,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.w.org/images/core/emoji/14.0.0/svg/1f4b2.svg","fqdn":"s.w.org","domain":"w.org","tld":"org"},"ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.w.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 19:44:40 GMT","end":"Tue, 25 Nov 2025 19:44:39 GMT"},"fingerprint":{"sha1":"1F:8D:28:3F:BE:E3:7F:80:0F:AA:45:06:98:87:1D:E9:CA:E1:11:4F","sha256":"AD:CC:CD:64:B6:6F:C9:5B:27:CA:75:DA:4D:1D:57:41:30:6E:12:A2:0D:2E:E8:69:49:40:DD:EE:56:9E:7F:9E"}}},"request":{"raw":"GET /images/core/emoji/14.0.0/svg/1f4b2.svg HTTP/1.1\r\nHost: s.w.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 17 Oct 2025 09:18:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 27 May 2025 09:57:14 GMT\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 12\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":671,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1679bb713b6a99e6ddf111d45400be3a","sha1":"ce4626aa87e8b9d545d55332d6240f040df9f366","sha256":"41925d37300aa2ba15521f882c7f01e10e41712166614a3b0f1629f9b855eb44","sha512":"a321d84239671a6744f932a3fe930dd7a60d41e64a0c14f51bd56582b1b2f5c00f99359a270b3e9ca4185bd876f211eab43b71f237f6e70689f1fa08d983f981","ssdeep":"","tlshash":"ac0123fc83304fb021b9dd1d9e213c6424c7a98fe9c40087e3aaa53748625c97e08c94","first_seen":"2023-07-15T21:48:56Z","last_seen":"2026-04-05T01:34:30.203568Z","times_seen":136,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/uploads/2023/12/logo.png","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/uploads/2023/12/logo.png HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:52 GMT\r\nContent-Type: image/png\r\nContent-Length: 6484\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nETag: \"671e37a2-1954\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced","md5":"9e4b07af1a7bcf3dd5f0ebbf0705154e","sha1":"24937011f127e70047465eee4fe1fd0f283e7ec9","sha256":"93acb3342608153ec682eacd7d9f56a8683bbeeb7ed3d989d77b43268a486885","sha512":"604193c0ffc1865ae8980d78e7c02a1824e193f8b49d2b62d21b18f3d51e1bbfe82ad3b399d0a34ec1572f311ff75b34c88a41e1cc62835995583518a14a69fa","ssdeep":"192:kIIHUCD4wa3SjW8Ooit1qUsyBIGbsDbJ6:a0wDi89it1GyBIGbo6","tlshash":"a4d19fc46c7c0c092447455c309ee8634b279a61437a9b75bdf8a61f1724aa03faa2db","first_seen":"2024-01-16T06:52:04Z","last_seen":"2025-12-22T00:11:41.278812Z","times_seen":60,"resource_available":false,"data":null}},"time_used":9248,"timings":{"blocked":6268,"dns":0,"connect":0,"send":0,"wait":2979,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:55 GMT\r\nContent-Type: image/png\r\nContent-Length: 600\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nETag: \"671e37a2-258\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":600,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced","md5":"2878f64a0217a154e531853f6a822c65","sha1":"ac7a53e9f53b9de8a344c38222e217d50d559b83","sha256":"3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef","sha512":"0885bc73e9364c2b3c3730dcc5430e74bd17c3ab84f85a0ff33002bbba95f6650622650bbac35b05505978b58d98584f0c78b6a471e6449d33e333729c1fa0dc","ssdeep":"","tlshash":"4cf041d5b4c5323ee76f489343360bf1fc7080ee9901ac8ead0948191e6106ce74b201","first_seen":"2023-04-08T02:38:56Z","last_seen":"2026-04-06T09:51:37.522408Z","times_seen":10737,"resource_available":false,"data":null}},"time_used":12636,"timings":{"blocked":9019,"dns":0,"connect":0,"send":0,"wait":3617,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-1a8b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6795,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6795), with no line terminators","md5":"2c8d926d887909904dab4316508bacc6","sha1":"455db3d80b61fefab3797bacd140f95229fa7518","sha256":"50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8","sha512":"8281e2ec7632f785570764ece44bfdb308fde7664af663669feb6c72c496ccc44ced9b5b5f7cfd1d55313aefa4ff1e19d9aad733fa75284a53523604ee9f070f","ssdeep":"192:cVABvuAZzR3rNjHOYzh2AWGVpPK5NBiNizDN:IARRnrNjuYzh2AWGVpPK5WQ/N","tlshash":"b0e187647160223500bb16db31ffd2c936f558deac16901538eace8d2db99cb12a1fe9","first_seen":"2023-03-29T23:12:02Z","last_seen":"2026-04-06T07:54:21.16606Z","times_seen":2801,"resource_available":true,"data":null}},"time_used":5964,"timings":{"blocked":4087,"dns":0,"connect":0,"send":0,"wait":1877,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/css/widget.css?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/css/widget.css?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-1eea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7914,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7914), with no line terminators","md5":"c0526b907bd105ac9d2606c1f6d5225c","sha1":"38c1efab7570951029c569ea67875e1c0a52f5e2","sha256":"995420b5354d83b5f15d0a86ff2ac19bc33516e5ec7d0465a9398011a512c336","sha512":"cbf32a9123eb0957287b6ca34fcdee8c0e88c3201c2fec8970d9d23a8205021f070a59f13918edd8f6c89ad20c2bf80ed54c52c07b04367a226705e11714d220","ssdeep":"192:p8Ufo5Zw+VQsV3MAKP5xc8MgYs2ao4EEbmM1x/OvUc/:zgiz4gYs2ao4EEbmM1kcc/","tlshash":"62f13311d5b40856f187456db2c507ea512ed58ae016ceffbb08b1ea83cd4ce23bbb09","first_seen":"2024-10-04T11:14:14.089562Z","last_seen":"2026-03-28T10:51:06.27808Z","times_seen":197,"resource_available":false,"data":null}},"time_used":2676,"timings":{"blocked":503,"dns":1,"connect":19,"send":0,"wait":1602,"receive":0,"ssl":543},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css?ver=1.0.229","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css?ver=1.0.229 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:49 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-9fa\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2554,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2475)","md5":"446b18326b6a7efc47be011ea468def5","sha1":"dbc8692f8dbcc01efaa22454cb8f19992ead7462","sha256":"5423a9a2ead65199cfe8f812727ca497fa9333824ebfaead1427ae2a9e25ba8e","sha512":"1fe5bccf90bd6d3e4746f4f534e43415224b27626c169bb3937e6471f0a41267b24d6e020db2422f9f33499b5c128154685bd08e19eeca2b7cd1a44a8a466603","ssdeep":"","tlshash":"58512b85ba3e2a966152837eddc7de991e2a24771b138758dcc4d09c836f070f71eb08","first_seen":"2024-02-01T11:56:21Z","last_seen":"2026-03-28T10:51:06.27405Z","times_seen":179,"resource_available":false,"data":null}},"time_used":6184,"timings":{"blocked":4023,"dns":0,"connect":0,"send":0,"wait":2161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.5.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.5.0 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:46 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-170d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5901,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5901), with no line terminators","md5":"620bdc2e262641f4cee95c34de331140","sha1":"588be9ecfa8899889f324f17b4fe3f0828acd478","sha256":"ff95720758215ef9f328fda9e5b00e7c64421bcc8c0439e38201492e0fa78616","sha512":"56620f620d1dfd70b978a2368252f79149030ea50b1160d8eea2fb1be91efea00b1a04fcc4370312e4ae4ae440410ef0bd8e1f2c6eaae55295e564d1dc274ca1","ssdeep":"48:C6DWCYieBSBvVi+dhQCRl6t3i4sNoPopQWxoZob+VNnroIx2rw8nvLnYrrz4SqXm:BfdNLGSeQSXmKo0rzQeFL9CzfPvg9","tlshash":"6ec1405191e14268c867c22316ffc1e413fedd1c9f6be655bdcb83058c4aa1a139aee8","first_seen":"2023-12-29T10:54:46Z","last_seen":"2026-04-06T07:54:21.132317Z","times_seen":2312,"resource_available":false,"data":null}},"time_used":3995,"timings":{"blocked":2055,"dns":0,"connect":0,"send":0,"wait":1940,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:48 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-3509\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-06T10:06:04.608107Z","times_seen":642710,"resource_available":true,"data":null}},"time_used":5847,"timings":{"blocked":4018,"dns":0,"connect":0,"send":0,"wait":1828,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.w.org/images/core/emoji/14.0.0/svg/1f5a5.svg","fqdn":"s.w.org","domain":"w.org","tld":"org"},"ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.w.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 19:44:40 GMT","end":"Tue, 25 Nov 2025 19:44:39 GMT"},"fingerprint":{"sha1":"1F:8D:28:3F:BE:E3:7F:80:0F:AA:45:06:98:87:1D:E9:CA:E1:11:4F","sha256":"AD:CC:CD:64:B6:6F:C9:5B:27:CA:75:DA:4D:1D:57:41:30:6E:12:A2:0D:2E:E8:69:49:40:DD:EE:56:9E:7F:9E"}}},"request":{"raw":"GET /images/core/emoji/14.0.0/svg/1f5a5.svg HTTP/1.1\r\nHost: s.w.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 17 Oct 2025 09:18:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 19 May 2025 11:40:17 GMT\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 12\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":549,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"54b027c5a0fdb9c92545820e12544ab4","sha1":"49d1d8c8ca02b2052d792ea17c8ace5f50a9dfaf","sha256":"ce7e8d2565b18e0fddd4e770bc3dc20d18adf75fb140409ca6e1ac1a296f397c","sha512":"a0c5f0543aeee5e370600220044e19143a86773923973e37872bd19c77d84561956cebbacb8d136b17a6a3f1f75bff202ccf32a517a3f345b9bfb4e723f1c47f","ssdeep":"","tlshash":"f9f0f6a65274a0c3950a4b983e8c31c2219673f53d4950fd711d1224595c3de7c92d1a","first_seen":"2023-05-08T15:08:59Z","last_seen":"2026-04-05T02:40:44.076335Z","times_seen":218,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/uploads/2023/11/cryptocurrency-icon-y.png","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:49.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/uploads/2023/11/cryptocurrency-icon-y.png HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 331433\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nETag: \"671e37a2-50ea9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":331433,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15658 x 681, 8-bit/color RGBA, non-interlaced","md5":"d18de3c4078807499999ced9f2323952","sha1":"26e15ba4501914e12a31ff4b0873ea7bb200e580","sha256":"c0c714836d066d67aa8c3d4bae9f71cb9e6a532cd5c9fa9ae98ab9a5c91c8a91","sha512":"61c0d71e42096a817cb887d8376aa9e7162e63cabe307b2e5e07148f5fb36d5696e3094c9f0057ef74ff5c52eb94d1b9566eda63a3d5499addde348439a6aec3","ssdeep":"6144:9oHMw0z3j6VDTqY/KhfJzbfXnE9O6268dxxQ72LIdcMvdmESRiq86sXH:9oaqaY/KhfZ/nXv9I1dmESRFxs3","tlshash":"876423b7a8943c47fc61097868067cbb04f6d636b06d0c95584c32e86198be5ef6fb8d","first_seen":"2024-01-16T06:52:05Z","last_seen":"2025-12-22T00:11:41.271909Z","times_seen":56,"resource_available":false,"data":null}},"time_used":9569,"timings":{"blocked":2600,"dns":0,"connect":0,"send":0,"wait":4285,"receive":2684,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-17T09:18:40.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:42 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Mon, 02 Jun 2025 23:19:10 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"683e316e-28ce9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Mailcheck:2.0.16","description":"Mailcheck is a JavaScript library designed to address the issue of misspelled email addresses during user input.","website":"https://github.com/mailcheck/mailcheck","common_platform_enumeration":"","icon":"Mailcheck.png","categories":["JavaScript libraries"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"GeneratePress GP Premium:2.5.0","description":"GP Premium is a premium add-on plugin for the GeneratePress WordPress theme.","website":"https://docs.generatepress.com/article/installing-gp-premium/","common_platform_enumeration":"","icon":"generatepress.png","categories":["WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"GeneratePress","description":"GeneratePress is a lightweight WordPress theme that focuses on speed, stability, and accessibility","website":"https://generatepress.com","common_platform_enumeration":"","icon":"generatepress.png","categories":["WordPress themes"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"WPML:4.6.13","description":"WPML plugin makes it possible to build and run fully multilingual WordPress sites.","website":"https://wpml.org/","common_platform_enumeration":"","icon":"WPML.svg","categories":["WordPress plugins","Translation"]}],"data":{"size":167145,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (28827)","md5":"cd8dc00509ffd97ed20a6159972ba15e","sha1":"27d8c92872839ed9540c96d09d9747d1e5dcbf44","sha256":"577b10879bd7eab9e3ae91f981328406fdf1228d5c0a80c4342ccda2b0b35dc7","sha512":"3a62f9bc776644be1d84c46fe6d7aa7c529f9bedcf9db79fae1faf50cd2b7f0afca2d5ef8f272f7efac73c809430b1c59df54855f75c511c12853158a89e6aa8","ssdeep":"3072:+rpVjWag3ZF0y6ec4cwB/5bouYP0mjgY5x4AUD9xMpCfB6:+du2w8","tlshash":"46f32b718b12243e7533a2ec628a77287285854ece1a43daf5fdc31ac7c6df0b871959","first_seen":"2025-10-17T09:19:10.13541Z","last_seen":"2025-10-17T09:19:10.13541Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3396,"timings":{"blocked":707,"dns":28,"connect":17,"send":0,"wait":1980,"receive":1,"ssl":659},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:46 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-faf\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4015,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4014)","md5":"4950423c548a646372ae58f7bbe67d1f","sha1":"f54943150a9cc3db37bba49e9abb8f1206b8b12b","sha256":"ab69f8053e420d7f3c043b55a1bfebd9981ccf92c21b4fd823031ab51967323a","sha512":"d5a096ca163c2767e6740c62681b3b6b0ac6f0e8bf2dc782beb956f81272d5ff49eb05d45231ab2e932a1c49602cca77a6be1f7c645b0f14d74111a4605e7d99","ssdeep":"","tlshash":"cf814051a2a12ca599b060dd388fb445a47aec252b8cecf8f654aca15e3471070fbced","first_seen":"2023-03-07T12:02:36Z","last_seen":"2026-03-29T09:59:13.257859Z","times_seen":457,"resource_available":true,"data":null}},"time_used":4035,"timings":{"blocked":2082,"dns":0,"connect":0,"send":0,"wait":1952,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:52.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:55 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-867\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2151,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"974c06c22e80fbf8fc59a64946494b43","sha1":"6f25ac4d1108e81458e684ff3cd2fdbd8ac32786","sha256":"1e4455cdccea0ee7e1e5d9e13c5b2be8b964c3012341201f22092952036489a7","sha512":"d8374ac71bcba7cca5bc8707297280283110adb04814c30e369d0e7a1c3c3a1a77487bb4b7090aa485ead581de29abdc3b94d987784caf37b580d158e2f7f814","ssdeep":"","tlshash":"0a41e115ca058d6b0a81009ab8a9365773a5509b8d9d381dbb28136e0fded6f22772bc","first_seen":"2024-01-29T05:49:51Z","last_seen":"2026-03-28T10:51:06.26075Z","times_seen":292,"resource_available":false,"data":null}},"time_used":3727,"timings":{"blocked":217,"dns":0,"connect":0,"send":0,"wait":3510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.immediateserax.net/","fqdn":"www.immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"104.21.84.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-17T09:18:39.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Oct 2025 13:28:36 GMT","end":"Sat, 03 Jan 2026 14:26:14 GMT"},"fingerprint":{"sha1":"5B:1F:A3:96:1D:90:90:E5:7A:41:E3:07:AE:08:95:16:EE:CC:29:63","sha256":"1D:25:24:89:63:14:29:82:95:8D:91:CA:FC:93:19:0A:7B:BC:CA:C2:EF:B5:DA:64:C9:BF:A8:6A:89:4F:68:94"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Fri, 17 Oct 2025 09:18:40 GMT\r\ncontent-type: text/html\r\nlocation: https://immediateserax.net/\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MSMKKKXLXrKKLhlNBspyiTuORwTCnYbLPRkqZp3b%2BpP2x%2BkKubbpZAaxgMztheBsInWeF7X%2FavQr3tsUvhxViHBdHOMqOGaE48xFqKUkgDPhGFOgs64%3D\"}]}\r\ncf-ray: 98feb5b7ef173181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":167145,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":1277,"timings":{"blocked":257,"dns":16,"connect":1,"send":0,"wait":764,"receive":0,"ssl":237},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"www.immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-102\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":258,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"886011711ae972cd8472eef5eba5c298","sha1":"6e52e59dfcbe911b4ab1a69036e1e3b930030c7e","sha256":"4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274","sha512":"5e17e37f001b253f9d78cfb212966299d30f99494a36580447d2a420a19c32f0d7c629e3081b9a7a8c5d63ac263a47fd907ad24c9642a66558c790d2f4b6b4d6","ssdeep":"","tlshash":"c2d05e50cad26638e812a055188843712bc01f28cf9297036e1b2b2fd81636bd8b34b0","first_seen":"2023-04-06T22:11:30Z","last_seen":"2026-04-06T10:13:56.717563Z","times_seen":13870,"resource_available":false,"data":null}},"time_used":2670,"timings":{"blocked":497,"dns":1,"connect":23,"send":0,"wait":1603,"receive":0,"ssl":539},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.w.org/images/core/emoji/14.0.0/svg/231b.svg","fqdn":"s.w.org","domain":"w.org","tld":"org"},"ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.w.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 19:44:40 GMT","end":"Tue, 25 Nov 2025 19:44:39 GMT"},"fingerprint":{"sha1":"1F:8D:28:3F:BE:E3:7F:80:0F:AA:45:06:98:87:1D:E9:CA:E1:11:4F","sha256":"AD:CC:CD:64:B6:6F:C9:5B:27:CA:75:DA:4D:1D:57:41:30:6E:12:A2:0D:2E:E8:69:49:40:DD:EE:56:9E:7F:9E"}}},"request":{"raw":"GET /images/core/emoji/14.0.0/svg/231b.svg HTTP/1.1\r\nHost: s.w.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 17 Oct 2025 09:18:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 19 May 2025 11:40:17 GMT\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 12\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":688,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fcff6ac673eb2d32ef5a49818d9572da","sha1":"ac8067d1221ae5a34ab656df64836ea0e1cbd06b","sha256":"044160ca4463e342fa8979dc8ebd9c84c03fb0403d12e606412595637b5723b8","sha512":"d9627277cb6faab205a7a4a439e45cfae5b60eb6356ae2c9a9bceb8055a6015bfa8131a6ed94f6f6059d405a7f285656160eb6d5e93eddd476409f8e81a72f69","ssdeep":"","tlshash":"ea01f4f8e77850554967799d3edf77c5401b3134010885c7e1d8defcb7856a97816504","first_seen":"2023-08-06T07:00:14Z","last_seen":"2026-04-06T07:36:45.594564Z","times_seen":506,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.w.org/images/core/emoji/14.0.0/svg/1f4b1.svg","fqdn":"s.w.org","domain":"w.org","tld":"org"},"ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.w.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 19:44:40 GMT","end":"Tue, 25 Nov 2025 19:44:39 GMT"},"fingerprint":{"sha1":"1F:8D:28:3F:BE:E3:7F:80:0F:AA:45:06:98:87:1D:E9:CA:E1:11:4F","sha256":"AD:CC:CD:64:B6:6F:C9:5B:27:CA:75:DA:4D:1D:57:41:30:6E:12:A2:0D:2E:E8:69:49:40:DD:EE:56:9E:7F:9E"}}},"request":{"raw":"GET /images/core/emoji/14.0.0/svg/1f4b1.svg HTTP/1.1\r\nHost: s.w.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 17 Oct 2025 09:18:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 26 May 2025 14:09:18 GMT\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 12\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1343,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"da56d5c7e4409c0c1640ff6ba21ec1ad","sha1":"f92fd6702f362271e7d6b6e567cdc1b68e3a874c","sha256":"6bd48d4d420443d50c0983ae812ef74aeacbdff22a5dec6922bdecc233cba651","sha512":"223d8c6ed39fdab300147e6509d30476230763ccf15ea145bb6cc0cb2e1456a7af1b8adc1134607cb0dd37eb4cce40f369ff287562444aeb19999edaa3cc751e","ssdeep":"","tlshash":"8821cec85b70c28c55e2fdc6efa66a64294fb4f8c98f80f6419a8f4d22879c5d94dc80","first_seen":"2023-05-28T16:07:12Z","last_seen":"2026-03-27T14:41:48.920457Z","times_seen":65,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":7,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:52 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-2e1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":737,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (737), with no line terminators","md5":"5fc35421139ef9851bc72d3edb90cfba","sha1":"0091cadf005c865d7c4ef093fac9d35566fd1e48","sha256":"3310986e26439bd35318188bd35b0c326bd3334e6699ca0469fd4f0b7d497098","sha512":"0fda88fda5b8a67c7b750712da3543e4572cb89565284cf1cbffb1ec0927f21626ff78d6fe9fa4ac13ce9f780ddc0c36ca46fedeb1c2e7f754573d7acddc7432","ssdeep":"","tlshash":"0401d0fd1190553514fb8695739fbf41393120a686039411812ccca0f5a8ce7f912bc7","first_seen":"2024-09-02T00:59:07Z","last_seen":"2026-04-06T09:25:22.290971Z","times_seen":2875,"resource_available":true,"data":null}},"time_used":8954,"timings":{"blocked":5959,"dns":0,"connect":0,"send":0,"wait":2995,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"immediateserax.net/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0","fqdn":"immediateserax.net","domain":"immediateserax.net","tld":"net"},"ip":{"addr":"212.92.105.101","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://immediateserax.net/","date":"2025-10-17T09:18:43.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"immediateserax.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 13:24:40 GMT","end":"Sat, 10 Jan 2026 13:24:39 GMT"},"fingerprint":{"sha1":"D2:8F:28:4A:95:DB:4A:F6:B5:A5:C1:D4:C0:C9:83:6D:19:2C:F2:92","sha256":"FB:8D:D9:D1:2A:AC:70:5C:98:29:8E:8C:35:54:70:26:39:F2:60:17:AE:40:5F:6D:51:93:DF:FA:D9:3A:94:95"}}},"request":{"raw":"GET /wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0 HTTP/1.1\r\nHost: immediateserax.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://immediateserax.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 17 Oct 2025 09:18:51 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Sun, 27 Oct 2024 12:52:50 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"671e37a2-50f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1295,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1295), with no line terminators","md5":"443de93866d65f762354c9446ad8b366","sha1":"19e310996d2549b6ad99f17dc800799571472aec","sha256":"90a82d38c851758d27264c3808c81e7e52e4b04e03f5adb29e0e5df5021fa4b1","sha512":"f1dde58ab3c4773a4cb2d99a75dc8baef2c5bb80ef74d8ce342e381165a56fa2605a3a3920ae37ef86d837b75fbcf1882de7360b9ab389fef22bce51fa0b9fee","ssdeep":"","tlshash":"54218fc0b44c13f9127f73cab4b3da20345b9025f7b136095f0264b92c6a5a4e73a957","first_seen":"2023-03-07T13:18:58Z","last_seen":"2026-04-06T01:23:25.286399Z","times_seen":601,"resource_available":true,"data":null}},"time_used":8447,"timings":{"blocked":5677,"dns":0,"connect":0,"send":0,"wait":2770,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-17","alert":"Sinkholed","trigger":"immediateserax.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}