{"report_id":"e967d553-309e-4ca8-8b5d-ed236aced137","version":6,"status":"done","tags":[],"date":"2026-01-20T00:59:43Z","url":{"schema":"http","addr":"lift-9-whatsapp.herokuapp.com","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"3.209.172.72","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"title":"WhatsApp","dom":{"size":13992,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (976)","md5":"dd88a5b5b7aab7ef79e34e9da4757dab","sha1":"42ed0423f6ad848dd321ce7e6eea6fce777dc5bf","sha256":"df6aac797f22f7f91722152cc1014a26958acac2821e5fb3ad64ebb96f9b8e8d","sha512":"3375e9ee95bbfefbd37ecec8c1e918a43634848d6cb3f8a5d6b5ff5a201c944a87ca785bb4980c99242f15c7c21b69f060ac16f55fd77eecf5115d04d82231ea","ssdeep":"192:rMVu1PxsZB1xqwm57r3yypuQgGS9YGE+B8ZD8IK8CUEy7:YYs2r3cFTEoYeW57","tlshash":"ed52b612e2aa283b512f54edb9229b5a3193828fd70a0d7477fd03f5afc9db176211c0","dom_hash":"domhash3b3c8304498c2a5bb9a177048391e0c4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lift-9-whatsapp.herokuapp.com","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"3.209.172.72","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-24T00:59:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-18T22:30:25.777558Z","alert_count":0,"request_count":2,"received_data":218771,"sent_data":1082,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"lift-9-whatsapp.herokuapp.com","ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2010-09-19","domain_rank":0,"first_seen":"2025-11-30T03:34:28.085536Z","last_seen":"2026-01-20T00:35:40.432697Z","alert_count":42,"request_count":14,"received_data":849472,"sent_data":8417,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-01-18T22:51:50.191561Z","alert_count":0,"request_count":1,"received_data":90462,"sent_data":458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-18T22:17:29.309663Z","alert_count":0,"request_count":1,"received_data":4564,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad4db42d04f54da492bdcf0cc02086c0","sha1":"42519940244b2741138dbc6f8ec7447c25856117","sha256":"17fd30ab825f358ab91c81a15613e84c87ae917ade1d836c7b7c970490cfe670","sha512":"4a722fcadbc2222686a5400ec6f1e1a2e8505feb20dd7c3f5fb35d29364f56809db99626d8d64835a9d0761c475309e51f8fd16e64101287dd25b6b8911f3bc0","ssdeep":"","tlshash":"7201af23e2751431127fb1eed96713e42a90420cf56354bdb68f82542e6b0a5b3234dc","size":837,"data":"","first_seen":"2025-07-22T04:13:16.139087Z","last_seen":"2026-04-23T23:27:32.723908Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8cc54f5b582309a49a4dcc98c12ac635","sha1":"db2e0e6e243386ed563bba6349e24f7829d78bdb","sha256":"4c3fac3bc28aa61aef4da1c863bd567f1aa017901aa0b42dff32bc711eda7627","sha512":"6aca2bf1dba3c522139d9744a004d1f6b9b224c80f844dd8d727a736abaf47cbbb6e267ed2d71ffa3518c9ccd86ddd26896a06427496192401786ed7858c4794","ssdeep":"","tlshash":"51311049027207369d9f209da31707ad7221820ff5c08485b79e57ac7f91f627d71aca","size":1727,"data":"","first_seen":"2025-07-22T04:13:16.152082Z","last_seen":"2026-04-23T23:27:32.724979Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/socket.io.js","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e58246b00ec1a9b307d4fd2a8b68afd6","sha1":"21ab9f9e0a1c683f51c1f0cbca3b6baa074b2ec2","sha256":"238040837b5172381b31d5721c7ff8993bdb761be29547b503e3a9b4e14c0f13","sha512":"f011f11c32ec387c7e7e522b4340eb65c79aecc907a9153919b4c799b7733119c06a8088919f7b3ea65c5c990a65c90c321a9fa1e68913e0cd515bb2a10b0edd","ssdeep":"3072:GLTygHMCO2KsFpWw0axSNZiXym7dSBg18FEEaLH32emV/8fkmh0KbhEGtkSWq:GLTyTX1sFpWw0ayBgaEEaLH32emV/ak0","tlshash":"81e35f49aaf72151917330398bafa045f239d01b220ace443d1cd7f49f65b3897a6fe9","size":154232,"data":"","first_seen":"2024-12-14T23:53:09.636549Z","last_seen":"2026-06-08T19:03:01.3542Z","times_seen":574,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-08T23:11:21.536947Z","times_seen":249850,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/bootstrap/bootstrap.min.js","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"74bf0b4113fa490755bd01a67b0fa165","sha1":"e39df4427325284c6644f878fb130d2dcfe01d42","sha256":"f02adbf93ba70626c51153a6c6517507c7d4726cc5eb8a38664518ce070170de","sha512":"0cc6f6cdcd1d4c541a17ca977e4f62cfafe0f283a63c661fd3ec76579322f75c13887683f46d78781b79fe8c63d2b107c9279c166b40424ba460e6eb0ff8ac02","ssdeep":"1536:imX/UkkBQoVAI/BueciWDT7WZo9/0Ul41bSLdfyrQA9A6CHGNt897v/mt7vepFNw:QQoqN7f4rO6GKNjt+gZAXfXGjzD","tlshash":"67d3724a32f774364157b07a8a2fc50bb235a497668be9083d5c42dc5f5c83867f2fa8","size":131669,"data":"","first_seen":"2024-08-19T14:58:36.703573Z","last_seen":"2026-04-23T23:27:32.71398Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/bootstrap/popper.js","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c21516c38ccd46f840cd8be0e2b49aa","sha1":"89d91179f8483b26d60c51d9c623d5042b6d7d31","sha256":"13c7214bc737448b066a1f52ea2792d87ced5cd26ca79c5b4d78d302882b8534","sha512":"b7a479dd97b81da25969c82397c644bddaf8a33f3ccda37377bb3d0494e71ec77c8df4ae1a0a8cb678fa417eb73155e372e003e9dee27d699b4cafdba5ae529d","ssdeep":"768:RwBNYb0rb99AD/n4lWHQUnXoYwFxsfkuVpp7YFS9Po6G49wjWbcNPAiy:eB59AD/48tnYYwFxsfkuVpp78S9PBG4v","tlshash":"9a133f8969e270355527f1bd462fd1183632551b0e89fd013d8c92a44fac83cabbafdd","size":44870,"data":"","first_seen":"2025-10-26T01:57:43.510241Z","last_seen":"2026-04-23T23:27:32.715044Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6ea11529c7a6764434ad1efe79630ed5","sha1":"e43b9f782f9a2c06d0c30bd558193f832c5eac0d","sha256":"6e4ce5e579078084e2b07ec4dee7c5cc498b57571facf270f78b4e86f66a43af","sha512":"1b23a425b426919296c3933c5540d8daa59f8b971be7f5f1e203783ba582e040f79703b5b686838fc6aaf97063a3a1f6641f5df97659bdf78f948efc07c75d8f","ssdeep":"","tlshash":"fc41014dbeff1a21413730379e7f940e3e7e028f0509cd627aac0ad05f09a5ca596784","size":2101,"data":"","first_seen":"2025-07-22T04:13:16.162172Z","last_seen":"2026-04-23T23:27:32.725981Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/images/whatsapp-logo.ico","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /images/whatsapp-logo.ico HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nContent-Length: 29329\r\nContent-Type: image/x-icon\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nEtag: W/\"7291-19ac7576d78\"\r\nLast-Modified: Thu, 27 Nov 2025 22:03:07 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":29329,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 588 x 588, 8-bit/color RGBA, non-interlaced","md5":"9ab74f3542848d0c05a352460741863a","sha1":"5e824196224934f9de064c635fbdb8ce7a309166","sha256":"d983e2bd18cbbac9bfdfaf487ce7c65c0cc4320a9cf6d174b01f7c65d1f251af","sha512":"c10fa0abbcbf5ed72c9331df960a9dd6c09497e68b994f7b2f1d1acdb58bf8a87e83c4f3ea49e513c635e2b7fa15f62a6936bea6e5744a09e0a74952c3a87c72","ssdeep":"768:EyFpZ/LvisvGt1ppfOGMIKEztCs5PtPJYm9i3v:VF7/JGt1p1vss5BJ39i3v","tlshash":"58d2e1e1f5960d2d54032b7a81e8398779e342938457e7c66593e2cec3073ae7260a9e","first_seen":"2024-08-19T14:58:36.711179Z","last_seen":"2026-04-23T23:27:32.722172Z","times_seen":24,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/?EIO=4\u0026transport=polling\u0026t=vzcfe7ob\u0026sid=FM5rJX5dV2atdMJZAABO","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"POST /socket.io/?EIO=4\u0026transport=polling\u0026t=vzcfe7ob\u0026sid=FM5rJX5dV2atdMJZAABO HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 11\r\nOrigin: https://lift-9-whatsapp.herokuapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":11,"data":"40/sockets,"}},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store\r\nContent-Length: 2\r\nContent-Type: text/html\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-08T23:17:47.135494Z","times_seen":423639,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:14 GMT","end":"Tue, 03 Mar 2026 17:10:13 GMT"},"fingerprint":{"sha1":"EC:AE:DB:3F:30:AD:2E:C9:C6:A5:F6:31:5D:CB:EF:06:6D:B3:2B:E0","sha256":"37:8C:B2:95:4D:4C:79:2C:79:EA:6C:AD:61:E9:E6:30:41:EA:A4:C6:D4:10:5F:FE:3B:CA:18:F3:AA:FE:CF:F0"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 15 Jan 2026 21:25:19 GMT\r\nexpires: Fri, 15 Jan 2027 21:25:19 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 358443\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89476,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-08T23:11:21.536947Z","times_seen":249850,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":97,"dns":0,"connect":16,"send":0,"wait":17,"receive":17,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/bootstrap/bootstrap.min.js","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /bootstrap/bootstrap.min.js HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nContent-Length: 131669\r\nContent-Type: application/javascript; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nEtag: W/\"20255-19ac7576d78\"\r\nLast-Modified: Thu, 27 Nov 2025 22:03:07 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":131669,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (609)","md5":"74bf0b4113fa490755bd01a67b0fa165","sha1":"e39df4427325284c6644f878fb130d2dcfe01d42","sha256":"f02adbf93ba70626c51153a6c6517507c7d4726cc5eb8a38664518ce070170de","sha512":"0cc6f6cdcd1d4c541a17ca977e4f62cfafe0f283a63c661fd3ec76579322f75c13887683f46d78781b79fe8c63d2b107c9279c166b40424ba460e6eb0ff8ac02","ssdeep":"1536:imX/UkkBQoVAI/BueciWDT7WZo9/0Ul41bSLdfyrQA9A6CHGNt897v/mt7vepFNw:QQoqN7f4rO6GKNjt+gZAXfXGjzD","tlshash":"67d3724a32f774364157b07a8a2fc50bb235a497668be9083d5c42dc5f5c83867f2fa8","first_seen":"2024-08-19T14:58:36.703573Z","last_seen":"2026-04-23T23:27:32.71398Z","times_seen":24,"resource_available":true,"data":null}},"time_used":968,"timings":{"blocked":290,"dns":1,"connect":98,"send":0,"wait":188,"receive":188,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/bootstrap/popper.js","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /bootstrap/popper.js HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nContent-Length: 44870\r\nContent-Type: application/javascript; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nEtag: W/\"af46-19ac7576d78\"\r\nLast-Modified: Thu, 27 Nov 2025 22:03:07 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":44870,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"5c21516c38ccd46f840cd8be0e2b49aa","sha1":"89d91179f8483b26d60c51d9c623d5042b6d7d31","sha256":"13c7214bc737448b066a1f52ea2792d87ced5cd26ca79c5b4d78d302882b8534","sha512":"b7a479dd97b81da25969c82397c644bddaf8a33f3ccda37377bb3d0494e71ec77c8df4ae1a0a8cb678fa417eb73155e372e003e9dee27d699b4cafdba5ae529d","ssdeep":"768:RwBNYb0rb99AD/n4lWHQUnXoYwFxsfkuVpp7YFS9Po6G49wjWbcNPAiy:eB59AD/48tnYYwFxsfkuVpp78S9PBG4v","tlshash":"9a133f8969e270355527f1bd462fd1183632551b0e89fd013d8c92a44fac83cabbafdd","first_seen":"2025-10-26T01:57:43.510241Z","last_seen":"2026-04-23T23:27:32.715044Z","times_seen":20,"resource_available":true,"data":null}},"time_used":888,"timings":{"blocked":294,"dns":1,"connect":100,"send":0,"wait":97,"receive":190,"ssl":202},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Raleway:800|Merriweather+Sans|Share+Tech+Mono","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:07 GMT","end":"Tue, 03 Mar 2026 17:10:06 GMT"},"fingerprint":{"sha1":"82:59:95:33:5E:76:7F:3E:5B:45:F4:CA:83:29:7C:B2:19:B0:A5:C0","sha256":"A1:28:19:D2:C4:EA:69:3E:6D:8D:7A:20:FC:3E:A6:13:BA:59:C5:9C:DE:7D:D1:25:3D:35:68:98:FC:47:82:9D"}}},"request":{"raw":"GET /css?family=Raleway:800|Merriweather+Sans|Share+Tech+Mono HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 20 Jan 2026 00:59:23 GMT\r\ndate: Tue, 20 Jan 2026 00:59:23 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3878,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"bc8cb68fb175a5bce9337a66878e23f9","sha1":"d3606d121e44e32f68d82a69188933027b9cc235","sha256":"a77074ccb042bcd77b9dc8c785816449c053cb0ae993e5646d767ad97dcd8fa1","sha512":"37afc23c98ea06a3f245c173b0a372e6d8981f27407442ecff7d84c9cb4ec9a9a992bfcdddf2d5c0778c569d3bc37ccf2c0d6b81cf1a3ddcf03a40fc649b5933","ssdeep":"","tlshash":"768101a109279014a7431ec563ce7d32dd4e616170469475effe18e8ec9bc3a2365b1d","first_seen":"2025-09-26T03:00:45.21787Z","last_seen":"2026-04-23T23:27:32.709279Z","times_seen":22,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":74,"dns":0,"connect":20,"send":0,"wait":32,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lift-9-whatsapp.herokuapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 20 Jan 2026 00:59:23 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 130648\r\ncf-ray: 9c0aa100ad0e4c11-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.11.2\r\nx-jsd-version-type: version\r\netag: W/\"1fe58-nZX2/jVUC2AihMnyv6Z9K0ZESPc\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220068-FRA, cache-bma-essb1270036-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 2328277\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bcFet6kZ2YcaTN1oeGkdv%2F2s3z8y%2FZTjZvSi5cvcRT31smLrJex80pg1Wm4%2BMrq30InD3RYm4Shr2h0LMBI2NAQIidSPXnhLWZGy%2BAw%2FLE103ncAcaHFJ3vrYhrfGJGrQqY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130648,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 130648, version 1.0","md5":"3646a39b6ef5417f27519bada8bbf786","sha1":"9d95f6fe35540b602284c9f2bfa67d2b464448f7","sha256":"5b2dd4d4f81cd1f52a50b0833ea12c8f63f2c4ae4d2c5a799fcc741feb2ea40f","sha512":"296fb57cfa9ed042779c87e6a4d7ce497373fa771a8569ff3ef9965665fc1914751f98f9d017c0b6c11730385ac8ba8c49331ea2cb5b7825edfc84a434a26e3d","ssdeep":"3072:3z881cKGXVE0mypqDZchZ/kWMi+4XR0mE8gtX9qQGBDwnWalHAan:z+VRmypUGd+CctX9g3aSa","tlshash":"d6d3120e6b7c8c6f9851a32475ce4e5acf6defca6216cd35ae8c31e260034985dd4eb1","first_seen":"2023-11-27T20:20:44Z","last_seen":"2026-06-08T10:05:38.151312Z","times_seen":880,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":9,"dns":1,"connect":0,"send":0,"wait":8,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/css/styles.css","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /css/styles.css HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nContent-Length: 37445\r\nContent-Type: text/css; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nEtag: W/\"9245-19ac7576d78\"\r\nLast-Modified: Thu, 27 Nov 2025 22:03:07 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":37445,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (307)","md5":"a132d5005e77afd6d530f87dc6f5c0a2","sha1":"39ef6ad2f5d076c1c4a457bee16b4b9b89ae82fc","sha256":"2d1d625a209d01c1d8c5004100a961cbfdbcda2fcff4a97c58dd9e41c6465bd6","sha512":"32fba5a9e3981353c8159674f89ce31e6cfbc9c15271658bfbbd137aa93a4ebcd914a612811772af5ed9e9e645fe2fb49851e03c318a407df7ac3bb18cbe0609","ssdeep":"768:ygqg6Bg4XrNMTNnokji+o0mutR70mutRLnXiInqTxdpfF1GFcIaXX:ygqg6S4XrNMTNnokji+o0mutR70mutR6","tlshash":"0ef25552ab9318477417916c2fe797d133698003820add7a3bdd7388cfda2e8d5b2798","first_seen":"2025-07-22T04:13:16.068752Z","last_seen":"2026-02-11T02:13:09.184389Z","times_seen":17,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":282,"dns":0,"connect":93,"send":0,"wait":188,"receive":1,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/socket.io.js","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /socket.io/socket.io.js HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: public, max-age=0\r\nContent-Encoding: gzip\r\nContent-Type: application/javascript; charset=utf-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nEtag: \"4.8.1\"\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":154232,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"e58246b00ec1a9b307d4fd2a8b68afd6","sha1":"21ab9f9e0a1c683f51c1f0cbca3b6baa074b2ec2","sha256":"238040837b5172381b31d5721c7ff8993bdb761be29547b503e3a9b4e14c0f13","sha512":"f011f11c32ec387c7e7e522b4340eb65c79aecc907a9153919b4c799b7733119c06a8088919f7b3ea65c5c990a65c90c321a9fa1e68913e0cd515bb2a10b0edd","ssdeep":"3072:GLTygHMCO2KsFpWw0axSNZiXym7dSBg18FEEaLH32emV/8fkmh0KbhEGtkSWq:GLTyTX1sFpWw0ayBgaEEaLH32emV/ak0","tlshash":"81e35f49aaf72151917330398bafa045f239d01b220ace443d1cd7f49f65b3897a6fe9","first_seen":"2024-12-14T23:53:09.636549Z","last_seen":"2026-06-08T19:03:01.3542Z","times_seen":574,"resource_available":true,"data":null}},"time_used":781,"timings":{"blocked":288,"dns":1,"connect":97,"send":0,"wait":194,"receive":1,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/?EIO=4\u0026transport=polling\u0026t=vzclmxgy\u0026sid=FM5rJX5dV2atdMJZAABO","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=vzclmxgy\u0026sid=FM5rJX5dV2atdMJZAABO HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store\r\nContent-Length: 1\r\nContent-Type: text/plain; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:24 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"very short file (no magic)","md5":"1679091c5a880faf6fb5e6087eb1b2dc","sha1":"c1dfd96eea8cc2b62785275bca38ac261256e278","sha256":"e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683","sha512":"3c9ad55147a7144f6067327c3b82ea70e7c5426add9ceea4d07dc2902239bf9e049b88625eb65d014a7718f79354608cab0921782c643f0208983fffa3582e40","ssdeep":"","tlshash":"c700000000030000c00000300000000000000000000c00000000000000000000000000","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-06-08T22:04:31.406919Z","times_seen":11612,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":397,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-20T00:59:21.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 13964\r\nContent-Type: text/html; charset=utf-8\r\nDate: Tue, 20 Jan 2026 00:59:22 GMT\r\nEtag: W/\"368c-cM9t7YPMytyMprSlrAL5ZLSB4bg\"\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=JJpvu1kjdGzzmkW98W9uHWJYkpN7EmvjtduRv3%2Bxb9E%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870762\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=JJpvu1kjdGzzmkW98W9uHWJYkpN7EmvjtduRv3%2Bxb9E%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870762\"\r\nServer: Heroku\r\nSet-Cookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk; Path=/; Expires=Tue, 03 Feb 2026 00:59:22 GMT; HttpOnly\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}],"data":{"size":13964,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (991)","md5":"b60d375c0d6b05e829475d0843f43662","sha1":"70cf6ded83cccadc8ca6b4a5ac02f964b481e1b8","sha256":"4bcdb6f1530fe4929338e534cd59fbad40e0fef143a6d1ea0848676055883c15","sha512":"4b63ce4dd00c11d003e4f57370d4dc8c57c0469c42199a0ab5ee2aea34ddee901fc9c4d9fc7a020ba15ed70a9bca50a4fc152458481d2893e4795a8e96b32dd3","ssdeep":"192:fMVu1PxsZB1xqwm57r3yypuQgGS9YGE+gO5yOodOifEz7:EYs2r3cFTEzNTjO7","tlshash":"8b52b712e2aa283b512f54eda9229b5a3193838fd70a0d7477fd07f5afc9db176211c0","first_seen":"2026-01-20T00:35:41.226779Z","last_seen":"2026-01-20T01:35:45.887473Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1031,"timings":{"blocked":293,"dns":3,"connect":94,"send":0,"wait":329,"receive":116,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 20 Jan 2026 00:59:22 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 13383\r\ncf-ray: 9c0aa0fb6a291a30-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.11.2\r\nx-jsd-version-type: version\r\netag: W/\"14f73-wWZNzb4R2mi5w7Y2OzwjrENE1No\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230067-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 497818\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mgk4TdNA%2BRWwR62nl5rAQ0fSNWO2yBXush6OIYwOe5UL7mDKWMmtKCLdhBVnPNiF0nBl2uM8mexkCDf%2F2URxxBGyPJC9U73ekv5MFloHqezebVqGRcG%2F%2BbUW7shhGf6%2BSTI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85875,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65354)","md5":"da9ff512cdd9f6c89e8a4e0eff2011aa","sha1":"c1664dcdbe11da68b9c3b6363b3c23ac4344d4da","sha256":"483e1bf6ead25d54b37456cf0e51ea0220d9de03ef6ba2a2d8c3f34a4bc34c17","sha512":"0f5962112deebc3a4fae093bbd747f851fecba41a7ec4b43584cafa5d2ecc9a95062aeafe9852c4d426692eec1e2b72e436d6b7f451392cc368bfd8f7636ddde","ssdeep":"768:LPcr8JUkZrpULKt4bDcf3oQpeqfZs0BWeUz5+XIHx5qkgwTz:TrpEKt4moUeqfZbc5+XIHZz","tlshash":"5a83fbe8e18d05e8f372c49faf42675e31aafa3cd5811c68f14a112d5ac16650ac7fb8","first_seen":"2023-11-27T17:55:42Z","last_seen":"2026-06-08T10:05:38.250114Z","times_seen":478,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":11,"receive":3,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/?EIO=4\u0026transport=polling\u0026t=vzcc6zji","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=vzcc6zji HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store\r\nContent-Length: 118\r\nContent-Type: text/plain; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":118,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"28ba50b1e685ae4e4eabfa1ff7aede28","sha1":"c35395e4943a8fbb37f10ce4c763a7dbcf9a08ca","sha256":"a424df6500a7b2de5e4202d1b28e88d14d0e9983b84947b75e3711160626895e","sha512":"748dcd1347b43f9eae87a8a50562321bbba91cdf7de87ecf95da2ff93102dfcaca1573dd76c583a5fa840093f4890a48fecae63aae6766c707fe8c08fab2430c","ssdeep":"","tlshash":"23b09bc4415d96c5e960778071f39d150954745f99c5557c2124048c85475102012b9b","first_seen":"2026-01-20T00:59:45.589212Z","last_seen":"2026-01-20T00:59:45.589212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/?EIO=4\u0026transport=polling\u0026t=vzcfgta3\u0026sid=FM5rJX5dV2atdMJZAABO","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=polling\u0026t=vzcfgta3\u0026sid=FM5rJX5dV2atdMJZAABO HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store\r\nContent-Length: 41\r\nContent-Type: text/plain; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9127dff27715807387d6a3fa9a44ada1","sha1":"91382f1fea2ae7a27a9f0797d90351d98b816081","sha256":"cfc25c7206c880dea024e7042495d7a3c5732a5e150f5bed8b06836fa7aeaa84","sha512":"2f9299df9d496e5abef4b7831d45f63974d90f2b35b6d45fa1a2932df9a6d1d14772718d140653170cdfe12b122e23552b33c2ca4f1dfe488e877ad10a257da9","ssdeep":"","tlshash":"3190040c113134157d10570f00734c37d0c04f45f3570f47011c04c00d41450f440c40","first_seen":"2026-01-20T00:59:45.590336Z","last_seen":"2026-01-20T00:59:45.590336Z","times_seen":1,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/socket.io/?EIO=4\u0026transport=polling\u0026t=vzclnxwy\u0026sid=FM5rJX5dV2atdMJZAABO","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"POST /socket.io/?EIO=4\u0026transport=polling\u0026t=vzclnxwy\u0026sid=FM5rJX5dV2atdMJZAABO HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 42\r\nOrigin: https://lift-9-whatsapp.herokuapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":42,"data":"42/sockets,[\"join\",{\"room\":\"devices:all\"}]"}},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-store\r\nContent-Length: 2\r\nContent-Type: text/html\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-08T23:17:47.135494Z","times_seen":423639,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/images/whatsapp-background.png","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"54.243.238.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /images/whatsapp-background.png HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nContent-Length: 169646\r\nContent-Type: image/png\r\nDate: Tue, 20 Jan 2026 00:59:22 GMT\r\nEtag: W/\"296ae-19ac7576d78\"\r\nLast-Modified: Thu, 27 Nov 2025 22:03:07 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=JJpvu1kjdGzzmkW98W9uHWJYkpN7EmvjtduRv3%2Bxb9E%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870762\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=JJpvu1kjdGzzmkW98W9uHWJYkpN7EmvjtduRv3%2Bxb9E%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870762\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":169646,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 550 x 999, 8-bit/color RGBA, non-interlaced","md5":"f42c7352db007db20a03b55d27cb8ca7","sha1":"6da8fbe861ecaf13b2d796013d4550df41e94c4e","sha256":"33f5dd800e3fd5340731518e4e462e310edaa1d5bef0bc14b469c2419c6c4d60","sha512":"582f6ba0d4a2563c194a0d2acff120195ae2d92c356a29a3d8dfde9925df9e0c1ce1751829cc35b3a8a409e0ba22d89fa3d8e10ee838231582d85f389be0b76e","ssdeep":"3072:3AkE7tG2sThvb/32zxQglCsx4pygaP8THT9JQJeutt3TSu0AdxYW7k97S:3Aq2Khj/3Ywsx4AjP8LvQJdttjSsxYWL","tlshash":"39f312ab6f86794d831f23a28cc1e9505c591a1380b7bc827e7c85458fe1bc1dc6deb6","first_seen":"2024-08-19T14:58:36.699703Z","last_seen":"2026-04-23T23:27:32.718848Z","times_seen":24,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":288,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lift-9-whatsapp.herokuapp.com/bootstrap/bootstrap.min.css","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:22.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /bootstrap/bootstrap.min.css HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lift-9-whatsapp.herokuapp.com/\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nContent-Length: 257347\r\nContent-Type: text/css; charset=UTF-8\r\nDate: Tue, 20 Jan 2026 00:59:23 GMT\r\nEtag: W/\"3ed43-19ac7576d78\"\r\nLast-Modified: Thu, 27 Nov 2025 22:03:07 GMT\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870763\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=wX0ogTyqVbQpgQyhzRkwcc3HKAm%2FKU2mZkugbRLxN9g%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870763\"\r\nServer: Heroku\r\nVia: 1.1 heroku-router\r\nX-Powered-By: Express\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":257347,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (562)","md5":"af244ddb54b75e440bfa857e57ce87d2","sha1":"bcd226819697004070ce3e40cc2b4ad5e1d991d9","sha256":"a6a8210ebe6646aa0e62b8fd5841592b12cd9f3c0c2b31c9d01463b678f24979","sha512":"cfdcf9efa463fccee644c7bf73087a2fef5a51adbcd0e6004030bfebc2b2d8e7ca5e4d7ff987fec95372724bc77c2473b7853459fcb4cdaf551af4d0dae51881","ssdeep":"1536:M+dkIcpot6PSVLv8TapD9KpWZtg7FDXR2:sIcp7pWZtg7FDXR2","tlshash":"c944344aedf328582c57915967ee7ae97b7c5083c609dd6479cf2300cf893d19ca2ac8","first_seen":"2025-07-22T04:13:16.015571Z","last_seen":"2026-04-23T23:27:32.712914Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1051,"timings":{"blocked":285,"dns":1,"connect":96,"send":0,"wait":95,"receive":374,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"lift-9-whatsapp.herokuapp.com/socket.io/?EIO=4\u0026transport=websocket\u0026sid=FM5rJX5dV2atdMJZAABO","fqdn":"lift-9-whatsapp.herokuapp.com","domain":"lift-9-whatsapp.herokuapp.com","tld":"herokuapp.com"},"ip":{"addr":"107.22.57.98","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://lift-9-whatsapp.herokuapp.com/","date":"2026-01-20T00:59:23.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.herokuapp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 01 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"D4:E8:72:3F:84:4C:25:02:A6:D0:20:70:A3:C9:AB:0A:74:8D:40:E5","sha256":"50:F7:E4:BC:3C:DC:3F:DF:E6:A4:2B:AC:C9:86:3D:25:0A:2F:F1:AD:AE:E4:25:05:41:B4:10:25:54:5F:FB:B2"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=websocket\u0026sid=FM5rJX5dV2atdMJZAABO HTTP/1.1\r\nHost: lift-9-whatsapp.herokuapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://lift-9-whatsapp.herokuapp.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: M0i6JNb7eB0uIcvj2rENug==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: connect.sid=s%3Ac9UhCPw7hyZKGIQm-NYCT5b4Iw5LfxY2.PkFFBGpJ4Na7Wq9EpGt3XQZ8qAkSwTOBU3gC5QCqtLk\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nConnection: Upgrade\r\nNel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nReport-To: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=YqWw9ghD9zCwpkaU%2FzZGMgAOF44MGZNgLzKsxHKogJ4%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1768870764\"}],\"max_age\":3600}\r\nReporting-Endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=YqWw9ghD9zCwpkaU%2FzZGMgAOF44MGZNgLzKsxHKogJ4%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1768870764\"\r\nSec-Websocket-Accept: i+ySl2GyN9YO+rtP8eY0gNAFc4c=\r\nServer: Heroku\r\nUpgrade: websocket\r\nVia: 1.1 heroku-router\r\nDate: Tue, 20 Jan 2026 00:59:24 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":-1,"dns":1,"connect":95,"send":0,"wait":96,"receive":0,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-20","alert":"Sinkholed","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-20","alert":"Phishing Block","trigger":"lift-9-whatsapp.herokuapp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}