{"report_id":"f5801b84-2fd0-409a-8ebb-7c7254daa553","version":6,"status":"done","tags":[],"date":"2026-05-02T13:32:05Z","url":{"schema":"http","addr":"hettich.com.gt.innovate.gt","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":0,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"title":"The Official Trump Meme | GetTrumpMemes","dom":{"size":66742,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2924)","md5":"b4a4449f1147f5c9d6028d2f0a9817c3","sha1":"04e11802727533607c1e8e9d84091d5ba04a7b05","sha256":"19fd8cb6764cc083a24f2a424c95737ba582b9f7c6cef0982ad334689e419746","sha512":"2213dc1546be9dc1348defff7f7c05c60379f57cc272da54027b4b231c41d837f26131b87be5b3e25fa9b57c85eacb6034866ad839f7fd6ae98f14d335613016","ssdeep":"768:emQy0j+HPhmc1c6IBg2P2C2An/DY0AG0ReXs4DFWvO/6l/BY0hMCUDheQu:GgABjDY0APReXs4DFWvO/6l/BYzu","tlshash":"886383b250f00137019381c5b5a67b2bbf8ae88bde4b8a4676ad17d08fe3dc6dd53149","dom_hash":"domhasheea93f6eaba0c2f890134d5d6a8b4003","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hettich.com.gt.innovate.gt","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":0,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-06T13:32:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-02T13:31:44Z","timestamp":1777728704,"ip_dst":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45686,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-05-02T13:31:44.200410+0000\",\"flow_id\":1984253361452982,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":45686,\"dest_ip\":\"104.26.13.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3437,\"start\":\"2026-05-02T13:31:44.194486+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hettich.com.gt.innovate.gt","ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-02T13:32:10.069884Z","last_seen":"2026-05-02T13:32:10.069884Z","alert_count":0,"request_count":4,"received_data":9814731,"sent_data":1826,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"cdn.matomo.cloud","ip":{"addr":"65.9.46.84","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2017-09-08","domain_rank":124973,"first_seen":"2019-09-27T14:00:38Z","last_seen":"2026-04-30T09:09:01.759862Z","alert_count":0,"request_count":1,"received_data":686,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-04-27T12:21:03.85901Z","alert_count":0,"request_count":1,"received_data":254,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"gettrumpmemes.com","ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-21","domain_rank":339259,"first_seen":"2025-01-18T19:05:07Z","last_seen":"2026-03-14T21:07:34.587445Z","alert_count":10,"request_count":10,"received_data":246494,"sent_data":4693,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb32fe066b7a5b74a295500a3a77ed0a","sha1":"aca44fbdbdb2b42fd5a9644abf21d1d58e3d3d90","sha256":"139f54d6a8ea8e1390693a6afaf155932ce462907fa7ffce7fa1f1ad83adf472","sha512":"a9f1556c9c7cbfcab6968dac940f22f163bdd52fdcf7511b7c790a3fbfcaa3ce1b533ddc3ef21534b863a83a70ce05b6583c3ecf8e9d7a31bb3d63f9b2c44e21","ssdeep":"","tlshash":"f5f0ac1609eb1bfa263b617e7c7e9a1cf2ab281e90a0c4016e42a42cad6298547043c8","size":571,"data":"","first_seen":"2025-01-18T14:03:35.67503Z","last_seen":"2026-05-02T13:34:17.237813Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d2662e8ffed002fd7b34c9f16a901f62","sha1":"95b601f7256d6f8ba3cdd1757b4c2ffd4edd7665","sha256":"18d299695d7ce818a1f99e46d973062187ca507bb4acbea1349adaf7856eabb2","sha512":"1d4577173f02eaf3e9c15255ddbc225c3e0d8a770d9f895271191bd7dd2cbc7e13f3dac92f1a994f9fdd0abc258b057178ca840e77bdd527306897e16ac95470","ssdeep":"","tlshash":"f121fd2622b215b40367616bcb0bdd89b43110ff7641cb2e785d4f456fd7c0126fa0e5","size":1310,"data":"","first_seen":"2025-04-24T13:18:03.806523Z","last_seen":"2026-05-02T13:34:17.238685Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/index.js","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f26ea4bd7520edc8a1ea3aaa0918cc8f","sha1":"3713487a3de6cbe9f70fae2309a35aaffc07294d","sha256":"370145f44a0de4b653295eac5705df3d2360461347465934da0b485cf5484b50","sha512":"7e5b62035ea3fee13e4351c45aaf108e0688fa19e320746431c9117d3684c13920c00b3a660cd63dfac7c8787a7b7af52dd1238857b81b8226a0e110db96227d","ssdeep":"49152:GqwyR/8PvbvXmDpwPHPlAkm9XGQKRtH4qROO/IuD+Ld9SuFQKiophQ1wvLr1JBgI:33","tlshash":"d2a6df096af3e0234e1f70795b1f7045a624940bd35cce547e8f93b41f586288af6aeb","size":9747034,"data":"","first_seen":"2025-06-06T11:43:13.820571Z","last_seen":"2026-05-02T13:34:17.24086Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gettrumpmemes.com/images/TMC-Allocation-Report-6-p-800.webp","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:44.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/TMC-Allocation-Report-6-p-800.webp HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 02 May 2026 13:31:44 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=jxi0DroP2BLdDMq9zPAxqqZuZSxZ8vOLZxFokfwn%2FJo%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777728697\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=jxi0DroP2BLdDMq9zPAxqqZuZSxZ8vOLZxFokfwn%2FJo%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777728697\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nage: 6\r\nexpires: Sat, 02 May 2026 17:31:44 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: gzip\r\ncf-ray: 9f5763514a5656bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/css.css","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:44.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hettich.com.gt.innovate.gt","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 02:45:23 GMT","end":"Fri, 31 Jul 2026 02:45:22 GMT"},"fingerprint":{"sha1":"5F:E2:55:C7:70:99:60:D0:1B:E8:71:54:B4:9C:CE:08:1B:31:CD:AE","sha256":"07:A4:62:34:02:95:6F:ED:61:9F:EE:9F:7D:81:70:1B:7C:8A:38:C7:44:CC:18:E1:A7:A4:97:FB:DF:F2:37:E2"}}},"request":{"raw":"GET /css.css HTTP/1.1\r\nHost: hettich.com.gt.innovate.gt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 236\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sat, 02 May 2026 13:31:44 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":236,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text, with no line terminators","md5":"3dea6e4a74ae5c8a6b8dd3bae0de6081","sha1":"0b2672db2629a86272ca21084220113c548195db","sha256":"6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362","sha512":"9b86bd1b8867c44ad5431a94991e517f73a639f03bfca39daf2bc6a9883c5c68e0ca8b69662a2a48e35922960f80b0679eb8e9cb7bacdac6ef93d46c4b10a9d4","ssdeep":"","tlshash":"5dd0a7bff2055219899611605bd523c11d8f4337f1b45522284db07550547fecc832a5","first_seen":"2023-04-05T13:31:58Z","last_seen":"2026-06-08T20:08:48.435524Z","times_seen":4813,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/images/T-Meme-Logo_1T-Meme-Logo.webp","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:44.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/T-Meme-Logo_1T-Meme-Logo.webp HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10364\r\naccept-ranges: bytes\r\netag: \"287c-6507ac749d200\"\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=v%2Bwe%2BQIFxJkS%2FCySFurk3q0G3aiN3Xt8%2F39HhrTD%2Ffo%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777339203\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=v%2Bwe%2BQIFxJkS%2FCySFurk3q0G3aiN3Xt8%2F39HhrTD%2Ffo%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777339203\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:44 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9f5763547e0d56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10364,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5995c069b00cc9c4d92b22dab84472f9","sha1":"813a95f0e91963aace9ff4c8dd1d6774e107e576","sha256":"396347c10301a8c7a51ccd03bd63a72d20c5fb6ac9df905718d2092f75344507","sha512":"1906dac6958a3c96515fbf3e614ab8b0d7a902dcd7aa0202b58fb6b0aab9ca8b2c473a56132a86c71aec4eef32aa1401a4038186bf4b1d7e3cdf81b56f79087e","ssdeep":"192:OyEL7KlnpMzPqzpHE/hiX30btnugSojUE3irz4x8:vcGZp9uiX3OYo4rzu","tlshash":"7122bf3e18c55e91cfaefb7210428112a5d74eb5109c90553fe0c935cabf96c5d2e98f","first_seen":"2025-10-17T02:48:47.042392Z","last_seen":"2026-05-02T13:34:17.227413Z","times_seen":4,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/index.js","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hettich.com.gt.innovate.gt","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 02:45:23 GMT","end":"Fri, 31 Jul 2026 02:45:22 GMT"},"fingerprint":{"sha1":"5F:E2:55:C7:70:99:60:D0:1B:E8:71:54:B4:9C:CE:08:1B:31:CD:AE","sha256":"07:A4:62:34:02:95:6F:ED:61:9F:EE:9F:7D:81:70:1B:7C:8A:38:C7:44:CC:18:E1:A7:A4:97:FB:DF:F2:37:E2"}}},"request":{"raw":"GET /index.js HTTP/1.1\r\nHost: hettich.com.gt.innovate.gt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 25 Jan 2025 02:33:19 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9747034\r\ncontent-type: text/javascript\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":9747034,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (908)","md5":"b3fa05b38e12d7291f685e18c52d6571","sha1":"6b673b811baa776e578c2bceb9f6f4b21b03757d","sha256":"57e90291c97ea11890ee5669fd00e242d73cce820b188996d5f5b8bcc7a498b9","sha512":"fe17f3695e36197294c00d1f0ddecf399905ac8d42be5ebe65b2300d106c6dd8fb6c8161b5bbc331c45e7717031f5aae9a8ac6d222ddefddeb205f79d0982d68","ssdeep":"12288:7yBcwypWknk/TLy2d/GOFSR+GJ4NMyRX4SE14XZzTuiY/aure2tzCjK0FyNDn3Hc:GBcwyIkTmB4I","tlshash":"a22594096af3a0634a5770794b1f7045a235e00b634ddc587d8e93b01f59b388bf6bea","first_seen":"2025-08-11T05:30:04.810308Z","last_seen":"2026-05-02T13:34:17.225478Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":1010,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/css.css","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hettich.com.gt.innovate.gt","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 02:45:23 GMT","end":"Fri, 31 Jul 2026 02:45:22 GMT"},"fingerprint":{"sha1":"5F:E2:55:C7:70:99:60:D0:1B:E8:71:54:B4:9C:CE:08:1B:31:CD:AE","sha256":"07:A4:62:34:02:95:6F:ED:61:9F:EE:9F:7D:81:70:1B:7C:8A:38:C7:44:CC:18:E1:A7:A4:97:FB:DF:F2:37:E2"}}},"request":{"raw":"GET /css.css HTTP/1.1\r\nHost: hettich.com.gt.innovate.gt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 236\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":236,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text, with no line terminators","md5":"3dea6e4a74ae5c8a6b8dd3bae0de6081","sha1":"0b2672db2629a86272ca21084220113c548195db","sha256":"6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362","sha512":"9b86bd1b8867c44ad5431a94991e517f73a639f03bfca39daf2bc6a9883c5c68e0ca8b69662a2a48e35922960f80b0679eb8e9cb7bacdac6ef93d46c4b10a9d4","ssdeep":"","tlshash":"5dd0a7bff2055219899611605bd523c11d8f4337f1b45522284db07550547fecc832a5","first_seen":"2023-04-05T13:31:58Z","last_seen":"2026-06-08T20:08:48.435524Z","times_seen":4813,"resource_available":true,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/images/TMC-Allocation-Report-6-p-800.webp","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/TMC-Allocation-Report-6-p-800.webp HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=jxi0DroP2BLdDMq9zPAxqqZuZSxZ8vOLZxFokfwn%2FJo%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777728697\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=jxi0DroP2BLdDMq9zPAxqqZuZSxZ8vOLZxFokfwn%2FJo%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777728697\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:42 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: gzip\r\ncf-ray: 9f576349398a56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.matomo.cloud/pokastarter2.matomo.cloud/matomo.js","fqdn":"cdn.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"65.9.46.84","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:43.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.matomo.cloud","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 21 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:9E:B2:8F:2C:21:F3:D8:CC:C3:78:9E:88:F2:FC:72:0C:FB:68:3A","sha256":"D7:E0:95:8B:B8:35:19:48:30:B8:87:D2:5F:82:0D:1D:DF:65:27:5C:9A:83:C6:2B:1B:9B:3F:9C:32:70:25:3C"}}},"request":{"raw":"GET /pokastarter2.matomo.cloud/matomo.js HTTP/1.1\r\nHost: cdn.matomo.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: CloudFront\r\ncontent-type: text/html\r\ncontent-length: 0\r\ndate: Sat, 02 May 2026 12:00:38 GMT\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 02 Nov 2023 02:17:11 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\nx-amz-version-id: x8CUW72Cdy4wRBv1lXTNc2XlWFvGGyiM\r\naccept-ranges: bytes\r\nx-cache: Error from cloudfront\r\nvia: 1.1 62fb1997c40a03e325a22b812f7b7e10.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: RChAIHrc2BNWZT5_FhxdhiTIthdGhsTIM3G6Mli7jskz1rO7apARAA==\r\nage: 5466\r\nstrict-transport-security: max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":46,"dns":13,"connect":12,"send":0,"wait":100,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hettich.com.gt.innovate.gt/","fqdn":"hettich.com.gt.innovate.gt","domain":"innovate.gt","tld":"gt"},"ip":{"addr":"69.174.48.72","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-02T13:31:41.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hettich.com.gt.innovate.gt","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 02:45:23 GMT","end":"Fri, 31 Jul 2026 02:45:22 GMT"},"fingerprint":{"sha1":"5F:E2:55:C7:70:99:60:D0:1B:E8:71:54:B4:9C:CE:08:1B:31:CD:AE","sha256":"07:A4:62:34:02:95:6F:ED:61:9F:EE:9F:7D:81:70:1B:7C:8A:38:C7:44:CC:18:E1:A7:A4:97:FB:DF:F2:37:E2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hettich.com.gt.innovate.gt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 25 Jan 2025 02:33:17 GMT\r\naccept-ranges: bytes\r\ncontent-length: 66479\r\ncontent-type: text/html\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":66479,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2924)","md5":"f498d283b76181ba849ab79cc11bc5ea","sha1":"91e4de52fece62740fc313d3c8123106c7fba220","sha256":"29a75645b3090d7f98da595172f4ef1c3e0f55323afc652a38d98cc588c5442f","sha512":"de74027d2899e79c80764a3191d909fff6e9f96d649a224643660be0219fdcd34f0146cc86a6482ddf3220d5fee72f1e27c96ed690917250ac41933464435396","ssdeep":"768:amQy0j+HPhmc1c6IBg2P2C23DY0AG0ReXY4HFWJQ/6llBY0hMCUDheQu:CgABaDY0APReXY4HFWJQ/6llBYzu","tlshash":"b35393b250f00127019381c5a5a67b2bbf8ae88bde4b8a4676ac17d09fe3dc7dd5314d","first_seen":"2026-05-02T13:32:16.383632Z","last_seen":"2026-05-02T13:34:17.232241Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1288,"timings":{"blocked":500,"dns":305,"connect":93,"send":0,"wait":188,"receive":100,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/css/components.css","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /css/components.css HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:43 GMT\r\ncontent-type: text/css\r\ncf-cache-status: HIT\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=q0qQD4eX8rgWCQHFoMIziPOG2mYu6MHfRRKRxxkkFEc%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777339202\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=q0qQD4eX8rgWCQHFoMIziPOG2mYu6MHfRRKRxxkkFEc%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777339202\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:43 GMT\r\ncache-control: public, max-age=14400\r\netag: W/\"975c-6507ac749d200\"\r\ncontent-encoding: gzip\r\ncf-ray: 9f576349399856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38748,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2587)","md5":"73e145248d54c09b3381cdc73509ba53","sha1":"3e8d714c3304ca1b51c822a33d707b4c51ebd7ff","sha256":"b245eba67cac350e0beebb8efaa528e8a804ec90775e530adfcb9df0c559fd0e","sha512":"10a9b8656df98ca10d20f45a103951838d34bc72e1afdcf56aec5f5124eea3786627096fba19881942d1a5d45a3eff673f9c263b2dac1dc5662412173328ae19","ssdeep":"768:ef7A1YR4/VHrFIfoF7GpFMDw82aWoS+lyKA+vdxxF3F5FiwFt24lLqClUZ6CE7WH:t1Y2tHr5KCPxljdRLqCqE2kQJ","tlshash":"c40394b58bf00620b817c1a56890a3657f2d4003b74ede28bae1741fdfce1c79963b69","first_seen":"2026-04-17T19:41:05.832186Z","last_seen":"2026-06-03T22:39:12.231102Z","times_seen":28,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":66,"dns":10,"connect":1,"send":0,"wait":123,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/css/relume-template---sept-20-ecece4197fc38.css","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /css/relume-template---sept-20-ecece4197fc38.css HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=jxi0DroP2BLdDMq9zPAxqqZuZSxZ8vOLZxFokfwn%2FJo%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777728697\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=jxi0DroP2BLdDMq9zPAxqqZuZSxZ8vOLZxFokfwn%2FJo%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777728697\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:42 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: gzip\r\ncf-ray: 9f576349399456bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":65,"dns":9,"connect":1,"send":0,"wait":75,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/images/T-Fight-Figure-3_1T-Fight-Figure-3.webp","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/T-Fight-Figure-3_1T-Fight-Figure-3.webp HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33878\r\naccept-ranges: bytes\r\netag: \"8456-6507ac749d200\"\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=cUrupMQ8Gef%2FRrs7oTTtNJ6exPnowAW3NSHp1vWwpMM%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777340403\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=cUrupMQ8Gef%2FRrs7oTTtNJ6exPnowAW3NSHp1vWwpMM%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777340403\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:42 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9f576349398856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33878,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2c3dc9d8cef4dd47e61b9fa0585aee38","sha1":"1a1577e95fe843d0f87bfb83c09da0d194f0af03","sha256":"e8c0660e9fab4b94f63dcfe1a28b1a96d583ac6164703f19422f4dffd81fcb2a","sha512":"f4136ced6d2de446752fadecbdeb56d9d5b399d3e22b7680f8a444756371362f5031cbf90ba4adf3e93b92b89a5fba1296c0571d1e86105aa81c0144ef3ebdac","ssdeep":"768:tnidjEaWLq7j5De8hpSES+Robeq5niZXSPemM9Z7K4IwGcXeZ7:tidjjNtDe8hcEbobeq5iZXeem4Zv8p","tlshash":"7be2f1dad56ca1e3b3cf61461aa4f117b91a23d887add81e70325eefc9c99480c4ed08","first_seen":"2025-01-27T12:55:31.840484Z","last_seen":"2026-05-02T13:34:17.234987Z","times_seen":45,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":85,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/images/favicon.png","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:44.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/favicon.png HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 5850\r\naccept-ranges: bytes\r\netag: \"16da-6507ac749d200\"\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=3lH3jlaZ0H65L3cTULr63%2FmJXI5WjdB3Wk0%2FVJ5yK04%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777340402\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=3lH3jlaZ0H65L3cTULr63%2FmJXI5WjdB3Wk0%2FVJ5yK04%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777340402\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:44 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9f576354fe9856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5850,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7bb47473ab236adae5e694447b334452","sha1":"6670d1129499b0c024b840e18c77eaea39386afa","sha256":"247a6fb8bc50f38c5529a327ba803c6a42eb1e9d620227e97e16b7f956d0d52b","sha512":"d9c47be0ef4baccf8a6023e5e2404959134b76e9e11ca91f716f1f1c0874b92f91306e384bbc00bdfb11e164d84e8790ea20ffcc85249a41b519576b984c298a","ssdeep":"96:FllcHitlIxv9vk7C1+I4wWHLihk/xZSOsWRIHJIQnae6Aspw43z38cAR3F:+IIHUCD4wa3SOsW8FnEpw4jWF","tlshash":"f9c17dc89468450b00070798ad4bac95c5b7674452601e2dbdfed33fe318d9578b2abb","first_seen":"2025-01-27T12:55:31.898719Z","last_seen":"2026-05-02T13:34:17.2304Z","times_seen":36,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/images/webclip.png","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:44.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/webclip.png HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 111544\r\naccept-ranges: bytes\r\netag: \"1b3b8-6507ac749d200\"\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=Ubp2DrMPO%2Br%2FODOcYEjqFizghvYN9EqrppaJUdrGsqk%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777363610\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=Ubp2DrMPO%2Br%2FODOcYEjqFizghvYN9EqrppaJUdrGsqk%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777363610\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:44 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9f576354fe9356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111544,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"ed9222a34ac2d5447de2204202e8529a","sha1":"39e6afc6b224fd9889414ad07fdb1603250b77c6","sha256":"1112b2f016db063d78805af57181a0d4434ba5ae008f0a9e6cdc388dc6ebc4bb","sha512":"ea08735cf2c9624f54e89065da1d50eb443e18e7e87b4963953ce81c66b4b1ed2d0f91dbb88e61139629718a9c3fc323bca0d875aac0ddc06cf1deb328840ba7","ssdeep":"1536:tcMU9VJc9r4pZU7n6EPpEYL0/41W2S7pECpGLZjfBlXhtS9a7aCZVf1zkG9hm:xU9VJct4T4PeYtw2MfI9jfBlXh73hkum","tlshash":"bab302d623f5b00e619886ac0165cf73d4e88e6129f66669fce8e8d1e81fcb11861e5c","first_seen":"2025-01-27T12:55:31.900617Z","last_seen":"2026-05-02T13:34:17.231275Z","times_seen":33,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/css/normalize.css","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /css/normalize.css HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:43 GMT\r\ncontent-type: text/css\r\ncf-cache-status: HIT\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=veBwj9ts4wAHFNu0z8CtIfJBLEgc9yV4L%2BDn9LqUVbM%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777343550\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=veBwj9ts4wAHFNu0z8CtIfJBLEgc9yV4L%2BDn9LqUVbM%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777343550\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:43 GMT\r\ncache-control: public, max-age=14400\r\netag: W/\"1e5c-6507ac749d200\"\r\ncontent-encoding: gzip\r\ncf-ray: 9f576349398556bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7772,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"afb4942e5838a7dc3b63d00ffcc87c9d","sha1":"f1a4ae2fbaa13ef9d9500648d5a16f7adaa88d30","sha256":"0d336a97efd52a4ef44ef3270e71eac24ba405d4450016f9d3e943256e9e58c8","sha512":"8b897ca084c9e5aba585a3c8036ca2b9e10243e262e93f0761635db00d1da2544803f8937163d278e94c4d6ff6b23031f87660b55a9000a72211bb27a3ebab7e","ssdeep":"96:MrWcFPpkRUwojaszRO5LVSrwnTgPjnRo5wUEKs2NE4P+49NaN71UB9:M/9pVjasdEvQnRo2UEKsSBP+W67w","tlshash":"82f1b59923a04b9252395df5f3a7938533481127832c7c6eb4d240fc8fc8b5553baf99","first_seen":"2023-04-05T04:08:19Z","last_seen":"2026-06-08T09:35:51.571324Z","times_seen":2697,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":62,"dns":10,"connect":1,"send":0,"wait":110,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gettrumpmemes.com/images/Community-top-image_1Community-top-image.webp","fqdn":"gettrumpmemes.com","domain":"gettrumpmemes.com","tld":"com"},"ip":{"addr":"104.18.6.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:42.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrumpmemes.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 00:31:24 GMT","end":"Tue, 07 Jul 2026 01:31:17 GMT"},"fingerprint":{"sha1":"1A:1E:5F:3B:63:55:39:E4:0D:86:DF:DA:5B:F4:4A:48:8B:8D:78:FB","sha256":"0B:18:8C:0D:A1:B6:06:FB:AC:44:61:7D:BA:FD:17:66:84:16:2B:54:C8:0F:1B:FA:BC:48:1B:3B:49:8F:1D:BF"}}},"request":{"raw":"GET /images/Community-top-image_1Community-top-image.webp HTTP/1.1\r\nHost: gettrumpmemes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29472\r\naccept-ranges: bytes\r\netag: \"7320-6507ac749d200\"\r\nlast-modified: Tue, 28 Apr 2026 01:02:00 GMT\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=rjGciEYCN%2BWM%2BmGvnsmdH%2BgBBIEJI82zkBCAfcK8IgM%3D\\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\\u0026ts=1777338606\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=rjGciEYCN%2BWM%2BmGvnsmdH%2BgBBIEJI82zkBCAfcK8IgM%3D\u0026sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d\u0026ts=1777338606\"\r\nserver: cloudflare\r\nvia: 2.0 heroku-router\r\nexpires: Sat, 02 May 2026 17:31:42 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9f576349398d56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"387cb40fb31f79e8762f299580c607fd","sha1":"af71cae0516d551603cb79f799c40b8432b5f1f2","sha256":"bd705d9917c8a6bd0c72c27ac6434231c86105c8b82cb6d8667a822667d3e71e","sha512":"5982fd10047dd670376c5fb76f97ed0310c81c93caac1a47dba6fe5a164ced616214538da96770466d3c087238f6c81216f28a51bee3f4b0ae586d115a70e8bf","ssdeep":"768:BzXbx+Au+AG9A+CO5rchHzHlaHDER7e5YjE:B/Qz+Az+CO5rchTHEG7XA","tlshash":"78d2f1c1607761da3b142ea86f1de4e604d710d52401b36271ea7e856df3e34c1f9bac","first_seen":"2025-01-27T12:55:31.842588Z","last_seen":"2026-05-02T13:34:17.236887Z","times_seen":39,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":75,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"gettrumpmemes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hettich.com.gt.innovate.gt/","date":"2026-05-02T13:31:44.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Apr 2026 21:16:17 GMT","end":"Tue, 28 Jul 2026 22:16:15 GMT"},"fingerprint":{"sha1":"6D:CC:48:D6:E1:8C:50:0D:7C:B9:13:15:F0:18:E0:73:56:59:60:F7","sha256":"00:FD:76:18:CB:8D:B6:5A:4C:B7:0A:37:77:28:B1:01:5C:3D:6A:E4:2D:06:02:C1:9D:B8:6B:F8:6F:F8:31:77"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hettich.com.gt.innovate.gt/\r\nOrigin: https://hettich.com.gt.innovate.gt\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 13:31:44 GMT\r\ncontent-type: text/plain\r\ncontent-length: 12\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f57635158d84c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"35b0bce9d250429df012c0426f88d0bd","sha1":"f81d80af9cbeb0011316fbba3da8002b32251f7a","sha256":"da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d","sha512":"32c9df1064e730e1a2358dae62aff741118007187d89510bfbdf93efaaa7356b71a570ea8c5d96bdc0b47155bbaa77df86b6847cc4d95d2d1b7fa2a1484a7144","ssdeep":"","tlshash":"dd600003000000000c00c00cc303030303c00003c30f0000ccc00f000c003300300000","first_seen":"2023-03-07T01:19:04Z","last_seen":"2026-06-07T08:12:19.538389Z","times_seen":27001,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":21,"dns":3,"connect":1,"send":0,"wait":91,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}