{"report_id":"f93946b3-e4bb-4837-a1a2-ba1d7ece2324","version":6,"status":"done","tags":[],"date":"2026-02-10T18:06:37Z","url":{"schema":"http","addr":"slush-app.net","fqdn":"slush-app.net","domain":"slush-app.net","tld":"net"},"ip":{"addr":"199.188.200.150","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"slush-app.net/","fqdn":"slush-app.net","domain":"slush-app.net","tld":"net"},"title":"Slush — Your Money. Unstuck.","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"slush-app.net","fqdn":"slush-app.net","domain":"slush-app.net","tld":"net"},"ip":{"addr":"199.188.200.150","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-17T18:06:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-10T18:06:16Z","timestamp":1770746776,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42580,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-02-10T18:06:16.961213+0000\",\"flow_id\":1567329994971321,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.27\",\"src_port\":42580,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3511,\"start\":\"2026-02-10T18:06:16.956601+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"slush-app.net","ip":{"addr":"199.188.200.150","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2026-02-09","domain_rank":0,"first_seen":"2026-02-10T17:48:43.699291Z","last_seen":"2026-02-10T17:48:43.699291Z","alert_count":0,"request_count":3,"received_data":8497366,"sent_data":1412,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-02-09T08:52:44.317696Z","alert_count":0,"request_count":1,"received_data":271,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipapi.co","ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-02-04T12:01:59.027922Z","alert_count":0,"request_count":1,"received_data":2472,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"slush-app.net/","fqdn":"slush-app.net","domain":"slush-app.net","tld":"net"},"ip":{"addr":"199.188.200.150","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-10T18:06:14.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slush-app.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 10 Feb 2026 00:00:00 GMT","end":"Wed, 10 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"EA:B0:7E:D4:A0:C0:94:7A:56:3C:D1:35:AD:D2:AA:EE:A1:30:69:FD","sha256":"A1:75:24:6E:32:40:96:F1:6C:06:5B:66:EF:B0:86:DF:2D:3D:EC:03:39:42:6C:EF:EA:32:39:52:34:FF:30:55"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: slush-app.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 09 Feb 2026 00:06:01 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 10 Feb 2026 18:06:15 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-methods: POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\naccess-control-max-age: 86400\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":8467550,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26711)","md5":"76a43759c3be8c5ec5ce82828e02e053","sha1":"059cbc2f97722c234489523f9593c7b47e7358d7","sha256":"42044679b4b508d84385a5735b23c293ef088a04acc845b6b71eb20961ebce7d","sha512":"f673afe085f4fbd29e9fc15afd77ad20a8409a899851e9cb0ed5f50e43721a9e2dc360b48698b5f6469366d90d4a2b72dde4556208fa7e121e4fa5a32bc9d492","ssdeep":"12288:ezUjZll2KZPsA74VjtUvGSvRbHrdjgGu198KmoGWDgWfyvn:CCOEPRijt0pGGu3GWD9M","tlshash":"92251cf2918baca747992941445c3f75ac6828cbd25c9d04f98c7ff6e35d020ef2da68","first_seen":"2026-02-10T17:48:48.5432Z","last_seen":"2026-02-10T18:06:41.236297Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1065,"timings":{"blocked":367,"dns":1,"connect":166,"send":0,"wait":329,"receive":0,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slush-app.net/downloadicon.png","fqdn":"slush-app.net","domain":"slush-app.net","tld":"net"},"ip":{"addr":"199.188.200.150","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://slush-app.net/","date":"2026-02-10T18:06:16.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slush-app.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 10 Feb 2026 00:00:00 GMT","end":"Wed, 10 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"EA:B0:7E:D4:A0:C0:94:7A:56:3C:D1:35:AD:D2:AA:EE:A1:30:69:FD","sha256":"A1:75:24:6E:32:40:96:F1:6C:06:5B:66:EF:B0:86:DF:2D:3D:EC:03:39:42:6C:EF:EA:32:39:52:34:FF:30:55"}}},"request":{"raw":"GET /downloadicon.png HTTP/1.1\r\nHost: slush-app.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://slush-app.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 17 Feb 2026 18:06:16 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 06 Feb 2026 15:35:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 28604\r\ndate: Tue, 10 Feb 2026 18:06:16 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-methods: POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\naccess-control-max-age: 86400\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":28604,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 1280, 8-bit colormap, non-interlaced","md5":"74490f035feffef926c7ad33ec94b76c","sha1":"b9d3f61b54d5867e888440934e3e74b7a7e4c78d","sha256":"f304842093383f52f30b53d2765dc83b616c10cb1174b10dd443f0220bd80270","sha512":"ddfaebab3abbb5d9ca29b3e747cf8c84eda966c78df543a9a18f549e6ead3adf8efe45b41bfbe2701700509e1cc75a177d1aa83fb9707203faf289fabe387edf","ssdeep":"768:XjqxsYhuLGK3kopPZ5TeUuWJZsgv4HqU3siCdg1sQhH:Xje7hQ9PPXsyvg1sQhH","tlshash":"56d2e1e0c485ad7b86d8b630338483495716cd8ae39d7f7d8eb158f1790af86b03a94d","first_seen":"2026-01-16T21:52:25.9382Z","last_seen":"2026-02-12T11:09:33.439414Z","times_seen":5,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":299,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://slush-app.net/","date":"2026-02-10T18:06:16.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://slush-app.net/\r\nOrigin: https://slush-app.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Feb 2026 18:06:17 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9cbd8a1c1d2d4c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-07T07:51:18.251001Z","times_seen":93313,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":17,"dns":2,"connect":1,"send":0,"wait":101,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/91.90.42.154/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://slush-app.net/","date":"2026-02-10T18:06:17.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /91.90.42.154/json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://slush-app.net/\r\nOrigin: https://slush-app.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Feb 2026 18:06:17 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: GET, HEAD, OPTIONS, OPTIONS, POST\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://slush-app.net\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5VdF32eoBdwrg1LqaEo14BtF3Yu%2F4D2Y5nhHfZG%2F9Qslo69zquej7PV14UHOMcBIUxs68%2Bjz5x0nOduMhUraPNi9sJmB\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9cbd8a1d4b6f0b4d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"460b460d57658b5fd29c5e4934445c33","sha1":"24a724b25ef1401657cafa588835edfb9f7ef1f7","sha256":"93eefe1243dfce9ac06bf199cc9962e610bab6bff4f096662a357d27c9aefa70","sha512":"127d42078b0a87c6d0a70bd359dbcf50844e871ae9e98875a63f2303950b50bcc04fdb72df3f2e157dde3c019355fb67791147d38d6c3c570e1bde1d3b8f31c2","ssdeep":"","tlshash":"a9012428e4680e7b88b80358b4286a07122422075f16354e7fd4878d0f8d8bf20b124e","first_seen":"2025-12-17T10:03:05.72606Z","last_seen":"2026-03-25T09:03:12.863773Z","times_seen":3067,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":31,"dns":6,"connect":4,"send":0,"wait":267,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slush-app.net/report.php","fqdn":"slush-app.net","domain":"slush-app.net","tld":"net"},"ip":{"addr":"199.188.200.150","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://slush-app.net/","date":"2026-02-10T18:06:17.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"slush-app.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 10 Feb 2026 00:00:00 GMT","end":"Wed, 10 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"EA:B0:7E:D4:A0:C0:94:7A:56:3C:D1:35:AD:D2:AA:EE:A1:30:69:FD","sha256":"A1:75:24:6E:32:40:96:F1:6C:06:5B:66:EF:B0:86:DF:2D:3D:EC:03:39:42:6C:EF:EA:32:39:52:34:FF:30:55"}}},"request":{"raw":"POST /report.php HTTP/1.1\r\nHost: slush-app.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://slush-app.net/\r\nContent-Type: application/json\r\nContent-Length: 279\r\nOrigin: https://slush-app.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.2.30\r\ncontent-type: application/json\r\naccess-control-allow-origin: https://yourdomain.com\r\naccess-control-allow-methods: POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-length: 16\r\ndate: Tue, 10 Feb 2026 18:06:18 GMT\r\nserver: LiteSpeed\r\naccess-control-max-age: 86400\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-06-07T08:20:47.020217Z","times_seen":153963,"resource_available":true,"data":null}},"time_used":720,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":720,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}