{"report_id":"ef590d0e-d5b4-4e8d-a29e-9b62efe794bc","version":6,"status":"done","tags":[],"date":"2025-09-17T05:00:15Z","url":{"schema":"http","addr":"brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"ip":{"addr":"148.230.96.12","port":0,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"final":{"url":{"schema":"https","addr":"brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"title":"Stop Squeaky Orthotics: Easy Fixes \u0026 Expert Tips"},"submit":{"url":{"schema":"http","addr":"brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"ip":{"addr":"148.230.96.12","port":0,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-22T05:00:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-17","alert":"Sinkholed","trigger":"pl27324547.profitableratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-17","alert":"Sinkholed","trigger":"pl27324534.profitableratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"brainiky.org","ip":{"addr":"148.230.96.12","port":443,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"domain_registered":"2025-08-02","domain_rank":0,"first_seen":"2025-09-17T05:00:15.730366Z","last_seen":"2025-09-17T05:00:15.730366Z","alert_count":0,"request_count":3,"received_data":336642,"sent_data":1540,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-09-16T23:54:41.861917Z","alert_count":0,"request_count":2,"received_data":171926,"sent_data":756,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-09-16T23:40:43.839118Z","alert_count":0,"request_count":2,"received_data":992,"sent_data":1462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-09-10T15:21:07.331125Z","alert_count":0,"request_count":2,"received_data":152731,"sent_data":845,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pl27324547.profitableratecpm.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-04-07","domain_rank":0,"first_seen":"2025-09-17T05:00:15.736157Z","last_seen":"2025-09-17T05:00:15.736157Z","alert_count":1,"request_count":1,"received_data":77493,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.125.28.227","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-09-12T14:56:43.679471Z","alert_count":0,"request_count":2,"received_data":842,"sent_data":830,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-09-13T13:45:06.417621Z","alert_count":0,"request_count":1,"received_data":2296,"sent_data":458,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-09-14T04:26:49.673169Z","alert_count":5,"request_count":5,"received_data":10990,"sent_data":5295,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-09-12T12:20:34.839934Z","alert_count":0,"request_count":5,"received_data":177777,"sent_data":2198,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-10T15:11:19.040403Z","alert_count":0,"request_count":3,"received_data":122889,"sent_data":1641,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-10T15:14:38.264059Z","alert_count":0,"request_count":1,"received_data":28611,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-09-10T16:56:51.518632Z","alert_count":4,"request_count":4,"received_data":2076,"sent_data":2130,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-09-10T05:27:22.464069Z","alert_count":1,"request_count":1,"received_data":377,"sent_data":383,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-09-12T07:36:01.738236Z","alert_count":0,"request_count":2,"received_data":388927,"sent_data":964,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pl27324534.profitableratecpm.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-04-07","domain_rank":0,"first_seen":"2025-09-17T05:00:15.743408Z","last_seen":"2025-09-17T05:00:15.743409Z","alert_count":1,"request_count":1,"received_data":110984,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c8b0838a042ecf089a18d997adf2315a","sha1":"e0eefe63dde86a1025de1bf37ba05c9b090096c0","sha256":"ef94062d1e9822e2d02c7a13f10c916745b5641fa4190d29dfd87236e862a041","sha512":"ce6877820e2c8fb6e6118cdc9b21fad02b6a03ad0a17f8119bc8679d9c7532742e782453b4f70536b48717c18318c814ea896870c54f87e1772c2ad219f96d2a","ssdeep":"","tlshash":"4321791bb56c86bad342f052a65777c4bd2184896dc64a26711801ca2ec4325d2f4af3","size":1271,"data":"","first_seen":"2025-09-17T05:00:20.491132Z","last_seen":"2025-09-17T05:00:20.491132Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"ip":{"addr":"148.230.96.12","port":443,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"introduction_type":"scriptElement","is_inline":true,"md5":"7daf8988028b969a6858d7b7e7816890","sha1":"5e18f8406da72942cf1409f8e2fb513014237757","sha256":"66cb55622b7f7abdffebf9c07405d832c9ecbf5c6baeb63d17dddd1e22dd3a9b","sha512":"cd51a8e125b0b21812e6ba1d2255bd342ba05d4ea8ff3eb9f017956d9a8c0eab4b8bbc4c7f2f7f5acbc4f9789d90eacb3dd1fe076941aec6a7988c13d01d965e","ssdeep":"","tlshash":"0b31b92b23f7093551bfa19e736bbb983664019fa182c846361ccf5c6f60e8654f6bc1","size":1833,"data":"","first_seen":"2025-08-11T15:31:56.332465Z","last_seen":"2026-02-20T14:55:24.680219Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27324547.profitableratecpm.com/78/f2/33/78f233379bec181e1d458556a3b6ddd8.js","fqdn":"pl27324547.profitableratecpm.com","domain":"profitableratecpm.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b0846db816d402f63cde95873a05700","sha1":"914607b683ee5bff45a37b86aa9495cc644b63c5","sha256":"6939761f9a03c9541980982ff2295a9b2fc55c62446dd401e88e35e13509f701","sha512":"0907685b8b4f047edd691cf2d60ec27318e5c10c01c36a36fb0c30cb59e777f6f9d830a418a49002ff1fd7f482834113365f3edd38275503442ec9cba7f63d61","ssdeep":"768:4LJyFuc4NZiUUZDAKLWSCmizSjxRVYiZR8jkXWfCTkAH7JUiKCgmR5XaJEqJtn0O:4zZfCzOmKm78I+5q8TdAjrHMVfI2qDS","tlshash":"3673c58a7f46b36902b26073216f1407f02b1c9658acd458d607fadc2f24b6df976b39","size":76511,"data":"","first_seen":"2025-09-17T05:00:20.483917Z","last_seen":"2025-09-17T05:00:20.483917Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-02T17:26:47.249627Z","times_seen":6514,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27324534.profitableratecpm.com/5c/4e/c9/5c4ec9f23898793cd9d58d09cbe8de53.js","fqdn":"pl27324534.profitableratecpm.com","domain":"profitableratecpm.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"222dc36cc4def0808ea1758f33306514","sha1":"182f84eb6bbeff6585331b2ef9d32eff9cdfceba","sha256":"0d175107114cb73624c0b950adfc580f586e2cc2128f317a07bde662d5da028c","sha512":"a42807cc50a12189eac194bae8914f95af2e5cc64ad3b0eaa143d0c9326b4d5e60cda4594d4412c22f99e06d8c75c86f59887fff1ef70c335953a1e1a21a5b7f","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170B8EtlYt0x3I:TD8vCGVIl+RrEtlw","tlshash":"d6b3b7887f80f56c115630b2232fa05af2e91e41a8ccd548f557fde92a2d377b439a78","size":110126,"data":"","first_seen":"2025-09-17T05:00:20.489684Z","last_seen":"2025-09-17T05:00:20.489684Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/highlight.js/11.11.1/highlight.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e43d5372b6165de50a5320cd67559be3","sha1":"b65f6d3a06f8ae06c184e491c8ae237ff2416fd5","sha256":"c4a399dd6f488bc97a3546e3476747b3e714c99c57b9473154c6fb8d259b9381","sha512":"1012f350bf172e5faf6bfcc0b265f04bb67607517d1d41e4670c92fd52b08774bb4ff5349c5e01694dbd10ffd949feb38222316009ca2eee9b27c76aa665f9bb","ssdeep":"1536:1G2dXrpO5M+LyD07rFc7oj/Mx50hzGeCZ9oGxvHuBLYKUAjhaohZdH7gownSZcKb:1GabpaM2rmCwist9rxvOBx97QajGW","tlshash":"1bc33c266cab7d3e8bde51cb389e0400bd98e412f70ccc89f6eede30915541652d7ab9","size":127496,"data":"","first_seen":"2025-04-15T17:22:06.590861Z","last_seen":"2026-04-03T10:56:45.81254Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/KaTeX/0.16.9/katex.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:53.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 20 Jul 2025 17:08:10 GMT","end":"Sat, 18 Oct 2025 18:08:03 GMT"},"fingerprint":{"sha1":"66:D5:51:E0:8E:D7:2C:D1:E3:98:58:99:22:9B:73:C4:6F:32:FD:EC","sha256":"52:CD:3D:83:E5:5A:57:37:9F:D9:0B:EB:C3:EA:67:B7:4C:F1:74:93:B7:C9:E8:0B:E3:E8:CB:2E:7A:94:A2:78"}}},"request":{"raw":"GET /ajax/libs/KaTeX/0.16.9/katex.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:53 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 2797\r\ncf-ray: 9806096b9df0c272-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"651b4556-aed\"\r\nlast-modified: Mon, 02 Oct 2023 22:33:58 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 475171\r\nexpires: Mon, 07 Sep 2026 04:59:53 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=I0V6bGj%2Bj%2B8PL45DW1HPoQ%2B6QVZzVpUlQ6WNyfNuFcvLb5oI27%2BDjl1btQpgBJl3vtfLfeVmOLFUkyTxql3asx%2BAFQlroj%2B75ammcMkymxFSO87Xm%2FWfbA1RyzO18NHnXqaX%2FSqD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23196,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (23195)","md5":"1612bcd72cc503f18e2f302b3a2addd1","sha1":"94edbc490693da7f3ce048546ed3b790d8810247","sha256":"505d5f829022bb7b4f24dfee0aa1141cd7bba67afe411d1240335f820960b5c3","sha512":"7c7c1a59e6eec00ecd485e5083f69fe14783c7d5ea52962938682e6e8df25aef9bd88411e14790c1b6f8d938bb81502336d56823f23d4c4a187aef689b0702ea","ssdeep":"192:FbM9ll0weFl1zkMPgefBEALkLiqRd2s3cnNlsBRrUco7lcCSjyXR:SckMPgefBEA4LiqRd2s3cnNU5o5Oy","tlshash":"d7a23b0bb39a2b13b95d4d39b09b23f029952a1cf211c553a5ac92618cd2c7f059fbfd","first_seen":"2023-10-23T11:02:36Z","last_seen":"2026-04-03T18:01:29.30083Z","times_seen":669,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":18,"dns":3,"connect":1,"send":0,"wait":12,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1664\u0026rd=1664\u0026fd=536\u0026bv=25.8.6603\u0026tmpl=70","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1664\u0026rd=1664\u0026fd=536\u0026bv=25.8.6603\u0026tmpl=70 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":304,"dns":13,"connect":92,"send":0,"wait":93,"receive":1,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/ren.gif?sid=H4sIAAAAAAAC_1RST4gcxReu3oTf4edBDMGLEQb0oJCd7X_zp80hJiYr0ZgN2YQgHqSqq3q2nJqutqp7enZOwYDkOOJFc7H3m00WNfjnKCKEWQ_iLoLjaQ_ZixePgpCrMruDG9_hvVf1vXp876v34UaxTwIUdO_qW3oolaJLjbpbe-mmTLkube3K9Zrn1t0ztZsybYZnaoOZM_1XvCCsuy_XXhdxVy_5rue6nuvVlqURiR4sHaCQ2YPIq0duPfTrXiPEwPz3bAsHljrg_X1yApJPn_49eQcyniDtfXNB2G6us9MXe4WiuTbo860baTfVZYreUZoYB0m6Na-GtlNCPlmATrfmE0D3N2cTgMkpWXj2EVi6NacJ1r93yJQpiBSMP4WyP4FQE0g6QaxvQ_JfCRBzXFlB2rt_RZuSrh-idIZOyfHHf0GWU3L80Umkva_OKzmorWpV5FKnFoOkghxMIDsTZMU28uECZLmNOP8Akv9Clh5fRtrbXLFKQ_K9F_02b9Gw0VgUiUsXQ8raiywKGouBoIw2qR-1Xe9AIplMQO0CCuugkA6KxEGROejxvVrotsPYo0EziXjcckMahlwwN2r7rkujuIUinnEfIc9GiNUIsbmFzNxCV45gioewaxUsd2Bzgj6vUAqC0hKUlKCUBGVOUPare1xZ31b3ubIF8-bRn8egGuu8s0Hv6bwjUgJqRjC82pTZ-_Y24vzYeJhYPtYzR1n-9fLFc9dvXLu4uugHrehdd0wZrzayffLMTGXns86f6Iq9Wqud-EEQtCImYq_tCY-HjXaj0aQBa3LO27CygrQLoNbBUE7JyulVZHJK_vfHC2B0G1ZtI5anQIvnQcsKdK3CMH3ADJWp7K7XtemA6wpZfhz5urOh9slzB__8dnMbIt45-92nM7uL2FTITIX35I8EHXVnfE2XZPOaLi35diXLZU8O6WwHVnOai2NfvCnWS234pQt29Pm5eAbM0gfXhc0v05TLtGPJl-cl58IsaxML8sMle1Owq4VdO1-YtMguX31t-VIvM8JaqdMJqJyS_1enEMspOaH-Pthvf-0upJnAFBV6xQ6ZG-LsFmx2xN1qAqOOcJY5KItqbHz27-XYsOSoQskpCU7-BCV2zn689f3D3d1dUFbBiie6iCce01k7KqsNewcd44Dmt5H2KvRNhb6qQNUItjg2zjOzc_a34MDAlDNmyjibTBn10aHmVu7VGj4Lmu12UyRNngQ88AMeNVwRhTRqhlHYQG6naz-_-sY_AQAA__-yN2OMzgQAAA==","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RST4gcxReu3oTf4edBDMGLEQb0oJCd7X_zp80hJiYr0ZgN2YQgHqSqq3q2nJqutqp7enZOwYDkOOJFc7H3m00WNfjnKCKEWQ_iLoLjaQ_ZixePgpCrMruDG9_hvVf1vXp876v34UaxTwIUdO_qW3oolaJLjbpbe-mmTLkube3K9Zrn1t0ztZsybYZnaoOZM_1XvCCsuy_XXhdxVy_5rue6nuvVlqURiR4sHaCQ2YPIq0duPfTrXiPEwPz3bAsHljrg_X1yApJPn_49eQcyniDtfXNB2G6us9MXe4WiuTbo860baTfVZYreUZoYB0m6Na-GtlNCPlmATrfmE0D3N2cTgMkpWXj2EVi6NacJ1r93yJQpiBSMP4WyP4FQE0g6QaxvQ_JfCRBzXFlB2rt_RZuSrh-idIZOyfHHf0GWU3L80Umkva_OKzmorWpV5FKnFoOkghxMIDsTZMU28uECZLmNOP8Akv9Clh5fRtrbXLFKQ_K9F_02b9Gw0VgUiUsXQ8raiywKGouBoIw2qR-1Xe9AIplMQO0CCuugkA6KxEGROejxvVrotsPYo0EziXjcckMahlwwN2r7rkujuIUinnEfIc9GiNUIsbmFzNxCV45gioewaxUsd2Bzgj6vUAqC0hKUlKCUBGVOUPare1xZ31b3ubIF8-bRn8egGuu8s0Hv6bwjUgJqRjC82pTZ-_Y24vzYeJhYPtYzR1n-9fLFc9dvXLu4uugHrehdd0wZrzayffLMTGXns86f6Iq9Wqud-EEQtCImYq_tCY-HjXaj0aQBa3LO27CygrQLoNbBUE7JyulVZHJK_vfHC2B0G1ZtI5anQIvnQcsKdK3CMH3ADJWp7K7XtemA6wpZfhz5urOh9slzB__8dnMbIt45-92nM7uL2FTITIX35I8EHXVnfE2XZPOaLi35diXLZU8O6WwHVnOai2NfvCnWS234pQt29Pm5eAbM0gfXhc0v05TLtGPJl-cl58IsaxML8sMle1Owq4VdO1-YtMguX31t-VIvM8JaqdMJqJyS_1enEMspOaH-Pthvf-0upJnAFBV6xQ6ZG-LsFmx2xN1qAqOOcJY5KItqbHz27-XYsOSoQskpCU7-BCV2zn689f3D3d1dUFbBiie6iCce01k7KqsNewcd44Dmt5H2KvRNhb6qQNUItjg2zjOzc_a34MDAlDNmyjibTBn10aHmVu7VGj4Lmu12UyRNngQ88AMeNVwRhTRqhlHYQG6naz-_-sY_AQAA__-yN2OMzgQAAA== HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=28d7a455-ef0a-4ab8-b935-3eaba6a29801:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27224048=1; slec78f233379bec181e1d458556a3b6ddd8=[5846723]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 62cfa596bd117535f673ce43916f0086\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:02 GMT","end":"Mon, 17 Nov 2025 08:41:01 GMT"},"fingerprint":{"sha1":"ED:FC:A5:F2:F4:07:8E:0E:EA:C7:96:D8:BE:47:04:EE:34:72:47:E9","sha256":"42:1D:9B:CD:2D:EC:4C:72:94:02:2C:88:B5:FF:BC:A2:B8:35:1B:C6:E0:B5:97:71:DB:7D:5B:6A:FA:CA:C1:8A"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 17 Sep 2025 04:59:55 GMT\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"aa770992960d5d36cf6ba4357f990aa9","sha1":"46cce46df4f47c159c31632cfb45ca0f0144ff0f","sha256":"ea95379db9e2554185ea2a578330b742412ef90d2ccd704a76ed133d990f052b","sha512":"42a66305d9a2990560ee0468c3a36e4b4a1b1ca98cf0922717b9519d17760c63930cb21fe7258671a873a4f9a1bfa520778ce2f002bfba120c99e3f5db00ebea","ssdeep":"768:DDADRDYDKDf4DQLDDDXDfc70afUQRptmJKBLfhQE8YtCR6UfaQ7zfTYHw+fQQVN7:+2Biad","tlshash":"afc2eda1041740009b839ce223cebf35fe5f92117141d0b9abfd9b6badcbc66526936d","first_seen":"2025-09-09T03:39:37.780899Z","last_seen":"2025-11-18T23:25:50.567773Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":67,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"ip":{"addr":"148.230.96.12","port":443,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-17T04:59:52.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brainiky.org","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 08:44:16 GMT","end":"Fri, 31 Oct 2025 08:44:15 GMT"},"fingerprint":{"sha1":"5A:60:A0:B3:89:BE:0C:8A:68:15:6A:8B:0B:E2:E5:93:37:A3:FA:05","sha256":"D7:6F:EE:7D:71:2A:60:85:32:B0:5B:1A:66:AF:A7:EC:EE:84:F2:3D:B3:5A:AA:E4:34:A3:28:DF:04:8D:02:93"}}},"request":{"raw":"GET /blog/stop-squeaky-orthotics-easy-fixes HTTP/1.1\r\nHost: brainiky.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Wed, 17 Sep 2025 04:59:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 11876\r\ncontent-security-policy: default-src 'self' https:;style-src 'self' 'unsafe-inline' https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;img-src 'self' data: https:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none'\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=86400, s-maxage=86400, immutable\r\netag: W/\"2e64-jT2yRxLBRPELimiRhIRe9hox/i8\"\r\nx-served-by: brainiky.org\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":39069,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6527), with CRLF, LF line terminators","md5":"2cb79bc1dfc71fe553cc59509b6f45d3","sha1":"d4a9346b75da74c1cc93cae3522ab452ade7e20f","sha256":"5fd0abad743a5fd518432e9de75906abc93a6a058b10fd1cd90e81ee124d1c86","sha512":"c45489557ed46cf292d0189d94191a53917ed6849a08cc1ff001182d07ca41dedcda0f2c38857076a952c0a27733d6e68701707ce9f89fc4e24d5ebfc1cd5812","ssdeep":"768:Y4mmlMq4f4z4dGOH9Ww7DQeXqYyUmnXPmR+0nBqYm/cSx:FgA8dGOdx70eXqYyUmXPmAGBqYw","tlshash":"22030a3be6941736013b8195aa6d77c8fb6580b7e34312a4785e923c1f73e624273bd8","first_seen":"2025-09-17T05:00:20.475948Z","last_seen":"2025-09-17T05:00:20.475948Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1538,"timings":{"blocked":585,"dns":206,"connect":184,"send":0,"wait":367,"receive":1,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brainiky.org/image?q=How%20to%20Stop%20Your%20Orthotics%20from%20Squeaking%3A%20A%20Comprehensive%20Guide","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"ip":{"addr":"148.230.96.12","port":443,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:53.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brainiky.org","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 08:44:16 GMT","end":"Fri, 31 Oct 2025 08:44:15 GMT"},"fingerprint":{"sha1":"5A:60:A0:B3:89:BE:0C:8A:68:15:6A:8B:0B:E2:E5:93:37:A3:FA:05","sha256":"D7:6F:EE:7D:71:2A:60:85:32:B0:5B:1A:66:AF:A7:EC:EE:84:F2:3D:B3:5A:AA:E4:34:A3:28:DF:04:8D:02:93"}}},"request":{"raw":"GET /image?q=How%20to%20Stop%20Your%20Orthotics%20from%20Squeaking%3A%20A%20Comprehensive%20Guide HTTP/1.1\r\nHost: brainiky.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Wed, 17 Sep 2025 04:59:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7564\r\ncontent-security-policy: default-src 'self' https:;style-src 'self' 'unsafe-inline' https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;img-src 'self' data: https:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none'\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=31536000, immutable\r\netag: W/\"1d8c-8zvj31HUCf2owsoaZrBGzhNKrS8\"\r\nx-served-by: brainiky.org\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":9181,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3","md5":"f4bee79c69f7b7b5af067a82dae1a7c2","sha1":"b4a0e6cced305a94982006a42f7d3fbb86a4746c","sha256":"0e00d4672b433e7dcc78161a52582b392c6ee0369c1ce413d9c3806ef10ae4f6","sha512":"7d34a255dbac2ef6326a84c62e9183be829694e9ad2794e4ef444472b5bbb8792002875c5a6eb5411960cb1694f6efe6b1a1da88c3dca9d76aee93b6a21d3997","ssdeep":"192:LGl7rFbJ3WlhMngLeRze+xKiJkvISx71VHOqn:SFxtGlChe+UimICP9n","tlshash":"90125a6b1e292b14ab7d027b5e53534e1f663d8c24d4432f6da343a37178f78844ea1d","first_seen":"2025-09-17T05:00:20.477195Z","last_seen":"2025-09-17T05:00:20.477195Z","times_seen":1,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ef3fbad50ca8e8e35edd8562d6098403\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":74,"dns":1,"connect":17,"send":0,"wait":26,"receive":18,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IGXwKsBrP5jd2YZNGPtlZwSMpelnNa6ZdXL%2Flg4S%2BOkvT5iF0TlLCIS7xox8T%2BnLzoDgTygbrMmW1m%2FYrq1qgsw1t0JjxBVo%2BL8gtTD0\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa8501-3bd\"\r\ncontent-encoding: br\r\ncf-ray: 98060979187bb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":447,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/highlight.js/11.11.1/highlight.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:53.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 20 Jul 2025 17:08:10 GMT","end":"Sat, 18 Oct 2025 18:08:03 GMT"},"fingerprint":{"sha1":"66:D5:51:E0:8E:D7:2C:D1:E3:98:58:99:22:9B:73:C4:6F:32:FD:EC","sha256":"52:CD:3D:83:E5:5A:57:37:9F:D9:0B:EB:C3:EA:67:B7:4C:F1:74:93:B7:C9:E8:0B:E3:E8:CB:2E:7A:94:A2:78"}}},"request":{"raw":"GET /ajax/libs/highlight.js/11.11.1/highlight.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:53 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 37714\r\ncf-ray: 9806096b9defc272-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"676c489d-9352\"\r\nlast-modified: Wed, 25 Dec 2024 18:02:05 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1082698\r\nexpires: Mon, 07 Sep 2026 04:59:53 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bzjKj%2BYUbrO5EdHzA%2BV17EC5c%2FX5h%2FqGOmX1SVz%2FYC7rsFE8YDNRyQBaSO8h0QgiukO%2FOljg04vDje9494hIhPqOG4K4zpLwajfqc178BH%2FaoJNBaiZWqRn322adb%2Bymm6PnUBR8\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":127496,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11260)","md5":"e43d5372b6165de50a5320cd67559be3","sha1":"b65f6d3a06f8ae06c184e491c8ae237ff2416fd5","sha256":"c4a399dd6f488bc97a3546e3476747b3e714c99c57b9473154c6fb8d259b9381","sha512":"1012f350bf172e5faf6bfcc0b265f04bb67607517d1d41e4670c92fd52b08774bb4ff5349c5e01694dbd10ffd949feb38222316009ca2eee9b27c76aa665f9bb","ssdeep":"1536:1G2dXrpO5M+LyD07rFc7oj/Mx50hzGeCZ9oGxvHuBLYKUAjhaohZdH7gownSZcKb:1GabpaM2rmCwist9rxvOBx97QajGW","tlshash":"1bc33c266cab7d3e8bde51cb389e0400bd98e412f70ccc89f6eede30915541652d7ab9","first_seen":"2025-04-15T17:22:06.590861Z","last_seen":"2026-04-03T10:56:45.81254Z","times_seen":140,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":10,"receive":2,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brainiky.org/favicon.ico","fqdn":"brainiky.org","domain":"brainiky.org","tld":"org"},"ip":{"addr":"148.230.96.12","port":443,"asn":0,"as":"","country":"Mexico","country_code":"MX"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brainiky.org","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 08:44:16 GMT","end":"Fri, 31 Oct 2025 08:44:15 GMT"},"fingerprint":{"sha1":"5A:60:A0:B3:89:BE:0C:8A:68:15:6A:8B:0B:E2:E5:93:37:A3:FA:05","sha256":"D7:6F:EE:7D:71:2A:60:85:32:B0:5B:1A:66:AF:A7:EC:EE:84:F2:3D:B3:5A:AA:E4:34:A3:28:DF:04:8D:02:93"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: brainiky.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aVerison=28d7a455-ef0a-4ab8-b935-3eaba6a29801%3A2%3A1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=9007fcaa-55ff-49a1-a2db-89d2fde6aee2%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Wed, 17 Sep 2025 04:59:54 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 285478\r\ncontent-security-policy: default-src 'self' https:;style-src 'self' 'unsafe-inline' https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https:;img-src 'self' data: https:;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none'\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\nlast-modified: Fri, 01 Aug 2025 14:46:23 GMT\r\netag: W/\"45b26-19866192f46\"\r\nx-served-by: brainiky.org\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":285478,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"a68201ec56f489a774af2d177a3e9d0a","sha1":"e268cdf97a9d8edcfcf423860184f4b9f2b7c36d","sha256":"6bf08f82edf1e7defc8b65826fe6657dc9d41ca8487b67ba5a41d3312f1d8605","sha512":"800b0e520b8a18ee6250e046274b6eb6a4887d24bcd009f628f7d73ae498117de6ed5aaa2480db6daf89727f95933e881db74e46fdfe5e5b413d2d30367d67c9","ssdeep":"768:XKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK:EHZ","tlshash":"605451613db180ddd3b4a3f1b2b5e3893c9523b8c94ea35524227f4bbd24956f2a3817","first_seen":"2025-09-17T05:00:20.480055Z","last_seen":"2025-09-17T05:00:20.480055Z","times_seen":1,"resource_available":false,"data":null}},"time_used":932,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":187,"receive":745,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/sbar.json?key=78f233379bec181e1d458556a3b6ddd8\u0026abtopt=a\u0026abt=FEATURES-2379_0\u0026uuid=28d7a455-ef0a-4ab8-b935-3eaba6a29801%3A2%3A1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /sbar.json?key=78f233379bec181e1d458556a3b6ddd8\u0026abtopt=a\u0026abt=FEATURES-2379_0\u0026uuid=28d7a455-ef0a-4ab8-b935-3eaba6a29801%3A2%3A1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:54 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 3819\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://brainiky.org\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=28d7a455-ef0a-4ab8-b935-3eaba6a29801:2:1; expires=Wed, 24 Sep 2025 04:59:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 18 Sep 2025 04:59:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 18 Sep 2025 04:59:54 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 18 Sep 2025 04:59:54 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 18 Sep 2025 04:59:54 GMT; path=/; secure; SameSite=None\nu_pl27224048=1; expires=Thu, 18 Sep 2025 04:59:54 GMT; path=/; secure; SameSite=None\nslec78f233379bec181e1d458556a3b6ddd8=[5846723]; expires=Wed, 17 Sep 2025 04:59:59 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 215\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 49be4bc1dae5c97a99f68401289817a0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6418,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"008e795cc8a66843dfab7d472acea5c3","sha1":"f9c477d0166aef9b1f0a7199e723c9fba56d48f9","sha256":"47ed38fd5d01b33db5e6b0d1d3438b6480752f38d2f071ceceab55ee317fa739","sha512":"140f3eed6475950d6e6b0d8b4550c90fba3f795ad483a53798463e00a979fa9f428f8e673d511ac321fb22312662a543851c0828cc62db4db8bbdfc8c0446d4f","ssdeep":"96:9zJIQhW70QDwvMNIQhW70QDwvMZeaSi7NeKuM7GHBJO55SRm7dq4dDeERULFDO:9zy70rvX70rvqNSMFfmJO5g6DZ+FS","tlshash":"33d15b5ff1d53e4a45c3c09ca45338f84e67ba6f7355e4a6d11ed3bea4145146a0803f","first_seen":"2025-09-17T05:00:20.48117Z","last_seen":"2025-09-17T05:00:20.48117Z","times_seen":1,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YxW3O0w4Lzz6DSi%2FhpXtG9fswvoF0%2BURwN8%2B2s4KpH3eDeCymYhpIzuqJjsKlNZONnSTwxaObXRlvQrltxgDkMvIFHypPq7wtFNXbTOh\"}]}\r\nage: 3441556\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 980609789824b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-03T17:08:57.08051Z","times_seen":8711,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=513","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=513 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:56 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":93,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 15 Sep 2025 19:01:58 GMT\r\nexpires: Tue, 15 Sep 2026 19:01:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 122278\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-03T18:31:09.418003Z","times_seen":712834,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":60,"dns":5,"connect":7,"send":0,"wait":8,"receive":9,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=9007fcaa-55ff-49a1-a2db-89d2fde6aee2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=5c4ec9f23898793cd9d58d09cbe8de53\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=4","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=9007fcaa-55ff-49a1-a2db-89d2fde6aee2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=5c4ec9f23898793cd9d58d09cbe8de53\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=4 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7098c5483a5aac0f815c46cace350bb0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":282,"dns":1,"connect":92,"send":0,"wait":96,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:56 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ro2ZHfChyK9YNy%2FU9%2B8kBXRynu8mXkQyZtw3yzMCvD188o%2Bzfoawlu189uE0hbcOxz%2BzxWNlKMh%2F8tONdpQDoiIdxFLaZJpfV%2FffwRsh\"}]}\r\ncf-ray: 980609782fc1b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-03T15:41:36.83847Z","times_seen":10527,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":29,"dns":5,"connect":1,"send":0,"wait":462,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 15 Sep 2025 19:01:58 GMT\r\nexpires: Tue, 15 Sep 2026 19:01:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 122278\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-03T18:31:09.418003Z","times_seen":712834,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":61,"dns":1,"connect":20,"send":0,"wait":21,"receive":1,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27324547.profitableratecpm.com/78/f2/33/78f233379bec181e1d458556a3b6ddd8.js","fqdn":"pl27324547.profitableratecpm.com","domain":"profitableratecpm.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:53.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"profitableratecpm.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 22:12:52 GMT","end":"Mon, 03 Nov 2025 22:12:51 GMT"},"fingerprint":{"sha1":"54:C4:2C:62:9A:57:36:D6:32:A0:4D:90:BD:83:A7:77:B7:01:F1:29","sha256":"C0:C3:D1:A5:40:5D:2B:81:5B:71:DA:AD:EA:56:AF:E8:53:23:5F:E0:6D:AD:66:32:A6:69:17:4D:A2:EA:26:9D"}}},"request":{"raw":"GET /78/f2/33/78f233379bec181e1d458556a3b6ddd8.js HTTP/1.1\r\nHost: pl27324547.profitableratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30119\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-2379=0; expires=Wed, 17 Sep 2025 04:59:53 GMT; secure; SameSite=None\r\nx-envoy-upstream-service-time: 6\r\nHost: pl27324547.profitableratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 36391f74f916079ff275e2e38cbe54fe\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76511,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0b0846db816d402f63cde95873a05700","sha1":"914607b683ee5bff45a37b86aa9495cc644b63c5","sha256":"6939761f9a03c9541980982ff2295a9b2fc55c62446dd401e88e35e13509f701","sha512":"0907685b8b4f047edd691cf2d60ec27318e5c10c01c36a36fb0c30cb59e777f6f9d830a418a49002ff1fd7f482834113365f3edd38275503442ec9cba7f63d61","ssdeep":"768:4LJyFuc4NZiUUZDAKLWSCmizSjxRVYiZR8jkXWfCTkAH7JUiKCgmR5XaJEqJtn0O:4zZfCzOmKm78I+5q8TdAjrHMVfI2qDS","tlshash":"3673c58a7f46b36902b26073216f1407f02b1c9658acd458d607fadc2f24b6df976b39","first_seen":"2025-09-17T05:00:20.483917Z","last_seen":"2025-09-17T05:00:20.483917Z","times_seen":1,"resource_available":true,"data":null}},"time_used":817,"timings":{"blocked":307,"dns":25,"connect":96,"send":0,"wait":101,"receive":94,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-17","alert":"Sinkholed","trigger":"pl27324547.profitableratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.28.227","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://brainiky.org\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=28d7a455-ef0a-4ab8-b935-3eaba6a29801:2:1; expires=Sat, 15 Sep 2035 04:59:54 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"78d9b05d364773d11d16f78c809df0f9","sha1":"3717e256958cd873d54c6875f0bc727ca170057c","sha256":"6232ee43251d63795223fab0b61d760b962a521dadf8905e49539e4ded2536de","sha512":"ca9a65d519b75f339d53b2a6a2e7426c9d591dcf11cd5c8b2314380feedc0153b8e393349c81a5ee898d85b65099e493f8187aed688d93c07ef8ae143dbeb790","ssdeep":"","tlshash":"6390045c110f4407f55040d1054157c400010454d00f50135f01d400c0017411cd0111","first_seen":"2025-09-17T05:00:20.485021Z","last_seen":"2025-09-17T05:00:20.485021Z","times_seen":1,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":158,"dns":16,"connect":21,"send":0,"wait":21,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0oIwhQ8uurJj19KpHluBXMgRxgOeskDZBSB3Ws53qxjv6T%2FDPTIyldtLx1k2Q%2F1ioa8RqAyuWI0NWniBU7wEnDaiZcpaYa%2FnkLR9Dx8E\"}]}\r\ncf-ray: 980609782fc4b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":29,"dns":4,"connect":5,"send":0,"wait":451,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=503","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=503 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:56 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbs?c=1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=28d7a455-ef0a-4ab8-b935-3eaba6a29801:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27224048=1; slec78f233379bec181e1d458556a3b6ddd8=[5846723]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:56 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":660,"timings":{"blocked":281,"dns":1,"connect":92,"send":0,"wait":97,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RST4gcxReu3oTf4edBDMGLEQb0oJCd7X8z02MOMTFZicZsyCYE8SBVXdWz5dR0tVXd07NzCgYkxxEvmou932yyqME_RxEhzHoQdxEcT3vIXrx4FIRcldkd3PgO772q79Xje1-9DzeKfRKgoHtX39JDqRRdatTd2ks3Zcp1aWtXrtc8t-6eqd2UaTM8UxvMnOm_4gVh3X259rqIu3rJdz3X9VyvtiyNSPRg6QCFzB60vXrbrYd-3WuEGJj_nm3hwFIHvL9PTkDy6dO_J-9AxhOkvW8uCNvNdXb6Yq9QNNcGfb51I-2mukzRO0oT4yBJt-bV0HZKyCcL0OnWfALo_uZsAjA5JQvPPgJLt-Y0wfr3DpkyBZGC8adQ9icQagJJJ4j1bUj-KwFijisrSHv3r2hT0vVDlM7QKTn--C_IckqOPzqJtPfVeSUHtVWtilzq1GKQVJCDCWRngqzYRj5cgCy3EecfQPJfyNLjy0h7mytWaUi-96If8RYNG41Fkbh0MaQsWmTtoLEYCMpok_rtyPUOJJLJBNQuoLAOCumgSBwUmYMe36uFbhTGHg2aSZvHLTekYcgFc9uR77q0HbdQxDPuI-TZCLEaITa3kJlb6MoRTPEQdq2C5Q5sTtDnFUpBUFqCkhKUkqDMCcp-dY8r69vqPle2YN48-vMYVGOddzboPZ13REpAzQiGV5sye9_eRpwfGw8Ty8d65ijLv16-eO76jWsXVxf9oNV-1x1TxquNbJ88M1PZ-azzJ7pir9aKEj8IglabidiLPOHxsBE1Gk0asCbnPIKVFaRdALUOhnJKVk6vIpNT8r8_XgCj27BqG7E8BVo8D1pWoGsVhukDZqhMZXe9rk0HXFfI8uPI150NtU-eO_jnt5vbEPHO2e8-ndldxKZCZiq8J38k6Kg742u6JJvXdGnJtytZLntySGc7sJrTXBz74k2xXmrDL12wo8_PxTNglj64Lmx-maZcph1LvjwvORdmWZtYkB8u2ZuCXS3s2vnCpEV2-epry5d6mRHWSp1OQOWU_L86hVhOyQn198F--2t3Ic0EpqjQK3bI3BBnt2CzI-5WExh1hLPMQVlUY-Ozfy_HhiVHFUpOSXDyJyixc_bjre8f7u7ugrIKVjzRRTzxmM7aUVlt2DvoGAc0v420V6FvKvRVBapGsMWxcZ6ZnbO_BQcGppwxU8bZZMqojw41t3KvlgTCj103ajW9IEqEF4Q8ThpR2OZN6gaBQG6naz-_-sY_AQAA__9OX_NSzgQAAA==","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RST4gcxReu3oTf4edBDMGLEQb0oJCd7X8z02MOMTFZicZsyCYE8SBVXdWz5dR0tVXd07NzCgYkxxEvmou932yyqME_RxEhzHoQdxEcT3vIXrx4FIRcldkd3PgO772q79Xje1-9DzeKfRKgoHtX39JDqRRdatTd2ks3Zcp1aWtXrtc8t-6eqd2UaTM8UxvMnOm_4gVh3X259rqIu3rJdz3X9VyvtiyNSPRg6QCFzB60vXrbrYd-3WuEGJj_nm3hwFIHvL9PTkDy6dO_J-9AxhOkvW8uCNvNdXb6Yq9QNNcGfb51I-2mukzRO0oT4yBJt-bV0HZKyCcL0OnWfALo_uZsAjA5JQvPPgJLt-Y0wfr3DpkyBZGC8adQ9icQagJJJ4j1bUj-KwFijisrSHv3r2hT0vVDlM7QKTn--C_IckqOPzqJtPfVeSUHtVWtilzq1GKQVJCDCWRngqzYRj5cgCy3EecfQPJfyNLjy0h7mytWaUi-96If8RYNG41Fkbh0MaQsWmTtoLEYCMpok_rtyPUOJJLJBNQuoLAOCumgSBwUmYMe36uFbhTGHg2aSZvHLTekYcgFc9uR77q0HbdQxDPuI-TZCLEaITa3kJlb6MoRTPEQdq2C5Q5sTtDnFUpBUFqCkhKUkqDMCcp-dY8r69vqPle2YN48-vMYVGOddzboPZ13REpAzQiGV5sye9_eRpwfGw8Ty8d65ijLv16-eO76jWsXVxf9oNV-1x1TxquNbJ88M1PZ-azzJ7pir9aKEj8IglabidiLPOHxsBE1Gk0asCbnPIKVFaRdALUOhnJKVk6vIpNT8r8_XgCj27BqG7E8BVo8D1pWoGsVhukDZqhMZXe9rk0HXFfI8uPI150NtU-eO_jnt5vbEPHO2e8-ndldxKZCZiq8J38k6Kg742u6JJvXdGnJtytZLntySGc7sJrTXBz74k2xXmrDL12wo8_PxTNglj64Lmx-maZcph1LvjwvORdmWZtYkB8u2ZuCXS3s2vnCpEV2-epry5d6mRHWSp1OQOWU_L86hVhOyQn198F--2t3Ic0EpqjQK3bI3BBnt2CzI-5WExh1hLPMQVlUY-Ozfy_HhiVHFUpOSXDyJyixc_bjre8f7u7ugrIKVjzRRTzxmM7aUVlt2DvoGAc0v420V6FvKvRVBapGsMWxcZ6ZnbO_BQcGppwxU8bZZMqojw41t3KvlgTCj103ajW9IEqEF4Q8ThpR2OZN6gaBQG6naz-_-sY_AQAA__9OX_NSzgQAAA== HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=28d7a455-ef0a-4ab8-b935-3eaba6a29801:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27224048=1; slec78f233379bec181e1d458556a3b6ddd8=[5846723]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:56 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+9a887319213dec18b9dde38e11d532d3=5846723; expires=Thu, 18 Sep 2025 04:59:56 GMT; path=/; secure; SameSite=None\niprc_l:5846723=1; expires=Thu, 18 Sep 2025 04:59:56 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a665aa18ee384e664ecc74e05ce5d2ae\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 15 Sep 2025 19:01:58 GMT\r\nexpires: Tue, 15 Sep 2026 19:01:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 122278\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-03T18:31:09.418003Z","times_seen":712834,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":58,"dns":0,"connect":20,"send":0,"wait":14,"receive":6,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f933995570e62f5033cc744e39874946\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":57,"dns":1,"connect":17,"send":0,"wait":23,"receive":18,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.28.227","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://brainiky.org\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=9007fcaa-55ff-49a1-a2db-89d2fde6aee2:2:1; expires=Sat, 15 Sep 2035 04:59:54 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5cd336d8b87b2705a29fd7e02c793300","sha1":"9580c99007ec4efea2bc8e9c0f81ab1f83671f0c","sha256":"97587679a47611dcfd3c7f34f05bab7ef55d8293b7794bfaebb560121ba9e164","sha512":"d2b5a03e06590d74c14f14b0957170957263d6ec4748866ef9a7313272c159bd17212b0260019f10079126fb04ee6a313368fbb768495c207afb858baf59d54c","ssdeep":"","tlshash":"8990040714143410174005d5c3051cf514135117741d40454451d704143110d1750f01","first_seen":"2025-09-17T05:00:20.486787Z","last_seen":"2025-09-17T05:00:20.486787Z","times_seen":1,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":166,"dns":24,"connect":20,"send":0,"wait":22,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4d96b3568840f56b04b5f060d52f7449\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":68,"dns":1,"connect":17,"send":0,"wait":17,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://brainiky.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oIghaFQr7hKAoSoOx2LaSLl8C1%2BfZEq9Synf9bT%2By1FR17t9W%2Bm%2F7xehFQJdWCjSmdhgBFfPG%2FUAQF7Jr2nr9wuxC7IhrQd1N2m76DPk0Q%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98060974dd1476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":48,"dns":4,"connect":1,"send":0,"wait":450,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=507","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=507 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:55 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":722,"timings":{"blocked":314,"dns":14,"connect":93,"send":0,"wait":95,"receive":0,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/89/e6/c3/89e6c3e58ce78a4df40371d8acf5f2aec19fa14f42e4ae91fa6607caf087daac.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/89/e6/c3/89e6c3e58ce78a4df40371d8acf5f2aec19fa14f42e4ae91fa6607caf087daac.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 15139\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 10 Mar 2025 07:47:36 GMT\r\netag: \"67ce9918-3b23\"\r\nexpires: Fri, 19 Sep 2025 04:59:55 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15139,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"013d9e7eb26192f149fedae8fa94faf6","sha1":"c5356f7e767e4d99b5eca2f0b7fa9d21c089ebf4","sha256":"8bdfce4bb6a4ddfd21bb80e982852fd665148ae34d3804a13323b5dc386b4998","sha512":"5c27f66440db8194be37f434265eaf6cfea6cba6374d5cf1abe4cd015f69bf72c2710777169a49c5d56c5423ea314c9bdc4b6208c453032c43dbd811bd42143e","ssdeep":"384:y5DaxJ3zA3LGatIf2RmXrKW+302dvJz6inFnM2:6GxZCntIbOpd1nFM2","tlshash":"2562e0d2d82660f2c84f39b2ded00806053f2034d3436be8b3aa4fde4695e27e15e508","first_seen":"2025-03-13T19:06:43.453506Z","last_seen":"2026-01-06T01:08:04.534363Z","times_seen":374,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":121,"dns":0,"connect":0,"send":0,"wait":71,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ed/39/bd/ed39bded7566d79b7631429e884f5d6bf3f295178f5159023756439412ac04d7.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/ed/39/bd/ed39bded7566d79b7631429e884f5d6bf3f295178f5159023756439412ac04d7.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 373088\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 10 Mar 2025 07:47:10 GMT\r\netag: \"67ce98fe-5b160\"\r\nexpires: Fri, 19 Sep 2025 04:59:55 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":373088,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced","md5":"ed294f5d3257af26b0a36da1118cacaa","sha1":"2127d325193d6392e36219100fcbba49ae4186d7","sha256":"5f20a28a6642e254387cf221cca79685234201069fac64b4a56e500d122bc08d","sha512":"1891f1460725e439c2bc60cabac8f7624c354b85c68c0ed63ac71d3c648f53eb733eb9424f0cb1d1ab1cc828312f4a1d7f2a6d35bf4da4b46619edbeea97aa99","ssdeep":"6144:xuRy3sURTBodEND7oi/SvUNLiDJxF/LqHvAQ3H6pBb8ezBHVQBzELD6PP0KowLve:MRy3sURdodER7oi/HNG1zLooGe5VQuOM","tlshash":"3d8423b177137c726c1fb6722863604c255424d6e1fbab45c7b226bb902f6c02a4bfd9","first_seen":"2025-03-13T19:06:43.443502Z","last_seen":"2026-01-06T01:08:04.54066Z","times_seen":374,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":119,"dns":55,"connect":19,"send":0,"wait":37,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.64.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:55.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Sep 2025 04:59:55 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rwc20qT5axQDAJtBKfvLnEMms6qRwipK15eqKM82RoI9BqkawaJ1plvVUcPXNrC%2B4Zd0Kl6N6fxJJbMpdmdbaEurrzf5xBTlqDpEDmme\"}]}\r\nage: 1642156\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 98060978a82db4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-02T17:26:47.249627Z","times_seen":6514,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=449","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:56.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=449 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:56 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-16","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pl27324534.profitableratecpm.com/5c/4e/c9/5c4ec9f23898793cd9d58d09cbe8de53.js","fqdn":"pl27324534.profitableratecpm.com","domain":"profitableratecpm.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:53.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"profitableratecpm.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 22:12:52 GMT","end":"Mon, 03 Nov 2025 22:12:51 GMT"},"fingerprint":{"sha1":"54:C4:2C:62:9A:57:36:D6:32:A0:4D:90:BD:83:A7:77:B7:01:F1:29","sha256":"C0:C3:D1:A5:40:5D:2B:81:5B:71:DA:AD:EA:56:AF:E8:53:23:5F:E0:6D:AD:66:32:A6:69:17:4D:A2:EA:26:9D"}}},"request":{"raw":"GET /5c/4e/c9/5c4ec9f23898793cd9d58d09cbe8de53.js HTTP/1.1\r\nHost: pl27324534.profitableratecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39494\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: pl27324534.profitableratecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e0e6a74155364d3ead17f6830a1d0f12\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":110126,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"222dc36cc4def0808ea1758f33306514","sha1":"182f84eb6bbeff6585331b2ef9d32eff9cdfceba","sha256":"0d175107114cb73624c0b950adfc580f586e2cc2128f317a07bde662d5da028c","sha512":"a42807cc50a12189eac194bae8914f95af2e5cc64ad3b0eaa143d0c9326b4d5e60cda4594d4412c22f99e06d8c75c86f59887fff1ef70c335953a1e1a21a5b7f","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170B8EtlYt0x3I:TD8vCGVIl+RrEtlw","tlshash":"d6b3b7887f80f56c115630b2232fa05af2e91e41a8ccd548f557fde92a2d377b439a78","first_seen":"2025-09-17T05:00:20.489684Z","last_seen":"2025-09-17T05:00:20.489684Z","times_seen":1,"resource_available":true,"data":null}},"time_used":817,"timings":{"blocked":305,"dns":26,"connect":93,"send":0,"wait":105,"receive":94,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-17","alert":"Sinkholed","trigger":"pl27324534.profitableratecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=9007fcaa-55ff-49a1-a2db-89d2fde6aee2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=78f233379bec181e1d458556a3b6ddd8\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=4","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brainiky.org/blog/stop-squeaky-orthotics-easy-fixes","date":"2025-09-17T04:59:54.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=9007fcaa-55ff-49a1-a2db-89d2fde6aee2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=78f233379bec181e1d458556a3b6ddd8\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=4 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 17 Sep 2025 04:59:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7e1810c92461c77c2e0d417e38900a38\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T18:31:03.533086Z","times_seen":13299059,"resource_available":true,"data":null}},"time_used":659,"timings":{"blocked":282,"dns":1,"connect":95,"send":0,"wait":93,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}