{"report_id":"003d35d2-d21c-4417-8465-8f5c1d22ffaf","version":6,"status":"done","tags":[],"date":"2025-12-20T20:49:45Z","url":{"schema":"http","addr":"levitra-gg.com/","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"levitra-gg.com/","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"title":"Levitra Fitness – Health Fitness Guide Exercise","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"levitra-gg.com/","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-24T20:49:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"tq2tmylv9quqkoe"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"kimberlite.io","ip":{"addr":"37.0.127.86","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"domain_registered":"2017-03-16","domain_rank":17539,"first_seen":"2017-09-14T05:18:59Z","last_seen":"2025-12-16T06:16:39.08931Z","alert_count":0,"request_count":3,"received_data":2013,"sent_data":1611,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"match.ohmy.bid","ip":{"addr":"37.0.127.208","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"domain_registered":"2022-06-09","domain_rank":283479,"first_seen":"2023-05-23T09:17:10Z","last_seen":"2025-12-16T06:16:39.422162Z","alert_count":0,"request_count":1,"received_data":488,"sent_data":511,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sync.gonet-ads.com","ip":{"addr":"188.42.104.140","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2022-04-05","domain_rank":164679,"first_seen":"2023-02-03T11:32:31Z","last_seen":"2025-12-16T06:16:39.648851Z","alert_count":0,"request_count":1,"received_data":345,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ssp-statistics.dsp.nt.technology","ip":{"addr":"52.213.188.202","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2019-02-02","domain_rank":50490,"first_seen":"2025-01-30T05:42:21.300558Z","last_seen":"2025-12-18T18:34:53.217971Z","alert_count":0,"request_count":1,"received_data":588,"sent_data":792,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ck.silvermob.com","ip":{"addr":"212.95.41.187","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2015-08-25","domain_rank":416424,"first_seen":"2025-03-13T10:51:02.742077Z","last_seen":"2025-12-17T04:46:10.258917Z","alert_count":0,"request_count":1,"received_data":636,"sent_data":549,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"mc.acint.net","ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"domain_registered":"2014-02-06","domain_rank":245226,"first_seen":"2024-01-29T15:31:01Z","last_seen":"2025-12-16T20:12:58.998341Z","alert_count":0,"request_count":15,"received_data":6068,"sent_data":29780,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.lotus-dsp.ru","ip":{"addr":"213.171.19.207","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"domain_registered":"2023-12-05","domain_rank":395207,"first_seen":"2023-12-09T00:32:38Z","last_seen":"2025-12-18T20:06:25.59316Z","alert_count":0,"request_count":1,"received_data":565,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"statmedia.ru","ip":{"addr":"82.202.225.227","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2022-03-25","domain_rank":27502,"first_seen":"2015-08-17T13:20:07Z","last_seen":"2025-12-17T04:46:09.346993Z","alert_count":0,"request_count":1,"received_data":265,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.adiam.tech","ip":{"addr":"172.67.200.122","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-12-23","domain_rank":297000,"first_seen":"2024-03-15T20:38:51Z","last_seen":"2025-12-17T04:46:10.700743Z","alert_count":0,"request_count":1,"received_data":912,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"d2908q01vomqb2.cloudfront.net","ip":{"addr":"18.239.38.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2016-10-06T10:14:09Z","last_seen":"2025-12-16T17:49:20.157974Z","alert_count":0,"request_count":1,"received_data":219622,"sent_data":530,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"a.utraff.com","ip":{"addr":"213.171.19.142","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"domain_registered":"2016-09-27","domain_rank":179342,"first_seen":"2019-02-27T10:01:37Z","last_seen":"2025-12-16T06:16:38.189679Z","alert_count":0,"request_count":2,"received_data":1322,"sent_data":899,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.oxygen.com","ip":{"addr":"23.36.77.203","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"1998-09-10","domain_rank":694267,"first_seen":"2013-01-07T18:44:36Z","last_seen":"2025-06-30T01:30:05.941127Z","alert_count":0,"request_count":1,"received_data":39820,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sync.upravel.com","ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"domain_registered":"2017-03-25","domain_rank":187521,"first_seen":"2017-05-29T09:13:46Z","last_seen":"2025-12-17T10:03:57.280379Z","alert_count":0,"request_count":7,"received_data":5952,"sent_data":3583,"comment":"","tags":null,"fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}]},{"fqdn":"dm-eu.hybrid.ai","ip":{"addr":"37.230.131.21","port":443,"asn":200197,"as":"Hybrid Adtech Sp.z.o.o.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2017-12-19","domain_rank":74067,"first_seen":"2021-01-25T11:48:59Z","last_seen":"2025-12-20T13:52:42.976503Z","alert_count":0,"request_count":1,"received_data":404,"sent_data":472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tms.gpmdata.ru","ip":{"addr":"62.105.142.42","port":443,"asn":3216,"as":"PVimpelCom","country":"Russia","country_code":"RU"},"domain_registered":"2021-03-12","domain_rank":572397,"first_seen":"2024-09-23T08:23:01Z","last_seen":"2025-12-19T02:34:56.399116Z","alert_count":0,"request_count":1,"received_data":784,"sent_data":624,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bid.sspnet.tech","ip":{"addr":"212.41.25.245","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2023-10-17","domain_rank":512084,"first_seen":"2025-08-19T17:30:43.164294Z","last_seen":"2025-12-17T04:46:10.124569Z","alert_count":0,"request_count":2,"received_data":798,"sent_data":1101,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.bringads.ru","ip":{"addr":"213.171.19.188","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"domain_registered":"2025-02-06","domain_rank":412835,"first_seen":"2025-05-20T10:33:46.598539Z","last_seen":"2025-12-18T18:34:52.524809Z","alert_count":0,"request_count":1,"received_data":566,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rtb.dynotech.io","ip":{"addr":"77.223.121.51","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2024-04-24","domain_rank":372920,"first_seen":"2024-06-21T10:32:20Z","last_seen":"2025-12-16T18:11:47.348835Z","alert_count":0,"request_count":1,"received_data":201,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"match.new-programmatic.com","ip":{"addr":"217.65.2.150","port":443,"asn":3175,"as":"Citytelecom LLC","country":"Russia","country_code":"RU"},"domain_registered":"2020-02-18","domain_rank":172258,"first_seen":"2020-02-18T20:50:06Z","last_seen":"2025-12-16T06:16:39.72996Z","alert_count":0,"request_count":1,"received_data":215,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sync.dsp.solta.io","ip":{"addr":"217.199.220.73","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"domain_registered":"2022-07-19","domain_rank":369782,"first_seen":"2022-09-21T16:47:56Z","last_seen":"2025-12-17T04:46:10.717263Z","alert_count":0,"request_count":1,"received_data":250,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ssp-rtb.sape.ru","ip":{"addr":"193.3.184.186","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"domain_registered":"2006-06-19","domain_rank":153781,"first_seen":"2016-02-02T17:01:03Z","last_seen":"2025-12-14T00:05:25.748382Z","alert_count":0,"request_count":3,"received_data":1663,"sent_data":1767,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"mediatoday.ru","ip":{"addr":"194.186.91.196","port":443,"asn":3216,"as":"PVimpelCom","country":"Russia","country_code":"RU"},"domain_registered":"2008-03-02","domain_rank":40250,"first_seen":"2013-05-20T20:53:32Z","last_seen":"2025-12-18T12:24:45.229569Z","alert_count":0,"request_count":1,"received_data":865,"sent_data":522,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sync.adspend.space","ip":{"addr":"5.189.234.227","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2022-02-11","domain_rank":345453,"first_seen":"2022-10-20T06:12:42Z","last_seen":"2025-12-16T20:12:59.793464Z","alert_count":0,"request_count":2,"received_data":1059,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.26.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ssp.bidvol.com","ip":{"addr":"194.85.16.22","port":443,"asn":8985,"as":"Join-stock company Internet ExchangeMSK-IX","country":"Russia","country_code":"RU"},"domain_registered":"2019-09-24","domain_rank":199701,"first_seen":"2020-02-22T12:37:29Z","last_seen":"2025-12-19T09:50:11.218717Z","alert_count":0,"request_count":1,"received_data":672,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.videohead.tech","ip":{"addr":"213.171.19.234","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"domain_registered":"2023-05-30","domain_rank":516081,"first_seen":"2023-06-07T20:20:13Z","last_seen":"2025-12-17T04:46:10.15418Z","alert_count":0,"request_count":1,"received_data":566,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"2-69470bd3f0e0150001e733eb.id.adx.com.ru","ip":{"addr":"83.222.104.222","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"domain_registered":"2017-05-19","domain_rank":0,"first_seen":"2025-12-20T20:49:48.269255Z","last_seen":"2025-12-20T20:49:48.269255Z","alert_count":0,"request_count":1,"received_data":434,"sent_data":764,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-14T22:13:59.416786Z","alert_count":0,"request_count":1,"received_data":38590,"sent_data":549,"comment":"","tags":null,"fingerprints":null},{"fqdn":"match.qtarget.tech","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-12-26","domain_rank":701462,"first_seen":"2023-01-28T17:26:52Z","last_seen":"2025-12-17T04:46:10.764454Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sync.opendsp.ru","ip":{"addr":"176.114.85.200","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2022-08-24","domain_rank":261604,"first_seen":"2022-09-01T11:01:38Z","last_seen":"2025-12-20T07:22:34.027916Z","alert_count":0,"request_count":2,"received_data":500,"sent_data":941,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cm.pxltag.com","ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2025-05-25","domain_rank":0,"first_seen":"2025-11-18T10:18:49.548967Z","last_seen":"2025-12-18T12:24:45.158333Z","alert_count":0,"request_count":1,"received_data":366,"sent_data":547,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"levitra-gg.com","ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-03-20","domain_rank":1514414,"first_seen":"2018-05-04T08:02:49Z","last_seen":"2023-12-10T15:40:27Z","alert_count":72,"request_count":36,"received_data":1558343,"sent_data":17499,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Contact Form 7:6.1.3","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Themeansar Newsup","description":"Themeansar Newsup is a fast, clean, modern-looking responsive news magazine WordPress theme.","website":"https://themeansar.com/free-themes/newsup","common_platform_enumeration":"","icon":"Themeansar.png","categories":["WordPress themes"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress:6.9","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]},{"fqdn":"s.suprion.ru","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-05-30","domain_rank":451696,"first_seen":"2024-05-31T16:19:08Z","last_seen":"2025-12-16T18:11:47.564017Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":495,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dm.hybrid.ai","ip":{"addr":"37.230.131.21","port":443,"asn":200197,"as":"Hybrid Adtech Sp.z.o.o.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2017-12-19","domain_rank":93939,"first_seen":"2018-08-22T12:51:55Z","last_seen":"2025-12-14T16:55:14.352991Z","alert_count":0,"request_count":1,"received_data":344,"sent_data":399,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sync.dmp.otm-r.com","ip":{"addr":"194.55.244.180","port":443,"asn":34959,"as":"Kviktel LLC","country":"Russia","country_code":"RU"},"domain_registered":"2014-01-16","domain_rank":124233,"first_seen":"2017-02-03T07:19:51Z","last_seen":"2025-12-17T05:28:32.625027Z","alert_count":0,"request_count":2,"received_data":792,"sent_data":1005,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.27.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sync.bumlam.com","ip":{"addr":"31.172.81.146","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2015-08-10","domain_rank":29016,"first_seen":"2015-08-10T21:04:25Z","last_seen":"2025-12-16T06:16:38.275034Z","alert_count":0,"request_count":3,"received_data":1959,"sent_data":1563,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.azcentral.com","ip":{"addr":"199.232.42.62","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"domain_registered":"1995-07-27","domain_rank":97298,"first_seen":"2014-03-13T10:15:46Z","last_seen":"2025-06-24T16:25:49.369263Z","alert_count":0,"request_count":2,"received_data":1130,"sent_data":1332,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.highsnobiety.com","ip":{"addr":"104.19.159.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2005-06-15","domain_rank":111294,"first_seen":"2012-06-04T03:20:54Z","last_seen":"2025-12-17T12:06:08.55769Z","alert_count":0,"request_count":1,"received_data":193117,"sent_data":512,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"exchange.buzzoola.com","ip":{"addr":"176.114.74.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2010-08-11","domain_rank":80108,"first_seen":"2014-10-17T15:20:27Z","last_seen":"2025-12-16T06:16:39.23062Z","alert_count":0,"request_count":4,"received_data":1939,"sent_data":2723,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"acint.net","ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"domain_registered":"2014-02-06","domain_rank":7617,"first_seen":"2014-02-14T21:23:16Z","last_seen":"2025-12-16T18:11:47.145006Z","alert_count":0,"request_count":6,"received_data":2281,"sent_data":12068,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.adspector.io","ip":{"addr":"104.21.15.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-06-02","domain_rank":213577,"first_seen":"2024-06-28T02:35:48Z","last_seen":"2025-12-18T01:51:28.980621Z","alert_count":0,"request_count":1,"received_data":928,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.kff.org","ip":{"addr":"192.0.66.210","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1995-05-15","domain_rank":541815,"first_seen":"2012-07-12T18:08:39Z","last_seen":"2025-12-16T19:08:05.520966Z","alert_count":0,"request_count":1,"received_data":66673,"sent_data":582,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sp.kombinat.digital","ip":{"addr":"77.223.120.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2025-04-16","domain_rank":596572,"first_seen":"2025-07-09T21:59:17.553875Z","last_seen":"2025-12-16T06:16:38.416948Z","alert_count":0,"request_count":1,"received_data":494,"sent_data":516,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.acint.net","ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"domain_registered":"2014-02-06","domain_rank":175167,"first_seen":"2014-02-14T21:23:16Z","last_seen":"2025-12-17T16:24:46.473346Z","alert_count":0,"request_count":10,"received_data":93711,"sent_data":12783,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"1026--d98dcc7a-51eb-4916-a95e-2482bcecb560.stbid.ru","ip":{"addr":"185.115.93.194","port":443,"asn":42881,"as":"Sc Itns.net Srl","country":"Moldova","country_code":"MD"},"domain_registered":"2023-02-28","domain_rank":0,"first_seen":"2025-12-20T20:49:48.261127Z","last_seen":"2025-12-20T20:49:48.261127Z","alert_count":0,"request_count":1,"received_data":204,"sent_data":515,"comment":"","tags":null,"fingerprints":[{"name":"Angie:1.10.3","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}]},{"fqdn":"5d47878c-dde5-11f0-b60c-002590c82436.n4.sync.bumlam.com","ip":{"addr":"185.115.93.199","port":443,"asn":42881,"as":"Sc Itns.net Srl","country":"Moldova","country_code":"MD"},"domain_registered":"2015-08-10","domain_rank":0,"first_seen":"2025-12-20T20:49:48.309881Z","last_seen":"2025-12-20T20:49:48.309881Z","alert_count":0,"request_count":1,"received_data":386,"sent_data":541,"comment":"","tags":null,"fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie:1.10.3","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}]},{"fqdn":"otclick-adv.ru","ip":{"addr":"139.45.228.144","port":443,"asn":57304,"as":"JSC RetnNet","country":"Russia","country_code":"RU"},"domain_registered":"2011-01-17","domain_rank":27130,"first_seen":"2015-09-17T11:20:30Z","last_seen":"2025-12-17T10:03:56.775332Z","alert_count":0,"request_count":1,"received_data":724,"sent_data":522,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sp.linkssp.ru","ip":{"addr":"188.246.224.210","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2024-09-18","domain_rank":431263,"first_seen":"2025-05-28T20:33:39.660871Z","last_seen":"2025-12-18T20:06:25.499176Z","alert_count":0,"request_count":1,"received_data":488,"sent_data":537,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"media.glamour.com","ip":{"addr":"3.167.227.87","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"1994-05-17","domain_rank":826122,"first_seen":"2016-04-08T13:29:21Z","last_seen":"2025-12-09T12:01:46.2162Z","alert_count":0,"request_count":1,"received_data":140939,"sent_data":520,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"ssp-statistics.dev.dsp1.nominaltechno.com","ip":{"addr":"54.72.12.206","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2015-10-09","domain_rank":503952,"first_seen":"2024-09-06T07:52:31Z","last_seen":"2025-12-18T12:24:46.158657Z","alert_count":0,"request_count":1,"received_data":588,"sent_data":782,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ssp.bidster.net","ip":{"addr":"87.228.58.108","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2023-04-13","domain_rank":430502,"first_seen":"2023-08-04T01:03:10Z","last_seen":"2025-12-15T20:46:01.201756Z","alert_count":0,"request_count":1,"received_data":517,"sent_data":573,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"id.adx.bid","ip":{"addr":"104.26.1.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-17","domain_rank":667222,"first_seen":"2025-05-16T21:23:24.922522Z","last_seen":"2025-12-17T04:46:09.923426Z","alert_count":0,"request_count":1,"received_data":765,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ssp.al-adtech.com","ip":{"addr":"45.139.25.120","port":443,"asn":34959,"as":"Kviktel LLC","country":"Russia","country_code":"RU"},"domain_registered":"2024-01-16","domain_rank":164448,"first_seen":"2024-01-30T10:38:38Z","last_seen":"2025-12-16T19:48:52.968222Z","alert_count":0,"request_count":1,"received_data":713,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pix.bumlam.com","ip":{"addr":"31.172.81.4","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2015-08-10","domain_rank":386640,"first_seen":"2022-03-29T09:19:43Z","last_seen":"2025-12-16T06:16:39.822372Z","alert_count":0,"request_count":3,"received_data":2243,"sent_data":1532,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-14T22:17:06.291076Z","alert_count":0,"request_count":1,"received_data":7954,"sent_data":594,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cs.agency2.ru","ip":{"addr":"88.212.234.239","port":443,"asn":39134,"as":"Edinaya Set Limited Liability Company","country":"Russia","country_code":"RU"},"domain_registered":"2008-10-06","domain_rank":520394,"first_seen":"2022-04-29T14:24:02Z","last_seen":"2025-12-16T06:16:38.923345Z","alert_count":0,"request_count":1,"received_data":791,"sent_data":466,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adx.com.ru","ip":{"addr":"83.222.105.246","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"domain_registered":"2017-05-19","domain_rank":4001,"first_seen":"2017-06-05T16:30:42Z","last_seen":"2025-12-19T09:50:11.269499Z","alert_count":0,"request_count":2,"received_data":928,"sent_data":1020,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"images-assets.nasa.gov","ip":{"addr":"18.238.243.45","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":1441176,"first_seen":"2017-02-08T21:24:00Z","last_seen":"2025-12-11T00:36:20.628545Z","alert_count":0,"request_count":1,"received_data":368775,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"www.pymnts.com","ip":{"addr":"192.0.66.138","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2009-07-15","domain_rank":602175,"first_seen":"2012-10-04T12:43:56Z","last_seen":"2025-12-15T15:24:26.544024Z","alert_count":0,"request_count":1,"received_data":849361,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cmr.bidderstack.com","ip":{"addr":"185.149.242.234","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2017-04-25","domain_rank":274973,"first_seen":"2024-06-26T06:54:13Z","last_seen":"2025-12-18T12:24:46.159503Z","alert_count":0,"request_count":1,"received_data":271,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}]},{"fqdn":"cdn.mos.cms.futurecdn.net","ip":{"addr":"18.66.102.64","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2010-08-31","domain_rank":93431,"first_seen":"2016-03-01T01:03:27Z","last_seen":"2025-12-15T18:21:03.306391Z","alert_count":0,"request_count":1,"received_data":136405,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"5--2--69470bd3f0e0150001e733eb.stbid.ru","ip":{"addr":"185.43.4.87","port":443,"asn":29182,"as":"JSC IOT","country":"Russia","country_code":"RU"},"domain_registered":"2023-02-28","domain_rank":0,"first_seen":"2025-12-20T20:49:48.312447Z","last_seen":"2025-12-20T20:49:48.312447Z","alert_count":0,"request_count":1,"received_data":348,"sent_data":677,"comment":"","tags":null,"fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie:1.10.3","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}]},{"fqdn":"sync.dvgroup.com","ip":{"addr":"82.148.21.217","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"1998-09-12","domain_rank":429256,"first_seen":"2024-09-03T12:22:07Z","last_seen":"2025-12-17T06:52:56.921748Z","alert_count":0,"request_count":1,"received_data":250,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"media.cnn.com","ip":{"addr":"199.232.175.5","port":443,"asn":54113,"as":"FASTLY","country":"United Kingdom","country_code":"GB"},"domain_registered":"1993-09-22","domain_rank":45904,"first_seen":"2021-07-02T08:15:07Z","last_seen":"2025-12-17T15:04:03.646844Z","alert_count":0,"request_count":1,"received_data":33974,"sent_data":497,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"ssp.bestssp.com","ip":{"addr":"83.222.96.170","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"domain_registered":"2016-05-05","domain_rank":673248,"first_seen":"2017-06-10T08:55:20Z","last_seen":"2025-12-16T06:16:38.850192Z","alert_count":0,"request_count":1,"received_data":375,"sent_data":555,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"levitra-gg.com/wfpc-login-js-js-extra","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"865983121b60cf7cc0d0464d5162abc7","sha1":"0d1acdf3761f950bbaab4a044b4a2c74c5406fc2","sha256":"ef12d28f98fde70c2d5334a04a4b0438cfeeb64dedaa660b535eaca0547638c5","sha512":"eedef0d9a47a2a1819788c4fe3279263e2bc5017aeb768eaf88e70d6cf8d93bbb62062c15dd0775f0423828d159637190e99ca444571efdf1f9f126cc94f3501","ssdeep":"","tlshash":"21212333e4cc0e4747d17bf4054c5b7641841052f814cdc453e748044974d575f85196","size":1254,"data":"","first_seen":"2025-12-20T20:50:01.619077Z","last_seen":"2025-12-20T20:50:01.619077Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/wp-emoji-loader.min.js","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2ac71c5c2c1856f8abf268b4718fd44","sha1":"a7ac0e915658a4c7408755ac7b6b69fc91dfd536","sha256":"9d048ff365faab6fe5c2505ac930185b19b714e622d24a23132b532de38eb137","sha512":"46df71bd85ce2a38ca7119519d31b4e6904840571b6a16325fe701ffa2d85527226c3d9fe7f87ab7bbd7cfbeae105ad496d186ea4b3e936a21b879d740d8bb89","ssdeep":"","tlshash":"2b819796e77638dfb2f900f2697a0d47e7614435d6c8d038c9bea3141cb5893c375a46","size":4033,"data":"","first_seen":"2025-12-20T20:50:01.621533Z","last_seen":"2025-12-20T20:50:01.621533Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-25T15:55:37.689347Z","times_seen":687522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"90e932bd9e62583fc494c00498cfe7f5","sha1":"4f57e11bff609f90f49174187a0b5a6ba847ad28","sha256":"87cee5f49ba0d3017efc409579fc58b91a717f8f14751f7d804447ac9bcbaf4b","sha512":"ed9c129faf972ddfa705f05c3207884e5e9cd175baa45d49ce9d42bc0d01e4e8f36e627731bdd97214b1e2400fdd5012262a42f9800cd4f5565dbf183ba58507","ssdeep":"96:wXDE/3s/0EBM6ZUUCRTH+zl4NsBjcEmDtrGV2C2yics6w1RfGdzsvqZTq:wzg3kBFZYH+zhjngRw2cLzw1RfGdzsvx","tlshash":"56c153847983b970b2337057f0ff48d561baeba575298081964ec4a05d7388ee0a7abd","size":5661,"data":"","first_seen":"2025-10-27T08:47:54.273294Z","last_seen":"2026-04-25T15:56:54.507242Z","times_seen":134031,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a5838d1182eb0b11f5a58bfe26e2529","sha1":"920b2291e65d62eb55c1958911768540abaff5cf","sha256":"d4efe709c65438ae90dff385486421fea45762880f21fc4e0dca3fa96210f428","sha512":"bc41d50cd2e5c17c75ba737c303f2f498cc94e2c3fe402b2f15c5f10531e53633598093da98579b2dee65733dce0f763d77380ae35a9591d8bf91f975b7c6845","ssdeep":"96:L9emIWL7lnv93ssmAeGejQVnmggoC7arVCG0GXF730IQRDdlZq+SxSD3LmD:8mIWZVszMuinmg3rQ8Xd30DDdlZq+Sx3","tlshash":"2bb157dcb9d57022235121a0597fb409f3357d6470ebb8006ba9c4a47eb15cfb1a2fad","size":5314,"data":"","first_seen":"2025-10-27T08:47:54.280246Z","last_seen":"2026-04-25T15:58:14.207855Z","times_seen":132442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/custom.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9927fcc6ab564e4096c3030c7d4bf11","sha1":"9c34a1822622fa3c3ae5b64d0eaa032deb1273df","sha256":"5d0cd204b110ecef8a535543689de8a36fc7a9ad495f9d6d31c9e2cd5f4bd9bb","sha512":"62d268de919f54f6f4e9629f028c187377a4eb04b3b7b6bdd9b5326ba1c1bc221ae6389f66cb5b377e6ca3f1a285c5ffa2195c6c592e22fe2a346dac2c19eb15","ssdeep":"96:J3iF2hboerilmeulEeWEen4I7V13FZhnwTO3/r1AJt:J3+2hboerymeyEeWEeVVjZhnwTOj1Wt","tlshash":"30a1e25b70182476497b2b7eea777300fd76090fa001a406b8ff46d11f7275957a3e98","size":4628,"data":"","first_seen":"2024-08-01T02:43:02Z","last_seen":"2026-04-25T13:58:42.025368Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/bootstrap.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"14cc83277e781f1a3b090695d16fe045","sha1":"59adf0b453d80846cacf9d83e3844ced3dff4df9","sha256":"c05942d83e635ab4b9783fa2026d3b3540c9fec0b383ca6a9a0f6991a8a8cd07","sha512":"03bdda4963d3a38ecfd612d957695b46a02805119bd30e9b2df42526585c96553c041b6ec01147dc1a25a629949b3a5995055d9264a797b54edd021f1d16f06c","ssdeep":"1536:09B+xmM6JJ/iI2NZvhG8KkDcrqe0I5KHzV3nWwNa1:Lw/iTdhED5YV3nda1","tlshash":"98d3114a3e996492483bf33acfab850dfb75159b460592447caca9c81f7482053adffc","size":139559,"data":"","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.005077Z","times_seen":693,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/oci.js?t=1766263762827","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"678ac17b4ad8cf01fbd328519ca66932","sha1":"498a4128f68f92d9735598cbd753b47c4b3a8989","sha256":"b164e1f70da0197ffbd81adeec5fc575bd4956b529ad5f8ba03f0bd0033a29e7","sha512":"6b2e54b731a1b5b96bd532887a740340f88fbf3dc3c1f15ed65552d1b10d7539e6582c829be543c3ff2c64dbd9a45023b3342e8aa45a63c357f9d54cd0740594","ssdeep":"384:ixcLKIHRnN2xFRhKv3E6mXHHKvaloLG2+KlLqK/CSuxAjUd0jJFKOEyEqWiodJVl:1BHRN6AIeJZKOgIJANJVEEvD1IoOI","tlshash":"cbe219ccb3c3b02d0263a9ba047f6046763bbd59250c4883d5bad5d17ca9e5a513bfb8","size":32171,"data":"","first_seen":"2025-12-20T18:31:05.319958Z","last_seen":"2026-02-01T08:11:34.597658Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/custom-time.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a4a72e6152cad1722d5314062a65901","sha1":"a37cacedcbbc0322ab0e9443a26ae87f03ba77f6","sha256":"ec6c241bf5feb4fe95b908093f198c6ae6ed7991dc78db287d4107f1335b088e","sha512":"eb84995d86f048642f7cee244ffe57660e2798c6727fdff5ca062f9843cc8b0029439bc5787fac94a3e42e58510014a3b87f2a602837506c5abb59a555f3fe6b","ssdeep":"","tlshash":"77e0c01a315602905dfb277cc32b19ccffb325231a11c68031cd90082f34d7a451aec9","size":381,"data":"","first_seen":"2024-05-20T21:19:40Z","last_seen":"2026-04-25T13:58:42.006676Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"537357420024d824760d7686fbdf31fe","sha1":"5e14660b667fdc602c82300ccf3253afc242e4bb","sha256":"ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29","sha512":"56b633cc459e789b0505809ba091fcd36ec59d62c94205b1f66578c566186f89676e626c45767d3f59eeb0715a139d7f65cd3f54bc41d247bed58438e47c1e53","ssdeep":"","tlshash":"88d0976a3d06043c930838aab6bec288f433b0b4aa94c08180cfc854b32dee14800b8e","size":250,"data":"","first_seen":"2023-03-07T01:42:22Z","last_seen":"2026-04-24T11:32:44.913621Z","times_seen":2138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/jquery.marquee.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"194be63a342cce7446cc7fccc8a38cab","sha1":"682f89522fe73fb58408f3c0cf8f8f38c290ada3","sha256":"072cecb33bf56cf9e0f141fff4985fa1e3be682b17272e7c630aa39c0994cb46","sha512":"c8794e52b550333854956dd45e51545589195d43ea8cdd5de5d5edd9063fca441e9e6e619e471683c25495c3632c16be5ece2b3e5a85e00222a5196d1adfada3","ssdeep":"192:zS9TICbeJRRkUfIeubOQMMhCquhk7lVEepklpYm0lPYlWi121LJHu:zijbeJRRkUfOblvCquhueRpYjmZ1210","tlshash":"91b230d5755921208a37233fcb8e1149efba503761164d6a7daec3896fb08144332ffa","size":23985,"data":"","first_seen":"2023-03-07T12:08:44Z","last_seen":"2026-04-25T13:58:42.023556Z","times_seen":819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.3","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96e7dc3f0e8559e4a3f3ca40b17ab9c3","sha1":"d363d0291e92c233e828023583dcf6685f2da5a2","sha256":"29fdd17a7002a2e1bbd9b33adafc53457c64006b5aca8f6e4dbf907de35433ca","sha512":"851dcea59510a12dd72c8391a9ea6ffa96bcbe0f009037d7a0b6e27bae63a494709b6eee912b5ed8d25605fbb767a885f543915996f8a8aff34395992e3332dc","ssdeep":"384:wwuf8OQL0sARrAZcNWLq/+Ffm/hibLexa2VautyX2fsL3ZHO1O9H:wwuf8OQL0sAZAGNWmGcibLexa2Vau0XD","tlshash":"d34235e16197e0f0c7c338a48816c051f2bf866cb9898054fb5dcdd22d5de07626b77a","size":12512,"data":"","first_seen":"2025-03-11T19:47:45.42406Z","last_seen":"2026-04-25T15:56:53.067627Z","times_seen":162482,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/wp-forms-puzzle-captcha/assets/js/wfpc-puzzle-captcha.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80e99918ae697df48e8b9e020056e50a","sha1":"78f338692935dbf9979b40d3ad0dbce04566a45e","sha256":"6e61ec16b43db70283d9b4690a5c67d81ef49e9e655b60167a509d0a8739e2b8","sha512":"9b5a00f510bcb3d32c2d9a5a4f4f0c1aa0c59623bd8818c68d304fcb58fe21185023b8d26f12b912cb8029b6b95b85a034d71b3534478e5612eceef9f5e83294","ssdeep":"192:S4STNixqFkET1lLvRK/VwdETigoTHKAtaF:cRK/idLQF","tlshash":"b65255087ebb1275946350af4f9fa40ce2b8912b0d05d958bc9ce3c88f58538d5a6bf9","size":13431,"data":"","first_seen":"2023-03-07T13:20:53Z","last_seen":"2026-04-25T13:12:03.810476Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/mc/?dp=10\u0026tc=1","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"4cb7622a0e76d9b0a366eb45260fb808","sha1":"7a4acebae12dadf0cacae43c8ba416b4538f2adc","sha256":"25fd9c2d7a6c2b2190d25e5ae6454d2822ab702507e1234090f4edde6950aacb","sha512":"146b9c05ad66d9295a6c4f12ce711fa079f719d93f625fe1848b733ea89a24c61f111c58a2feb2d6777dbe9caf71cca032c25b95654f38e24d4d2e04b21eafd3","ssdeep":"","tlshash":"baf0c01605b70c1111a408b9e3fe4120b511334f2c8ac44ebcddea495f1c88ae057acc","size":525,"data":"","first_seen":"2025-12-20T20:50:01.624563Z","last_seen":"2025-12-20T20:50:01.624563Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/aci.js","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"20f0381069e78a636d53b3d505e967c7","sha1":"800464b5f1400a923482d4298b472e17cda20737","sha256":"7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37","sha512":"5aa6d98aca4d9881d5bf2c8dd71ff3d35e534a09ee749bf248c3d6f838f240f0d77edf06f8f2eae1b7a3797d9d447fe2da922395243f22547a13c4b6ea9981a2","ssdeep":"768:EMNY2uNr6tm67+DVRhNk6L0Wbha0XByPcf0:EMN/uNWo67+DLhNZaMByks","tlshash":"1ce2f98a7191f47306d3a179c12f050bf136696620e8d0e4f536dce0aeb858e6577f3a","size":31372,"data":"","first_seen":"2024-10-20T11:06:54.910201Z","last_seen":"2026-01-29T05:23:48.922533Z","times_seen":4303,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/navigation.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"074109ca32878d34aa0b126770498c1a","sha1":"a94f425eeb1df471127f7f763101be9cfe3ef253","sha256":"c9177a21df84a75ac405848200ad1ec3d129e5c15efcb9f4d2cff8ea69a5f6ac","sha512":"69a8d7ee56fa17b4246d6d3fff9f0a47750378a3f30ac351501cbe77ae7d0aa7bde70db813db8b77402141a5939255340494b0787c00e72d82f7a1b9887c831e","ssdeep":"","tlshash":"5841eed73a8b323f96da2354a17e64527a38c172d70a7d66b4b8d2852970c0506fdfcc","size":2362,"data":"","first_seen":"2023-03-07T12:08:44Z","last_seen":"2026-04-25T13:58:42.008926Z","times_seen":662,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9e5a0446d6d895f2c610dab5fab60cd","sha1":"ddb15496b9532eaaa658f6e265124d67520bea20","sha256":"bc0c8ec8343dbaff247a4dcebe4405f3127e3dcb676d2542e265c64bb1251ca6","sha512":"be6dd43a12915963a4fcaf64e47fd911625bebe19c2fbd07218b3fe395b17952e032e87b110236b520bb38b96ebd783e37cc3b361f2e18c2d6c4c542a85be667","ssdeep":"96:/FUtVopuRtsZg9gpoQ+Ma0IirYrZFhrJ82u9G/A5:dGuw6f0eYBnQ","tlshash":"08c164c073ae715fc4d7221621bf924aaf6ec1789046407e756b96ac7ed048823b3e3d","size":6010,"data":"","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.012228Z","times_seen":747,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/main.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"36d7f23d9f276a58aefe849a7d66aa6e","sha1":"19bfb505d918df616126eb54505d8729ac9cf678","sha256":"06d667c24b5fe211ccdb1b62741cc1c9536e8076553f0224a7d811385e580b4b","sha512":"08fe74245a6ea36f5daad908b7de4da16003243f7799c11e9c4afab0fd9df217cd29013fa8ce5f77d8a660a8b24ba729481c5f660ad78cbd612a3fb1ccc435be","ssdeep":"","tlshash":"b2f0e22cbc4c109909b6e730fc7f0339f62fa0233a098684784c8c646f31334855dd94","size":625,"data":"","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.020145Z","times_seen":811,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-i18n-js-after","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"39faf499402d535442a1f0291f88a231","sha1":"b1017061fc8f0cb20bd4c064ca48bd3e52d4b0ce","sha256":"f4b124ed3f813eee9e077b823b0f29012530f5e6ca0164607d2223da9dcd8ba5","sha512":"309df9ad8cff7cfb486fa80bcb8156820b9d07488d98b38e333806fc64ef8955b273cf35a59714f68dc02be3fd689f609533a4f9d2b570024143f601d27d6901","ssdeep":"","tlshash":"7f2112cbf4ab3d50828fc7b48d23be0145502487c2afd50875e59d3496718c0b4c362f","size":1138,"data":"","first_seen":"2025-12-16T20:58:08.63683Z","last_seen":"2026-04-12T22:23:49.589564Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/contact-form-7-js-before","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad5e52f26a2e74eeae3d369dd065f94a","sha1":"0b070e2cbe75cc62a5b55efba205b9837a0d9bb3","sha256":"ce6591cf01d6207f6ce7b6ece6b0af57487bafc3465f1d804a9c8968daf56651","sha512":"bd26ff623fe112b7330135396928167781366a379481b7b7f1ea9fa67bf7a27a6a36b5971e4c35df23e0f105a1bb74205fb0e1809c781bc7e16d26f4c4521a24","ssdeep":"","tlshash":"ea211296e5e81c4914e5c174017c1326b2149517cb2f9e95b39e004c6fa8079ab155c6","size":1234,"data":"","first_seen":"2025-12-20T20:50:01.626852Z","last_seen":"2025-12-20T20:50:01.626852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"03d6d38af8c34d50a7d4f77919f3f6c7","sha1":"90e18129a2b50addce02c98c923534d242233216","sha256":"9f7a87d73cf34cd5d76d600a5ce326ac1ce32a021067b1bb50587fa488b13444","sha512":"28832956f6898aae55555f210e05bbb1a396fa48244b0c83057e36c721287e4976063ed6fc28a6dcdaa282010e9e9afb74fe50405a2428205e765219a4f2d833","ssdeep":"","tlshash":"bee07dfafd5b457111e7a1237bce739e293275a3e92a4c402889ce806c38dd31126dd1","size":329,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-25T15:53:06.54397Z","times_seen":9486,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/jquery.smartmenus.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"990c7f72521b0a27c9c858b8ccd54ea8","sha1":"e5cfb44e0808c18bc142cd72c93d101060cf454e","sha256":"489feabe8ac2d87de5bddb3638f4bb818d0c5cbc1371106eab029777a8a48364","sha512":"d4581267e5f78d3791e58cbbb39ff4cf05af54235c1a500d4992eb02f029d674ed279265f9f93fb997fadb367c40cc9606f5b40cfb70f8260129f8d48ca9b3bd","ssdeep":"768:awQfVC3IGcqeO1fqnfiLVflMib9oAaIQuIK7/0p9hxKMlL17tZAlnOFmKOKn3:a7JKy295afKMF17LYKOKn3","tlshash":"6f2372ca735d712f82d633b4853e552aeb3dd072c20350affc6e6998656046813b1db9","size":46634,"data":"","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.005679Z","times_seen":666,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.3","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2912c657d0592cc532dff73d0d2ce7bb","sha1":"70a679e2769825236f83bcc56965a9d0bd86c4e9","sha256":"ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0","sha512":"9646384e65d09bf00cb20365f43e06dd41e7428e3fc6cc2737f4e69b50f006ebb25bd24a566fcd9faec2f0dcb24404e25d57ba7b8c6aba61797a29c515ad5144","ssdeep":"384:IsIRHeFJ1yQ7QdfnJgeYh7MXlsNqrBp1pgQpwOjNtqohIQ/5Z:IsIR+L1yQ7QdpYh7M1iqrBp1pgQpwOjn","tlshash":"0a52d7a1472955321eb506e391e513c1769075aef44b8aa1a898dc2e18bdcc328f3ff7","size":13452,"data":"","first_seen":"2024-11-04T17:50:00.022634Z","last_seen":"2026-04-25T15:56:53.135456Z","times_seen":169003,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/wp-forms-puzzle-captcha/assets/js/wfpc-custom-script.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a927aa0311b0e2650712a2fbc85f4e34","sha1":"bc646bb7b86df06a7fff8df5dcda1d1e3625c961","sha256":"5a3b85557777420cb52ef0c5e68d29657d9ea3c0c75a5bdad8268161a1c45e5e","sha512":"6db9d3fb5c5140a8446f4c2c1e1fb37dfde9fba83168d3de3e8c10c8a557a2fb855191202877a46fa162f6e0b88b55450c07e44c549aec3cf308b9e064d93aaf","ssdeep":"","tlshash":"94116668f12519e889b310a1b4b6ab58f845e925f20a5754f18f507e5f7c9e07201eb8","size":926,"data":"","first_seen":"2023-03-07T13:20:53Z","last_seen":"2026-04-25T13:12:03.845309Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-25T15:55:37.664681Z","times_seen":740706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/owl.carousel.min.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c52f27fcac36c7667f8fb846e1e94d5","sha1":"e5862559db659ffd530c91452d668c5e7b3f0f2d","sha256":"6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad","sha512":"9b8f2503bf30b879d3318e8d3ee6ba447fdd0b3d7e2d4f0c3cc03eb325247e2e05e8a7978318e648c91f1a90fcd7ab7ce1018189d27f028ea33064e38307fb20","ssdeep":"384:7Ket0QK/Q52Cgwm0PQtiRX55DzNvYUyzLsxVxRbm:dK/Q4ptuXNQUyzLIk","tlshash":"08b2a54bb2202385469372b9419b110d713bfb78fc42855c70b6dadfaa4b84e9277b3d","size":23936,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-25T13:58:42.011699Z","times_seen":3181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/wp-emoji-release.min.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-25T15:55:37.731077Z","times_seen":164787,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.acint.net/oci/?v=0.7.1\u0026uid=ba24035d-314d-4cbe-b10d-ef4e5b445b7d\u0026dp=10\u0026tz=%2B00%3A00\u0026nc=736614\u0026oid=54718e6f5096d49a4751e38622ffb9eb","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /oci/?v=0.7.1\u0026uid=ba24035d-314d-4cbe-b10d-ef4e5b445b7d\u0026dp=10\u0026tz=%2B00%3A00\u0026nc=736614\u0026oid=54718e6f5096d49a4751e38622ffb9eb HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimberlite.io/rtb/sync/buzzoola?u=542264ae-da49-453c-6c49-8b489ceccfad\u0026f=https%3A%2F%2Fwww.acint.net%2Frmatch%3Fdp%3D243%26euid%3DaUcL0-_m5sY%26r%3Dhttps%253A%252F%252Facint.net%252Fcmatch%253Fdp%253D243\u0026n=1","fqdn":"kimberlite.io","domain":"kimberlite.io","tld":"io"},"ip":{"addr":"37.0.127.86","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kimberlite.io","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 03 Mar 2025 10:28:30 GMT","end":"Sat, 04 Apr 2026 10:28:29 GMT"},"fingerprint":{"sha1":"D5:F7:CA:61:DC:40:4D:B7:43:BC:F1:6F:13:3A:45:A0:D0:53:09:FA","sha256":"BD:79:98:BE:D4:24:4A:51:5B:6D:A8:A1:58:2B:4E:1D:6B:90:66:40:1F:2C:E3:4A:C4:9F:7E:A3:A2:F6:79:12"}}},"request":{"raw":"GET /rtb/sync/buzzoola?u=542264ae-da49-453c-6c49-8b489ceccfad\u0026f=https%3A%2F%2Fwww.acint.net%2Frmatch%3Fdp%3D243%26euid%3DaUcL0-_m5sY%26r%3Dhttps%253A%252F%252Facint.net%252Fcmatch%253Fdp%253D243\u0026n=1 HTTP/1.1\r\nHost: kimberlite.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: da=UX4CYAAAAAE; u=aUcL0-_m5sY~SvYtaLFXeqxUrIRIpU9gY8DcT7k\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\ncache-control: no-store\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\nset-cookie: as=T72MF2lHC9M; path=/rtb; max-age=604800; samesite=none; httponly; secure\nda=2OZrzwAAAAE; path=/rtb; max-age=604800; samesite=none; httponly; secure\nf=https%3A%2F%2Fwww.acint.net%2Frmatch%3Fdp%3D243%26euid%3DaUcL0-_m5sY%26r%3Dhttps%253A%252F%252Facint.net%252Fcmatch%253Fdp%253D243; max-age=30; samesite=none; httponly; secure\nn=2; max-age=30; samesite=none; httponly; secure\r\nlocation: https://dm.hybrid.ai/match?id=414\r\nreferrer-policy: no-referrer\r\nserver-timing: app;srv=s7;dur=0.0008\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adx.com.ru/sync/init/sapePlazkart?uid=0200007FD20B47692E05F30F02C49031","fqdn":"adx.com.ru","domain":"adx.com.ru","tld":"com.ru"},"ip":{"addr":"83.222.105.246","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adx.com.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 20 Jun 2025 13:13:33 GMT","end":"Wed, 22 Jul 2026 13:13:32 GMT"},"fingerprint":{"sha1":"0F:34:EC:CE:BC:17:E9:5F:83:40:15:65:EF:68:EC:37:03:9C:C8:9C","sha256":"87:20:22:42:36:6F:88:B8:4D:D7:3A:11:7B:17:9F:56:7B:CD:5A:0C:00:F3:42:3C:BE:28:DE:11:8E:AD:F5:FE"}}},"request":{"raw":"GET /sync/init/sapePlazkart?uid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: adx.com.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.28.0\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 114\r\ncache-control: no-store\r\nlocation: /sync/confirm/sapePlazkart?sspSysName=sapePlazkart\u0026uid=0200007FD20B47692E05F30F02C49031\r\nset-cookie: user=69470bd3f0e0150001e733eb; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":904,"timings":{"blocked":95,"dns":0,"connect":66,"send":0,"wait":363,"receive":0,"ssl":379},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/hit/?v=0.7.1\u0026uid=ba24035d-314d-4cbe-b10d-ef4e5b445b7d\u0026dp=10\u0026tz=%2B00%3A00\u0026nc=182019\u0026u=https%3A%2F%2Flevitra-gg.com%2F\u0026r=\u0026rs=1280x1024\u0026t=Levitra%20Fitness%20%E2%80%93%20Health%20Fitness%20Guide%20Exercise\u0026oE=1\u0026oP=1\u0026dT=2025-12-20T20%3A49%3A22.825\u0026fu=71516970-ef54-4a5f-8c5b-001ea2720011","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /hit/?v=0.7.1\u0026uid=ba24035d-314d-4cbe-b10d-ef4e5b445b7d\u0026dp=10\u0026tz=%2B00%3A00\u0026nc=182019\u0026u=https%3A%2F%2Flevitra-gg.com%2F\u0026r=\u0026rs=1280x1024\u0026t=Levitra%20Fitness%20%E2%80%93%20Health%20Fitness%20Guide%20Exercise\u0026oE=1\u0026oP=1\u0026dT=2025-12-20T20%3A49%3A22.825\u0026fu=71516970-ef54-4a5f-8c5b-001ea2720011 HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nset-cookie: aid=fwAABWlHC9IPpgUtMSXpAtDJGq41OjnsCqvRGjzXO3lDFxQo; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/mc/?dp=10","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /mc/?dp=10 HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: /mc/?dp=10\u0026tc=1\r\nset-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 20-Dec-25 20:59:22 GMT\naid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10140,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/wp-forms-puzzle-captcha/assets/css/wfpc-puzzle-captcha.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/plugins/wp-forms-puzzle-captcha/assets/css/wfpc-puzzle-captcha.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 764\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Thu, 06 Jun 2024 01:22:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bozZV2TZhQJ070EfIlkam3UYeA1Paso2O8Poh4wYDY3O0fwKyyxCqq0UYzspKeoQ%2FeJPUweYcnQxfaAWzz9OfiIEPswHY9dC9k8IL1f%2B\"}]}\r\ncf-ray: 9b120181991f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3079,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6fe8fc05f50569e7e3664eb5107b573d","sha1":"2048b4a9873c4bbbae62e969f446bad47b772db0","sha256":"523844ccdf308f4aa6b7b6a3e5e549d96d8c1dab468646337efd385e5b912289","sha512":"27582317ca09c23ab328523718b16bda4c1a5f36b8e185fc1ed711273c4559ee9150887f2f8c95a981bb3e495c9e107a671c4a54567cbe9c64c17b0437bf5423","ssdeep":"","tlshash":"5d51ab69ee2f0c41781b935d3f58ef94d2eda1436c2a8f6afac1219ccf8d1e454229c0","first_seen":"2023-06-12T00:47:40Z","last_seen":"2026-04-25T13:12:03.835423Z","times_seen":52,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/inc/ansar/customize/css/customizer.css?ver=1.0","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/inc/ansar/customize/css/customizer.css?ver=1.0 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 1409\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FD6mJU%2B5%2FN2Xy0kp42O0Pvr%2FNb7SZzQVza3xn8oUbziVR40xFiYaThgNoI9a27%2FxKY7tuBcsEeBXZe5h3UZJXLN%2FvS%2B6%2FtRHeULpDbgX\"}]}\r\ncf-ray: 9b120181992c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":6711,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"b1ceae986d5b4bfff5b94f445838fcb6","sha1":"271171dd81ab6dc304d4c9edb179e2ba065ef9d3","sha256":"027b1e95f8775112488e0782b4aa7f45f017efc0c24d5518b8948969b73f8292","sha512":"64464acdba2db79b965e9d57b89f15095fc9a3a968df406946969d70d5027973b09f221dffcf1ded9a2c95d538d9087517f7b02c813420dc1e13d880db51eeed","ssdeep":"96:wkhE/ECH5uVA6dsMxJQHZVS9K5UyJcfSmBW1JeA/d+IKgawB3:zVBXxJQHZH5UyJcfSxJd/dtKg93","tlshash":"b6d1367da53c13e5e2374b66bbfbc2017e1680b5cd09566fb983ac24c3d679805132ab","first_seen":"2025-10-14T04:04:06.378431Z","last_seen":"2026-04-25T13:58:42.019562Z","times_seen":179,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tms.gpmdata.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da\u0026dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693\u0026dsp_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026ru=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dgpmdata","fqdn":"tms.gpmdata.ru","domain":"gpmdata.ru","tld":"ru"},"ip":{"addr":"62.105.142.42","port":443,"asn":3216,"as":"PVimpelCom","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:24.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gpmdata.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 10:35:05 GMT","end":"Tue, 17 Feb 2026 10:35:04 GMT"},"fingerprint":{"sha1":"13:DD:7D:F8:34:3E:E0:C7:BB:B6:B2:D1:98:AF:55:BD:0F:8E:43:E6","sha256":"B2:1C:B2:18:BD:E6:63:F3:36:BD:1A:99:88:71:69:3D:CD:71:23:2A:4A:C9:0C:19:4F:14:4A:42:18:5F:73:64"}}},"request":{"raw":"GET /?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da\u0026dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693\u0026dsp_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026ru=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dgpmdata HTTP/1.1\r\nHost: tms.gpmdata.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:30 GMT\r\ncontent-length: 0\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: 0\r\nlocation: https://sync.upravel.com/image?source=gpmdata\r\npragma: no-cache\r\nset-cookie: dmpuid=AZs9hkx3e1yTZ9nKU0qraQ; Path=/; Domain=gpmdata.ru; Expires=Tue, 19 Dec 2028 20:49:30 GMT; Max-Age=94608000; Secure; SameSite=None\r\nx-trace-id: d6e5b479af96ac254d5bd56f9620e048\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: HEAD, GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With,x-dmpkit-onbehalf-of\r\naccess-control-expose-headers: Location\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":10557,"timings":{"blocked":5252,"dns":5097,"connect":51,"send":0,"wait":53,"receive":0,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/oci.js?t=1766263762827","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /oci.js?t=1766263762827 HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Mon, 08 Sep 2025 17:51:43 GMT\r\netag: W/\"68bf17af-7dac\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32171,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (32170)","md5":"678ac17b4ad8cf01fbd328519ca66932","sha1":"498a4128f68f92d9735598cbd753b47c4b3a8989","sha256":"b164e1f70da0197ffbd81adeec5fc575bd4956b529ad5f8ba03f0bd0033a29e7","sha512":"6b2e54b731a1b5b96bd532887a740340f88fbf3dc3c1f15ed65552d1b10d7539e6582c829be543c3ff2c64dbd9a45023b3342e8aa45a63c357f9d54cd0740594","ssdeep":"384:ixcLKIHRnN2xFRhKv3E6mXHHKvaloLG2+KlLqK/CSuxAjUd0jJFKOEyEqWiodJVl:1BHRN6AIeJZKOgIJANJVEEvD1IoOI","tlshash":"cbe219ccb3c3b02d0263a9ba047f6046763bbd59250c4883d5bad5d17ca9e5a513bfb8","first_seen":"2025-12-20T18:31:05.319958Z","last_seen":"2026-02-01T08:11:34.597658Z","times_seen":25,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/mc/?dp=10\u0026tc=1","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /mc/?dp=10\u0026tc=1 HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://levitra-gg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/html\r\nset-cookie: cSyncDp14v6=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp17v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp45v5=1766263762; expires=Sun, 21-Dec-25 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp53v5=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp553=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp62v4=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp67v5=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp68v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp71v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp85v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp95v4=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp98v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp104v3=1766263762; expires=Sat, 03-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp107v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp125v5=1766263762; expires=Sun, 04-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp126v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp129v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp136v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp148v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp149v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp151v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp251v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp186v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp217v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp226v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp239v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp243v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp260v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp244v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp248v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp261v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp264=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp274=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp289v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp296v3=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp312v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp313v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp368v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp331v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp337v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp351v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp361v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp353v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp362v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp366v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp385v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp390v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp399v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp394v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp415v1=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp420v2=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp431=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp433=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp444=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp203v2=1766263762; expires=Sun, 21-Dec-25 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\ncSyncDp450=1766263762; expires=Mon, 19-Jan-26 20:49:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10140,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (452), with CRLF, LF line terminators","md5":"cbd3e1157f8694b243faf6fb5e1b1629","sha1":"43726e0b4975e378d275870c14b9b240c44bcfc0","sha256":"c48002db1d540a7f46fc05f4ef5aee021bda9ae48bbf826086f0e717fac9e700","sha512":"f7f83e4bb59a52541702bf1316860a261326c2a71be08f9ac45f724e046f564405b8bfca94794874321c80016fd6bac43c82f087c4478a9fdcb7d293eb506be8","ssdeep":"192:D0EMcbrBB7xzkZ7J8acdW1YtsK7hHvLtxjs+xkg6QqvG9bviRLh6ZbX/17lbm2vZ:DBnBB72Z13oxXHzmGdmIpPldmy5MC3Pn","tlshash":"8d22ff6389ca2bebb63bb7c1d2d8a3d85533118739e7184aee2d5417324a4fee4074c4","first_seen":"2025-12-20T20:50:01.541802Z","last_seen":"2025-12-20T20:50:01.541802Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T20:49:21.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/8.0.30\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nlink: \u003chttps://levitra-gg.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache: hit\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8srGvaZqyp9geK6sYVVKclHTIz1tLgB730SYbtHzTCfVufMQC%2Fq4V4VKGtrSP9Jv3R%2BtbOV77NZLmINvZRjlWztwJq5g9xP6s6zu4%2BiI\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b12017efb2949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Contact Form 7:6.1.3","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Themeansar Newsup","description":"Themeansar Newsup is a fast, clean, modern-looking responsive news magazine WordPress theme.","website":"https://themeansar.com/free-themes/newsup","common_platform_enumeration":"","icon":"Themeansar.png","categories":["WordPress themes"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress:6.9","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":96797,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9067), with CRLF, LF line terminators","md5":"c9f953b5e2278e2bece9cdb061490dae","sha1":"f8e7d63f9becfc096bf47602cf37cb9c3f0663c2","sha256":"076d91cd9693379095a50f14dcc0f09543e2ae610fd5e4b2b382ca9a4f00460c","sha512":"04a6fd8a8023afde561bfe3e8adc8d221f7757ddb62f5d3f3cc57db80b4aac75b48414219e51cc9b0dbcac0311cc53671a855f7dc982b28d863443675d398fac","ssdeep":"1536:OvypWDYxdLYs2Anxrv7ai9nic3wfBymOG0PEwFmGu2cEjo9pBNOYWz4:O6UDYxdLYs2expDmGufE0xYYWz4","tlshash":"de93723360e8107b067782d517a03b5eefa1450bcb4689c0b3fd67866fa7ea65e2314d","first_seen":"2025-12-20T20:50:01.543392Z","last_seen":"2025-12-20T20:50:01.543392Z","times_seen":1,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":10,"dns":0,"connect":1,"send":0,"wait":313,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/navigation.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/navigation.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 767\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FjKMwwWkYKS5rmC9CurLesBQ%2BUKKAzPfi%2FvzhaUCzjjGLfgqy1NkoelKNj9RJF2J4ObQCQvF7GoKnfHockuyrRtOL%2FUE9hhFehCE4Y60\"}]}\r\ncf-ray: 9b120181a93249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2362,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"074109ca32878d34aa0b126770498c1a","sha1":"a94f425eeb1df471127f7f763101be9cfe3ef253","sha256":"c9177a21df84a75ac405848200ad1ec3d129e5c15efcb9f4d2cff8ea69a5f6ac","sha512":"69a8d7ee56fa17b4246d6d3fff9f0a47750378a3f30ac351501cbe77ae7d0aa7bde70db813db8b77402141a5939255340494b0787c00e72d82f7a1b9887c831e","ssdeep":"","tlshash":"5841eed73a8b323f96da2354a17e64527a38c172d70a7d66b4b8d2852970c0506fdfcc","first_seen":"2023-03-07T12:08:44Z","last_seen":"2026-04-25T13:58:42.008926Z","times_seen":662,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://levitra-gg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Dec 2025 19:29:36 GMT\r\nexpires: Sat, 19 Dec 2026 19:29:36 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nage: 91186\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-25T15:55:11.061613Z","times_seen":348983,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":56,"dns":1,"connect":8,"send":0,"wait":9,"receive":9,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126\u0026dp=14","fqdn":"ssp-rtb.sape.ru","domain":"sape.ru","tld":"ru"},"ip":{"addr":"193.3.184.186","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sape.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 23:36:44 GMT","end":"Sat, 07 Mar 2026 23:36:43 GMT"},"fingerprint":{"sha1":"3D:9F:9C:85:A9:AB:7C:9C:83:0D:C2:B6:55:54:6F:89:BB:7F:7F:EE","sha256":"49:D9:BD:BD:C8:71:CC:CD:39:05:E4:44:2E:9E:54:03:9D:A8:07:B3:9E:E4:4E:FD:7A:38:89:6D:8A:12:EA:15"}}},"request":{"raw":"GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126\u0026dp=14 HTTP/1.1\r\nHost: ssp-rtb.sape.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sspuid=CkIDO2lHC9O21AEXmm/SAqipadzLKrprjsJwb0G/d0hFpbnq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 142\r\nlocation: https://acint.net/rmatch?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bid.sspnet.tech/sync/reverse?dsp_slug=buzzoola\u0026dsp_user_id=542264ae-da49-453c-6c49-8b489ceccfad\u0026sync_id=06c93b63-4fac-4a42-b2a6-6f632ecdf2e6","fqdn":"bid.sspnet.tech","domain":"sspnet.tech","tld":"tech"},"ip":{"addr":"212.41.25.245","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sspnet.tech","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 09:12:30 GMT","end":"Wed, 10 Jun 2026 09:12:29 GMT"},"fingerprint":{"sha1":"74:C6:56:28:7A:24:F3:E7:6F:E4:3C:01:30:57:4F:FB:A4:9F:E5:55","sha256":"4E:E4:15:9F:F0:61:EB:12:FA:CB:DB:21:F4:43:29:CE:73:C1:BA:2A:62:49:B9:83:77:AE:79:3F:C8:24:E1:90"}}},"request":{"raw":"GET /sync/reverse?dsp_slug=buzzoola\u0026dsp_user_id=542264ae-da49-453c-6c49-8b489ceccfad\u0026sync_id=06c93b63-4fac-4a42-b2a6-6f632ecdf2e6 HTTP/1.1\r\nHost: bid.sspnet.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.28.0\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nx-request-id: c8c9a947-fd4d-4b43-bd83-e582c114d829\r\nlocation: https://px.adhigh.net/p/cm/yabbi?u=22cae1cf22361cff4bece46909d1af4e\u0026r=https%3A%2F%2Fbid.sspnet.tech%2Fsync%2Freverse%3Fdsp_slug%3Dgetintent%26dsp_user_id%3D%5B%5BUSER_ID%5D%5D%26sync_id%3D06c93b63-4fac-4a42-b2a6-6f632ecdf2e6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"5--2--69470bd3f0e0150001e733eb.stbid.ru/?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69470bd3f0e0150001e733eb%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fdsp_id%253D162%2526external_id%253D69470bd3f0e0150001e733eb%2526r%253D","fqdn":"5--2--69470bd3f0e0150001e733eb.stbid.ru","domain":"stbid.ru","tld":"ru"},"ip":{"addr":"185.43.4.87","port":443,"asn":29182,"as":"JSC IOT","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:24.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.stbid.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 09:20:40 GMT","end":"Sun, 24 May 2026 09:20:39 GMT"},"fingerprint":{"sha1":"CD:D0:42:9B:03:7A:27:A9:42:E1:4D:28:F3:FC:EA:D1:AC:D7:13:7E","sha256":"17:48:80:43:30:8B:5E:01:B8:65:DF:1B:22:DC:DB:13:D8:6B:DF:48:78:50:08:AB:69:B1:90:41:E5:62:3E:C4"}}},"request":{"raw":"GET /?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69470bd3f0e0150001e733eb%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fdsp_id%253D162%2526external_id%253D69470bd3f0e0150001e733eb%2526r%253D HTTP/1.1\r\nHost: 5--2--69470bd3f0e0150001e733eb.stbid.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Angie/1.10.3\r\nDate: Sat, 20 Dec 2025 20:49:24 GMT\r\nContent-Length: 0\r\nConnection: close\r\nLocation: https://x01.aidata.io/0.gif?pid=9712851\u0026id=69470bd3f0e0150001e733eb\u0026dest=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fdsp_id%3D162%26external_id%3D69470bd3f0e0150001e733eb%26r%3D\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie:1.10.3","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":0,"dns":129,"connect":29,"send":0,"wait":30,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/style.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/style.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 15638\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aRkIKT50RhEXs63ai7OQfwhMGcGCfx5EbbM72DYUroh2HrSHKwWtyIKNy%2BbimKEVdlLVoE4IVcDH4z3wEDLc4zVmxir0r0nLZU42wj7d\"}]}\r\ncf-ray: 9b120181992349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87219,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (577), with CRLF line terminators","md5":"bb1305f11e315828f19fec8b39273225","sha1":"cf7c7e06866659120205a00d6ec384b295e48cf2","sha256":"76cba22ead6eb3c85006ea5a28b3836408e63db07870716ef248d43296acbd4c","sha512":"60874ed8269ad59a6cd7876b5de00f2bf54ccd678e7f0c719a6fbc07862eda4718ed0169865a30550d5477897593eb18f7227c72c6637c31f8eb8f5faad5dea0","ssdeep":"768:Wsfc9G2R+MjB5qJYrH5YQSJ05l5LiNK399q6GrDyx/LG3cvjUSN3MHoS6LVfBxCz:+x59Flnzi","tlshash":"62838568af1320c89732d7a9b7f11b91de6800e39f0b40e9f9947604d7a6b9d107dbc9","first_seen":"2025-12-20T20:50:01.546485Z","last_seen":"2026-02-18T04:00:13.53319Z","times_seen":3,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1852\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 03 Dec 2025 13:21:23 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E8VyO2phOE%2F1uA4wNjILdgWxXy0NUvY%2F41korr9ygAKHZkPeajsbVMQI0MjIo0n4vGHV4LgN6Y3xO3Jc2VxYJo7Z%2BxAVpzWVHvHLPWfY\"}]}\r\ncf-ray: 9b120181d9b649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5661,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5626)","md5":"90e932bd9e62583fc494c00498cfe7f5","sha1":"4f57e11bff609f90f49174187a0b5a6ba847ad28","sha256":"87cee5f49ba0d3017efc409579fc58b91a717f8f14751f7d804447ac9bcbaf4b","sha512":"ed9c129faf972ddfa705f05c3207884e5e9cd175baa45d49ce9d42bc0d01e4e8f36e627731bdd97214b1e2400fdd5012262a42f9800cd4f5565dbf183ba58507","ssdeep":"96:wXDE/3s/0EBM6ZUUCRTH+zl4NsBjcEmDtrGV2C2yics6w1RfGdzsvqZTq:wzg3kBFZYH+zhjngRw2cLzw1RfGdzsvx","tlshash":"56c153847983b970b2337057f0ff48d561baeba575298081964ec4a05d7388ee0a7abd","first_seen":"2025-10-27T08:47:54.273294Z","last_seen":"2026-04-25T15:56:54.507242Z","times_seen":134031,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.bringads.ru/sync?ssp=17","fqdn":"a.bringads.ru","domain":"bringads.ru","tld":"ru"},"ip":{"addr":"213.171.19.188","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bringads.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:00:48 GMT","end":"Mon, 09 Mar 2026 17:00:47 GMT"},"fingerprint":{"sha1":"C4:8C:87:7A:13:48:E2:3E:31:30:E8:D3:DE:0D:A3:F3:A3:95:AA:8C","sha256":"F9:54:36:CF:E1:48:93:37:0E:AF:14:F7:F7:67:86:C8:8C:AE:40:4B:65:A9:A9:6E:10:E2:D8:9B:C7:26:C9:9B"}}},"request":{"raw":"GET /sync?ssp=17 HTTP/1.1\r\nHost: a.bringads.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.24.0\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/plain\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: prebringads=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.bringads.ru; SameSite=None; Secure; Path=/\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":792,"timings":{"blocked":365,"dns":0,"connect":48,"send":0,"wait":98,"receive":0,"ssl":281},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"match.qtarget.tech/userbind?src=sape\u0026id=0200007FD20B47692E05F30F02C49031","fqdn":"match.qtarget.tech","domain":"qtarget.tech","tld":"tech"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.613Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /userbind?src=sape\u0026id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: match.qtarget.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":22,"dns":1,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highsnobiety.com/static-assets/dato/1712224398-dsc06286-end-clothing-milan-selects-tdm-space-web.jpg","fqdn":"www.highsnobiety.com","domain":"highsnobiety.com","tld":"com"},"ip":{"addr":"104.19.159.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"highsnobiety.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 11:29:36 GMT","end":"Mon, 23 Feb 2026 12:29:27 GMT"},"fingerprint":{"sha1":"75:B2:AA:FA:64:8D:2E:EF:07:BB:FD:24:8D:44:85:A7:0E:2C:33:05","sha256":"FB:5B:4D:06:A7:D6:F9:DE:7B:BD:27:B2:69:03:C1:3E:41:E7:C6:41:43:AD:15:CF:C4:71:4A:F4:70:B9:41:3C"}}},"request":{"raw":"GET /static-assets/dato/1712224398-dsc06286-end-clothing-milan-selects-tdm-space-web.jpg HTTP/1.1\r\nHost: www.highsnobiety.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/avif\r\ncontent-length: 192128\r\ncf-ray: 9b120181eec7b521-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: https://www.highsnobiety.com\r\ncache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=259200\r\nlast-modified: Mon, 09 Jun 2025 13:46:22 GMT\r\nlink: \u003chttps://www.highsnobiety.com/static-assets/dato/1712224398-dsc06286-end-clothing-milan-selects-tdm-space-web.jpg\u003e; rel=\"canonical\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-imgix-cache: MISS, HIT\r\nx-imgix-id: 9e133601a4bd3ec7db125142a3da3d5e790e5143\r\nx-imgix-served-by: cache-chi-kigq8000167-CHI, cache-iad-kiad7000165-IAD\r\nx-version: 1.3.3-b1\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":192128,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"9c0a69312735c9cc6c0b8c7e5f156ca3","sha1":"6805ae929f1e5520de94e641ffab3d82fc98d973","sha256":"591bcbc040ec7e23fbfb221c4ce8a07bdce94a17b7ae716d48ffd478572e752f","sha512":"a973abfef3e1174c0614a7a5eb2560cf7d5d9a696ba34c9e4514f7547e303fd5b573eaf2685a7964178a2b4ea8324e90b78a0570b57a3b9d6ea72eb3424fda3f","ssdeep":"3072:h5k9vQ9G9NrKMl0fBeSjAQpoTw5HqLTLhiCbF3ZpP1Dc2C+zy8WbwN0ruV:z0Q9kKrBeHqoTw5gTYCbhqujW8","tlshash":"811423bfff22505bde4e9fbbbd9d835841393451a84b52c0bc3de1280750b52a847a63","first_seen":"2025-12-20T20:50:01.548469Z","last_seen":"2025-12-20T20:50:01.548469Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1049,"timings":{"blocked":23,"dns":25,"connect":1,"send":0,"wait":971,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bid.sspnet.tech/sync/sape?redirect=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D203%26euid%3D%24%7BUSER_ID%7D\u0026user_id=0200007FD20B47692E05F30F02C49031","fqdn":"bid.sspnet.tech","domain":"sspnet.tech","tld":"tech"},"ip":{"addr":"212.41.25.245","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sspnet.tech","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 09:12:30 GMT","end":"Wed, 10 Jun 2026 09:12:29 GMT"},"fingerprint":{"sha1":"74:C6:56:28:7A:24:F3:E7:6F:E4:3C:01:30:57:4F:FB:A4:9F:E5:55","sha256":"4E:E4:15:9F:F0:61:EB:12:FA:CB:DB:21:F4:43:29:CE:73:C1:BA:2A:62:49:B9:83:77:AE:79:3F:C8:24:E1:90"}}},"request":{"raw":"GET /sync/sape?redirect=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D203%26euid%3D%24%7BUSER_ID%7D\u0026user_id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: bid.sspnet.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.28.0\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nx-request-id: 4bc291ad-3edb-4326-9103-c04adff6c0f9\r\nlocation: https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fbid.sspnet.tech%2Fsync%2Freverse%3Fdsp_slug%3Dbuzzoola%26dsp_user_id%3D%24%7BUUID%7D%26sync_id%3D06c93b63-4fac-4a42-b2a6-6f632ecdf2e6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":761,"timings":{"blocked":426,"dns":0,"connect":29,"send":0,"wait":32,"receive":0,"ssl":273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/match?dp=366\u0026euid=VUsDebx22BrU5q7","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=366\u0026euid=VUsDebx22BrU5q7 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/cmatch?dp=95","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:25.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /cmatch?dp=95 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:25 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.1.3","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.1.3 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 899\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Mon, 24 Nov 2025 00:30:01 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RGDdDYX2ShnH%2B%2BTTz38JarYqK5c8xtEbK%2Ff2kFKR7dkgpS9mCdTGknfJDa3lAbDHqQ77KekaIVAIngbVFjwXO1Ts60gGVff5QoFetQkl\"}]}\r\ncf-ray: 9b120181991e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2947,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"64ac31699f5326cb3c76122498b76f66","sha1":"cc0a5a1741b8257001f89b331378d8aa7c30094a","sha256":"4048fd0e6c44412465449ba4f5c7272349ee1574401cec755d6b8d9c0ccc28dd","sha512":"23ad865e63544ee039221161083510346b01b8be56fa7a83540036c51dceb3f0171adf8f932cf77a457240427c0c3ccbad1f9f371e977c5b6a01e9fe316a878f","ssdeep":"","tlshash":"d0510164660028504bff92db6ea9db047b6e7481cd1faf97b0c21a7c5b782851223e5e","first_seen":"2025-06-26T12:36:15.124007Z","last_seen":"2026-04-25T15:59:21.138793Z","times_seen":109478,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/bootstrap.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/bootstrap.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 24455\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3XIZnponeHBIEswgbIX9fT5%2FXqPPyG1KdXGRIsjrojOo6znVpGwRoLSxtoVREswB30twtpAI1t522AtADSs7ESuu5nkyBzUfLXkCwMnG\"}]}\r\ncf-ray: 9b120181a93449c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":139559,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"14cc83277e781f1a3b090695d16fe045","sha1":"59adf0b453d80846cacf9d83e3844ced3dff4df9","sha256":"c05942d83e635ab4b9783fa2026d3b3540c9fec0b383ca6a9a0f6991a8a8cd07","sha512":"03bdda4963d3a38ecfd612d957695b46a02805119bd30e9b2df42526585c96553c041b6ec01147dc1a25a629949b3a5995055d9264a797b54edd021f1d16f06c","ssdeep":"1536:09B+xmM6JJ/iI2NZvhG8KkDcrqe0I5KHzV3nWwNa1:Lw/iTdhED5YV3nda1","tlshash":"98d3114a3e996492483bf33acfab850dfb75159b460592447caca9c81f7482053adffc","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.005077Z","times_seen":693,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.utraff.com/sync?ssp=8\u0026id=0200007FD20B47692E05F30F02C49031","fqdn":"a.utraff.com","domain":"utraff.com","tld":"com"},"ip":{"addr":"213.171.19.142","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utraff.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 04:18:08 GMT","end":"Thu, 12 Mar 2026 04:18:07 GMT"},"fingerprint":{"sha1":"7F:77:C5:6F:57:1F:C2:53:D7:D3:04:93:B1:75:D8:91:AA:38:A0:78","sha256":"B2:CE:C5:75:9F:E8:F2:94:5D:6D:78:3C:9D:ED:55:DC:C8:2F:EA:4F:D2:50:B2:6F:A7:4A:85:A1:5F:4F:C0:14"}}},"request":{"raw":"GET /sync?ssp=8\u0026id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: a.utraff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.24.0\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/plain\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: preutid=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/\npreutid=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":392,"timings":{"blocked":144,"dns":3,"connect":44,"send":0,"wait":93,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.lotus-dsp.ru/sync?ssp=Sape\u0026id=0200007FD20B47692E05F30F02C49031","fqdn":"a.lotus-dsp.ru","domain":"lotus-dsp.ru","tld":"ru"},"ip":{"addr":"213.171.19.207","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lotus-dsp.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 07:52:10 GMT","end":"Tue, 10 Mar 2026 07:52:09 GMT"},"fingerprint":{"sha1":"52:1E:E1:52:CD:27:DF:CC:10:13:C0:C0:B1:F0:C0:C3:8E:5D:F6:12","sha256":"17:BE:57:05:66:36:0F:5C:21:7B:D9:6B:6F:D3:0E:D1:B1:6B:45:4F:0E:70:C0:B4:FB:3D:CD:83:71:7A:2D:3C"}}},"request":{"raw":"GET /sync?ssp=Sape\u0026id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: a.lotus-dsp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.24.0\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/plain\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: adpreudid=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.lotus-dsp.ru; SameSite=None; Secure; Path=/\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":785,"timings":{"blocked":413,"dns":0,"connect":46,"send":0,"wait":53,"receive":0,"ssl":272},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchange.buzzoola.com/cookiesync/dsp/sape-banner?set_buzzoola_cookie=t\u0026uid=0200007FD20B47692E05F30F02C49031\u0026url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126","fqdn":"exchange.buzzoola.com","domain":"buzzoola.com","tld":"com"},"ip":{"addr":"176.114.74.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzoola.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 06:11:29 GMT","end":"Mon, 09 Mar 2026 06:11:28 GMT"},"fingerprint":{"sha1":"6D:1A:28:D1:AB:8D:18:D1:38:1A:55:28:34:A1:03:2A:BC:7A:1C:5A","sha256":"AB:C0:F2:6B:07:6C:D6:89:63:34:97:78:29:CD:C6:D1:2A:75:3D:C0:7C:E0:05:94:11:71:82:6B:67:8C:2D:36"}}},"request":{"raw":"GET /cookiesync/dsp/sape-banner?set_buzzoola_cookie=t\u0026uid=0200007FD20B47692E05F30F02C49031\u0026url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1\r\nHost: exchange.buzzoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uuid=542264ae-da49-453c-6c49-8b489ceccfad\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 156\r\nlocation: https://mc.acint.net/rmatch?dp=126\u0026euid=542264ae-da49-453c-6c49-8b489ceccfad\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126\r\nserverid: TODO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.suprion.ru/p?s=sape\u0026r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D264%26euid%3D%7BUID%7D","fqdn":"s.suprion.ru","domain":"suprion.ru","tld":"ru"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.suprion.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Sun, 01 Jun 2025 06:13:52 GMT","end":"Fri, 03 Jul 2026 06:13:51 GMT"},"fingerprint":{"sha1":"A5:86:48:CB:63:6E:6C:05:B6:C5:78:65:EF:0B:D8:8F:45:5E:D7:34","sha256":"BE:C2:4E:1D:BF:B2:73:FD:50:51:5F:8A:75:D6:F8:3E:8D:B4:34:5B:8D:D6:99:F4:45:51:E4:52:19:9C:BB:01"}}},"request":{"raw":"GET /p?s=sape\u0026r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D264%26euid%3D%7BUID%7D HTTP/1.1\r\nHost: s.suprion.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":3324,"timings":{"blocked":143,"dns":0,"connect":68,"send":0,"wait":0,"receive":0,"ssl":3112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sp.linkssp.ru/cm?key=edc11c69abfc708136ed44d548263e69\u0026location=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D394%26euid%3D%7Buid%7D%0A","fqdn":"sp.linkssp.ru","domain":"linkssp.ru","tld":"ru"},"ip":{"addr":"188.246.224.210","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sp.linkssp.ru","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 10:39:31 GMT","end":"Thu, 05 Feb 2026 10:39:30 GMT"},"fingerprint":{"sha1":"F1:5A:EB:09:0F:F6:AB:E3:F8:71:55:93:C6:AE:BA:DA:75:94:BE:FD","sha256":"B5:AE:05:DF:F6:07:87:F4:AC:B7:24:E7:72:43:7A:3D:64:AD:DF:4F:17:F7:29:3E:BE:B9:08:55:D7:42:5B:E2"}}},"request":{"raw":"GET /cm?key=edc11c69abfc708136ed44d548263e69\u0026location=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D394%26euid%3D%7Buid%7D%0A HTTP/1.1\r\nHost: sp.linkssp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nBidder: bid-03 1.371.7aa7e39\r\nLocation: https://mc.acint.net/match?dp=394\u0026euid=996abbbf-37fd-4071-b860-ac1f42ffb9ef\r\nSet-Cookie: uid=996abbbf-37fd-4071-b860-ac1f42ffb9ef.69470bd3.816ecb253953b115; domain=.linkssp.ru; path=/; expires=Mon, 19-Jan-2026 20:49:23 GMT; SameSite=None; Secure;\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":755,"timings":{"blocked":352,"dns":0,"connect":54,"send":0,"wait":59,"receive":0,"ssl":290},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/match?dp=68\u0026euid=Njk0NzBiZDMwNDAzYThjNQ%3D%3D","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=68\u0026euid=Njk0NzBiZDMwNDAzYThjNQ%3D%3D HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D\u0026dp=14\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nset-cookie: cSyncDp14v4=1766263763; expires=Mon, 19-Jan-26 20:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/uploads/2024/06/cropped-bodybuilder-gym-or-fitness-icon-logo-template-vector-illustration-2G0R22A-removebg-preview-1-32x32.png","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:23.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/cropped-bodybuilder-gym-or-fitness-icon-logo-template-vector-illustration-2G0R22A-removebg-preview-1-32x32.png HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nCookie: fid=71516970-ef54-4a5f-8c5b-001ea2720011; _ac_oid=54718e6f5096d49a4751e38622ffb9eb%3A1766267362964\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 532\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:23 GMT\r\nlast-modified: Wed, 12 Jun 2024 07:37:22 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xp2uNQGusVTo%2FjdmWbaZCXmC3mHLMHnBJKEd2x%2Br0SfhotjljGsqU6mc5AAKIN9bTKvtxqbueWk2VSg2VOw6xcnu8jgM35%2F5%2FOTc6jMm\"}]}\r\ncf-ray: 9b12018968f049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":532,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced","md5":"6cf78774461b7c9c10ef946d4dae975b","sha1":"3e0ab4be429df37e69b899da42df8e4db40cf08c","sha256":"5bf9503a2474559b4cf4ff2054999f6c4841ea624dcdd1b08194de5ed167dcc0","sha512":"c7e940fb4ab5afa8af678b5535cfb416634ac37d751ea59ec601721aa8d33a0dc319a5b39512657b28f932b7a1d9985030d42ef924b2900b017975d0f55f10e0","ssdeep":"","tlshash":"08f0757721307bb5ec0b222bf2db0df2b0f34139932db78800a0a0a5d0d99adc9d64e0","first_seen":"2025-12-20T20:50:01.55106Z","last_seen":"2025-12-20T20:50:01.55106Z","times_seen":1,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/rmatch?dp=71\u0026euid=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026r=https%3A%2F%2Fsync.upravel.com%2Fpbd%2Fsync","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=71\u0026euid=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026r=https%3A%2F%2Fsync.upravel.com%2Fpbd%2Fsync HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://sync.upravel.com/pbd/sync\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.oxygen.com/sites/oxygen/files/2021/06/edward-shin-pd.jpg","fqdn":"www.oxygen.com","domain":"oxygen.com","tld":"com"},"ip":{"addr":"23.36.77.203","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.oxygen.com","organization":"NBCUniversal Media, LLC"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F7:15:33:80:B0:9C:03:0A:81:A0:F7:53:7B:C5:02:59:F7:43:B0:50","sha256":"AA:C0:1B:C4:97:FE:15:C4:AD:B1:C3:5B:7D:1B:C7:14:D8:46:7C:0C:84:8B:BF:D5:BD:AD:31:1F:3C:E3:21:5C"}}},"request":{"raw":"GET /sites/oxygen/files/2021/06/edward-shin-pd.jpg HTTP/1.1\r\nHost: www.oxygen.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 19 Aug 2025 16:46:48 GMT\r\nserver: Akamai Image Manager\r\nx-serial: 769\r\ncontent-length: 39136\r\ncontent-type: image/avif\r\ncache-control: private, no-transform, max-age=1342635\r\nexpires: Mon, 05 Jan 2026 09:46:37 GMT\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\nalt-svc: h3=\":443\"; ma=93600\r\nakamai-grn: 0.c74d2417.1766263762.ee61501\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39136,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"3542b59249a7d3e113a9de0849e7a493","sha1":"9ec6cca5cd2fb409ecaa7bd8ae53e8ac3f2d9990","sha256":"6d4e059b99f8c9220efd1b9f5c1c4796016985abd237cb22c82fc9896447ef72","sha512":"9edf9de30c9b87738117c6042e6419914cb28964b637665c5eac17caaeead47d659cf3aa02dd5b4b79c574c25e301f8c1abe3253577e519809af6de7940452dc","ssdeep":"768:F/0nyDRYvt24byydUNLhy5hzicQ15MI5rRrHsfge5:uyDR7ydUNFshzzIrrHsYu","tlshash":"1003f285b8160300e17c5a79f9c4d6b66b7b3543403fe6e88e95771c34c1825ee5abbc","first_seen":"2025-12-20T20:50:01.552302Z","last_seen":"2025-12-20T20:50:01.552302Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1025,"timings":{"blocked":148,"dns":154,"connect":1,"send":0,"wait":518,"receive":196,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.utraff.com/sync?ssp=sape","fqdn":"a.utraff.com","domain":"utraff.com","tld":"com"},"ip":{"addr":"213.171.19.142","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utraff.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 04:18:08 GMT","end":"Thu, 12 Mar 2026 04:18:07 GMT"},"fingerprint":{"sha1":"7F:77:C5:6F:57:1F:C2:53:D7:D3:04:93:B1:75:D8:91:AA:38:A0:78","sha256":"B2:CE:C5:75:9F:E8:F2:94:5D:6D:78:3C:9D:ED:55:DC:C8:2F:EA:4F:D2:50:B2:6F:A7:4A:85:A1:5F:4F:C0:14"}}},"request":{"raw":"GET /sync?ssp=sape HTTP/1.1\r\nHost: a.utraff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.24.0\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/plain\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: preutid=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/\npreutid=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":141,"dns":2,"connect":46,"send":0,"wait":93,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0200007FD20B47692E05F30F02C49031\u0026url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126","fqdn":"exchange.buzzoola.com","domain":"buzzoola.com","tld":"com"},"ip":{"addr":"176.114.74.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzoola.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 06:11:29 GMT","end":"Mon, 09 Mar 2026 06:11:28 GMT"},"fingerprint":{"sha1":"6D:1A:28:D1:AB:8D:18:D1:38:1A:55:28:34:A1:03:2A:BC:7A:1C:5A","sha256":"AB:C0:F2:6B:07:6C:D6:89:63:34:97:78:29:CD:C6:D1:2A:75:3D:C0:7C:E0:05:94:11:71:82:6B:67:8C:2D:36"}}},"request":{"raw":"GET /cookiesync/dsp/sape-banner?uid=0200007FD20B47692E05F30F02C49031\u0026url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1\r\nHost: exchange.buzzoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 269\r\nlocation: /cookiesync/dsp/sape-banner?set_buzzoola_cookie=t\u0026uid=0200007FD20B47692E05F30F02C49031\u0026url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126\r\nset-cookie: uuid=542264ae-da49-453c-6c49-8b489ceccfad; Path=/; Domain=buzzoola.com; Expires=Mon, 19 Jan 2026 20:49:23 GMT; Max-Age=2592000; Secure; SameSite=None\r\nserverid: TODO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":5,"connect":27,"send":0,"wait":28,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/match/?dp=361\u0026euid=VUhPThJn9PIBbBS","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match/?dp=361\u0026euid=VUhPThJn9PIBbBS HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/amberdata/sync","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:33.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /amberdata/sync HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: session_tptc=1766263763714; user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:34 GMT\r\ncontent-length: 0\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\nset-cookie: user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\nuser_id-legacy=d98dcc7a-51eb-4916-a95e-2482bcecb560;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\r\nlocation: https://dmg.digitaltarget.ru/1/6401/i/i?a=685\u0026e=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026i=8361640762226501\u0026c=up:d98dcc7a-51eb-4916-a95e-2482bcecb560.ss:685\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statmedia.ru/counter/sync.gif?system=sape\u0026cb=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D399%26euid%3D%24UID","fqdn":"statmedia.ru","domain":"statmedia.ru","tld":"ru"},"ip":{"addr":"82.202.225.227","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"statmedia.ru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 04:55:37 GMT","end":"Thu, 19 Feb 2026 04:55:36 GMT"},"fingerprint":{"sha1":"56:0A:46:B3:31:72:5F:7F:E1:F3:1B:FE:6B:F6:48:C4:63:07:E2:59","sha256":"9E:2E:C9:05:CE:37:BD:2F:CA:81:4D:2C:BC:37:B3:69:F6:4E:DE:D4:39:53:D2:27:88:E1:26:A8:A8:58:46:3B"}}},"request":{"raw":"GET /counter/sync.gif?system=sape\u0026cb=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D399%26euid%3D%24UID HTTP/1.1\r\nHost: statmedia.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 43\r\nConnection: keep-alive\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"df3e567d6f16d040326c7a0ea29a4f41","sha1":"ea7df583983133b62712b5e73bffbcd45cc53736","sha256":"548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87","sha512":"b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041","ssdeep":"","tlshash":"c2900003caa08002c2a2c0300a0a03002f88a2300228030e80bc30acec3a3a22c02000","first_seen":"2023-04-05T03:49:37Z","last_seen":"2026-04-25T15:59:33.095477Z","times_seen":97440,"resource_available":true,"data":null}},"time_used":694,"timings":{"blocked":340,"dns":0,"connect":27,"send":0,"wait":33,"receive":0,"ssl":295},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dm.hybrid.ai/match?id=414","fqdn":"dm.hybrid.ai","domain":"hybrid.ai","tld":"ai"},"ip":{"addr":"37.230.131.21","port":443,"asn":200197,"as":"Hybrid Adtech Sp.z.o.o.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.hybrid.ai","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 22 Sep 2025 00:00:00 GMT","end":"Sun, 04 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:21:9E:FA:EF:FF:FF:F2:8D:68:A8:F9:EB:ED:53:32:CC:17:9B:ED","sha256":"C9:20:9A:53:1E:FA:35:C7:29:64:1F:C3:7B:1E:34:73:C8:15:87:43:EA:35:06:B8:8D:86:E5:11:19:2A:60:FC"}}},"request":{"raw":"GET /match?id=414 HTTP/1.1\r\nHost: dm.hybrid.ai\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nexpires: -1\r\np3p: CP=\"NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC\"\r\nx-mode: 5015\r\nx-xss-protection: 1; mode=block\r\naccess-control-allow-origin: *\r\nserver: Hybrid Web Server\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/colors/default.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/colors/default.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 4807\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4h9oFYBijaC%2Fxm3uE4I%2BttpFtk1I3mtitnc67smU7RLRv%2FVCz9uYfkqPBSRP3KVY7s0oN03VYD2rJlDnEVTLl1psmegy6g4SerAprpQS\"}]}\r\ncf-ray: 9b120181992549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":30689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1708), with CRLF line terminators","md5":"a9350986cbbb88ac2c3eff91c091feb6","sha1":"578c95ba638299e0fb2cf5ac1c097bdddb3a8a16","sha256":"1fa5951190fde57cb778f5607b50a90d666951918a33fce0f72d657c59fea3a7","sha512":"a8c1fe31d9f7251dc26ea1f734a8f8b9f1e7a6c443de55978c9e8e453c3ceffcaaa396b5e171bf6a3d5b3696849fcee008a9011ce1df8bf29daba128f48123b1","ssdeep":"192:g/DUiKRLRgDgqIX3XuKi/0VXX3j6CN/ETZh5GvM6ICoAN17GLGOEjECJbxt+uKPU:Li/0VXX3PEMvMZhxFEjECJbxN","tlshash":"9bd204abb11314ce3b938abc366191c07f3840e8d9040bbc7d2556a856cf6ce793da5a","first_seen":"2025-11-14T11:42:26.122341Z","last_seen":"2026-04-06T05:07:11.313974Z","times_seen":29,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/jquery.smartmenus.bootstrap.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1837\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HAFccUrUSmIGP8dgqUNHt9V%2FHUzNHt4tzPwPv523iXs%2FVAN%2Bk%2Ff5EKHV4k7dEawb7EvUqnQlkei7uOI5zDwkW8Mtlp0TuPBQDCVMM40e\"}]}\r\ncf-ray: 9b120181a93c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6010,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"c9e5a0446d6d895f2c610dab5fab60cd","sha1":"ddb15496b9532eaaa658f6e265124d67520bea20","sha256":"bc0c8ec8343dbaff247a4dcebe4405f3127e3dcb676d2542e265c64bb1251ca6","sha512":"be6dd43a12915963a4fcaf64e47fd911625bebe19c2fbd07218b3fe395b17952e032e87b110236b520bb38b96ebd783e37cc3b361f2e18c2d6c4c542a85be667","ssdeep":"96:/FUtVopuRtsZg9gpoQ+Ma0IirYrZFhrJ82u9G/A5:dGuw6f0eYBnQ","tlshash":"08c164c073ae715fc4d7221621bf924aaf6ec1789046407e756b96ac7ed048823b3e3d","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.012228Z","times_seen":747,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images-assets.nasa.gov/image/iss073e0817247/iss073e0817247~large.jpg","fqdn":"images-assets.nasa.gov","domain":"nasa.gov","tld":"gov"},"ip":{"addr":"18.238.243.45","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.nasa.gov","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 02 Sep 2025 00:00:00 GMT","end":"Tue, 29 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CC:98:52:37:84:9A:25:00:2E:C0:8E:1A:CF:D5:27:9E:A2:69:62:88","sha256":"F1:5D:52:A2:A9:7F:9C:37:25:5A:8A:3C:E1:D1:0F:CE:83:9A:3E:63:DC:20:C0:14:61:48:7F:31:18:CD:C5:0C"}}},"request":{"raw":"GET /image/iss073e0817247/iss073e0817247~large.jpg HTTP/1.1\r\nHost: images-assets.nasa.gov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 367923\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\nlast-modified: Wed, 10 Dec 2025 18:53:17 GMT\r\netag: \"732f9ffbd1ae87f1771b2a9f1af0231c\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=300, s-max-age=600\r\nx-amz-version-id: xHR3GuyXdxANnrCugLSbb1YREXpvNMVZ\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncontent-security-policy-report-only: default-src https:; report-uri /csp-violation-report/\r\nreferrer-policy: same-origin\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 9bc84c94880403a2bdfe0bc8f1800e4e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: AMS58-P1\r\nx-amz-cf-id: 6NFOtxaFVJ7Sx6er94rv9Fs2jdNWHWDWI2em_UP2TxA5ba4NumDl3Q==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":367923,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1280, components 3","md5":"732f9ffbd1ae87f1771b2a9f1af0231c","sha1":"65d4f7cc3448bee3cc4582d772b9f179c30b7b3c","sha256":"af2ea804db05a330bec45b418d4ce0f0f0e59eae4a730fb4ee210232e314fb8b","sha512":"e3e12791e039212aeb884e20a7d1d4eb9f7c82dc8c13e4d1e612d99934fd2e53da33a0002f4fe08350d53fb8c60dfe7f97c110fe1ad9e4e7121fbcbf70c8c901","ssdeep":"6144:b5Ydcad7SfA+wo0JAR02i6/WeibzefJk5udRGtyGGJmFL6ylqV:by/SfANo0koeiH5QJmF2F","tlshash":"fe7423f2e58b8c7a82c44202b5d30cf783717d31627acba65986d64f7b74d6fc589026","first_seen":"2025-12-20T20:50:01.556424Z","last_seen":"2025-12-20T20:50:01.556424Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1116,"timings":{"blocked":152,"dns":107,"connect":20,"send":0,"wait":454,"receive":358,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.dmp.otm-r.com/match/sape?id=0200007FD20B47692E05F30F02C49031","fqdn":"sync.dmp.otm-r.com","domain":"otm-r.com","tld":"com"},"ip":{"addr":"194.55.244.180","port":443,"asn":34959,"as":"Kviktel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sync.dmp.otm-r.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:06:37 GMT","end":"Tue, 10 Mar 2026 06:06:36 GMT"},"fingerprint":{"sha1":"C0:50:09:84:7A:D9:92:52:FE:BD:EA:94:B3:65:D6:83:2C:B3:52:8A","sha256":"6A:F5:31:88:A3:2A:6E:A1:F0:48:DA:7C:7D:A2:DD:EF:82:C2:71:12:9E:54:D7:9E:4F:C0:88:FA:C6:F9:E3:B3"}}},"request":{"raw":"GET /match/sape?id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.dmp.otm-r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.27.4\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\nlocation: /match/sape?id=0200007FD20B47692E05F30F02C49031\u0026otcm_check=1766263763\r\nset-cookie: mpid=Njk0NzBiZDMwNDAzYThjNQ==; max-age=31536000; domain=otm-r.com; path=/; secure; SameSite=None; Partitioned\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.27.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":357,"timings":{"blocked":144,"dns":4,"connect":49,"send":0,"wait":54,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.bumlam.com/?src=sap1\u0026uid=0200007FD20B47692E05F30F02C49031","fqdn":"sync.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"31.172.81.146","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 15:01:44 GMT","end":"Thu, 19 Mar 2026 15:01:43 GMT"},"fingerprint":{"sha1":"73:09:47:20:FC:A8:0D:DC:79:F0:08:58:30:EF:F6:AE:72:A0:E1:0B","sha256":"73:92:7B:67:F8:0C:85:9F:42:64:89:B1:B4:BA:C5:BB:D0:C1:72:38:91:59:BA:0B:54:55:C0:4E:84:7F:12:34"}}},"request":{"raw":"GET /?src=sap1\u0026uid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 15 Dec 2045 20:49:23 GMT; Domain=bumlam.com; SameSite=None; Secure\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nLocation: //sync.bumlam.com/?src=sap1\u0026s_data=CAIQARjTl5zKBmIgMDIwMDAwN0ZEMjBCNDc2OTJFMDVGMzBGMDJDNDkwMzGiARBdR4eM3eUR8LYMACWQyCQ2\r\nETag: 5d47878c-dde5-11f0-b60c-002590c82436\r\nCache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":21,"dns":0,"connect":20,"send":0,"wait":24,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.adspector.io/sync?ssp=6","fqdn":"a.adspector.io","domain":"adspector.io","tld":"io"},"ip":{"addr":"104.21.15.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adspector.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 03:16:35 GMT","end":"Wed, 11 Feb 2026 04:14:56 GMT"},"fingerprint":{"sha1":"70:93:AE:0A:86:B3:EC:6A:26:43:0C:59:15:5C:6D:1C:C5:C6:F8:11","sha256":"16:49:F6:10:DA:6C:F1:EC:DB:5E:3C:6B:52:FE:1B:B8:2A:EC:A0:D1:73:71:15:1E:94:F3:29:C7:95:AB:81:A3"}}},"request":{"raw":"GET /sync?ssp=6 HTTP/1.1\r\nHost: a.adspector.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: preadspector=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.adspector.io; SameSite=None; Secure; Path=/\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4epHbHVHpSIL3YFXufdm%2BvC4zW89sfDrcg7okTfGg646HraW%2FbI4mdKGTFXlq79SIfob89vtL%2Bth%2FP05n86%2BRi%2Br3ubEbj6%2BE685RoZv\"}]}\r\ncf-ray: 9b120189887b0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":232,"dns":2,"connect":3,"send":0,"wait":153,"receive":0,"ssl":232},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.videohead.tech/sync?ssp=68","fqdn":"a.videohead.tech","domain":"videohead.tech","tld":"tech"},"ip":{"addr":"213.171.19.234","port":443,"asn":56694,"as":"LLC Smart Ape","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videohead.tech","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 04:18:22 GMT","end":"Mon, 16 Mar 2026 04:18:21 GMT"},"fingerprint":{"sha1":"D4:BD:35:64:FD:0D:B7:42:06:E8:84:8A:76:DD:64:2F:67:69:8B:32","sha256":"01:FF:C8:A9:A2:01:4D:06:C1:B0:03:E1:A4:B2:98:E0:05:D8:DC:56:D2:61:B4:9D:77:78:AB:7E:E4:AF:C4:72"}}},"request":{"raw":"GET /sync?ssp=68 HTTP/1.1\r\nHost: a.videohead.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.24.0\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/plain\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: prevhead=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.videohead.tech; SameSite=None; Secure; Path=/\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":292,"dns":0,"connect":48,"send":0,"wait":90,"receive":0,"ssl":327},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rtb.dynotech.io/sape/sync/","fqdn":"rtb.dynotech.io","domain":"dynotech.io","tld":"io"},"ip":{"addr":"77.223.121.51","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rtb.dynotech.io","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 17:57:55 GMT","end":"Sun, 11 Jan 2026 17:57:54 GMT"},"fingerprint":{"sha1":"C1:88:1A:B8:F5:1D:6C:EF:0E:F8:F6:6C:52:ED:EB:07:E2:04:B0:41","sha256":"0C:8E:6C:A8:2D:14:6F:8A:B0:94:08:8D:BF:20:FC:F4:F8:82:0D:76:45:5E:AB:05:87:42:8F:AC:07:59:47:A4"}}},"request":{"raw":"GET /sape/sync/ HTTP/1.1\r\nHost: rtb.dynotech.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":717,"timings":{"blocked":377,"dns":0,"connect":29,"send":0,"wait":33,"receive":0,"ssl":277},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.dvgroup.com/match/sape?id=0200007FD20B47692E05F30F02C49031","fqdn":"sync.dvgroup.com","domain":"dvgroup.com","tld":"com"},"ip":{"addr":"82.148.21.217","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rtb.dvgroup.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 02 Nov 2025 11:37:34 GMT","end":"Sat, 31 Jan 2026 11:37:33 GMT"},"fingerprint":{"sha1":"A8:46:6D:9C:F3:36:47:77:5A:7D:E0:13:19:BC:F3:96:D5:2A:86:F0","sha256":"E5:FC:4C:96:76:05:51:82:82:91:C6:98:76:9A:8F:B4:03:09:E7:D4:88:C0:12:BA:E8:B1:03:AF:3D:C4:D0:32"}}},"request":{"raw":"GET /match/sape?id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.dvgroup.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:26 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"07fff40b5dd495aca2ac4e1c3fbc60aa","sha1":"e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4","sha256":"a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7","sha512":"49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a","ssdeep":"","tlshash":"55900003caa0800bc2a2c0300a080320ab80a23002080b0e80ac32a8ec2a2a20c00000","first_seen":"2023-04-05T13:33:10Z","last_seen":"2026-04-25T16:16:46.645196Z","times_seen":33956,"resource_available":true,"data":null}},"time_used":3892,"timings":{"blocked":389,"dns":0,"connect":3378,"send":0,"wait":65,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/pbd/sync","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:24.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /pbd/sync HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: session_tptc=1766263763714; user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\ncontent-length: 0\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\nset-cookie: user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\nuser_id-legacy=d98dcc7a-51eb-4916-a95e-2482bcecb560;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\r\nlocation: https://1026--d98dcc7a-51eb-4916-a95e-2482bcecb560.stbid.ru/?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/bootstrap.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/bootstrap.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 23442\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fwk04EY46y31w52F3YlODF8tPg9pvREsWSCL0pr6da6QXnUuWsLKoOHZ6nr8cWFb0uPGCVaBx3AnXX%2FgF2jHOju%2FLCK2cjDSnCaRW9pw\"}]}\r\ncf-ray: 9b120181992249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":207317,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (629), with CRLF line terminators","md5":"9c515bcfe5994f1106779ebc80085b47","sha1":"b3d924db73552958894a064fe750137a2f828c25","sha256":"4c5798c5768d1fff57be971c1433ab44d971d717a56016facb2794a51b52ffea","sha512":"e77bbbcdff151ce0cc57c0ca9bdde40e0b4634048fede2950f08e05b25843d5c6f9986088b2d5ae50191293d9dce05ea59b7b25f6bda7933c46a7f04b0c65467","ssdeep":"1536:JDfkBgXJNlQEHEGk6gP6k20xdT8r2d0Y8b0nEXAMChCAWJKqKQnJKul9QjWgQsQE:p8B7dPY88nrGCYYI0TxIYTy","tlshash":"1c1476a8e951110765b39b7ca3d3567aff7a4062ca0257bbbee3610497c86d08d32dcc","first_seen":"2023-09-22T00:37:45Z","last_seen":"2026-04-25T13:58:42.011161Z","times_seen":620,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 29744\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 29 Aug 2023 02:44:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5nlxMU3qtdXaFx6BxctrH3r83%2BWNY89LvrxVwLbwZ0j77sfPW6fhk7Hl1PzS6pLTNDgotGlGnVr7wFvVRXvqWQwBeBDkAE46Enzh%2Bwy1\"}]}\r\ncf-ray: 9b120181a93049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-25T15:55:37.664681Z","times_seen":740706,"resource_available":true,"data":null}},"time_used":441,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/uploads/2024/06/default-2-300x300.png.png","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/default-2-300x300.png.png HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 10300\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Wed, 12 Jun 2024 07:34:04 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MfQI7LVHcoEsB2RcVflPUWE2eDSC9H0zMHkXTBfAJ7y%2FfaRyCVZqhQpi6uZpYX7jNj1StM5b%2FPnWW9KDtSyyeSBdB4TYokspB0okiyQP\"}]}\r\ncf-ray: 9b120181a94049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10300,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"4e1682794725465b0017ddaf1646d26a","sha1":"6df178667b7fb7de3eef76f4d18119829ca9a241","sha256":"bd8b53a8518c7f43b150a28dcae4cd76d4a79b1a45f5044c346bd34e33adb82b","sha512":"af8fb85d8d95229f76337b084737bf118a608f6325f9126b340b34f116cda86175e006c72ecca1edc9e3e28c7cf253860327803bc0824a3c7d1d91877c42eeec","ssdeep":"192:MYl9MqM+df7cPjIZde3K4ngMDR9tukxUYtCH/Qk4TH8miYdVRydzq:MgD/djojIQgWeYEH/74TzzRyd+","tlshash":"c822b09e2a75e071d84efc3ba2d5c073ad1f2185e140c7cdd3aba3afe6596442d31061","first_seen":"2025-12-20T20:50:01.56065Z","last_seen":"2025-12-20T20:50:01.56065Z","times_seen":1,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.azcentral.com/gcdn/-mm-/ef520fa941b8f9e08a2920d47562b15c3bc032fd/c=42-0-1157-630/local/-/media/2018/03/12/Phoenix/Phoenix/636564624113950329-Facebook-renderings-AHS-FashionShowaroundpool-1981-229-21.jpg?width=660\u0026height=372\u0026fit=crop\u0026format=pjpg\u0026auto=webp","fqdn":"www.azcentral.com","domain":"azcentral.com","tld":"com"},"ip":{"addr":"199.232.42.62","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usatoday.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 14:45:34 GMT","end":"Tue, 24 Feb 2026 14:45:33 GMT"},"fingerprint":{"sha1":"F3:79:E9:AF:91:20:F4:3C:1C:24:40:8B:F5:00:FE:D4:8A:A1:7E:46","sha256":"D9:6D:B9:C5:EA:6C:9B:50:20:E7:5F:A1:54:98:92:EC:2F:F0:58:07:EA:8F:B7:7F:05:A4:1A:AA:75:6D:B7:92"}}},"request":{"raw":"GET /gcdn/-mm-/ef520fa941b8f9e08a2920d47562b15c3bc032fd/c=42-0-1157-630/local/-/media/2018/03/12/Phoenix/Phoenix/636564624113950329-Facebook-renderings-AHS-FashionShowaroundpool-1981-229-21.jpg?width=660\u0026height=372\u0026fit=crop\u0026format=pjpg\u0026auto=webp HTTP/1.1\r\nHost: www.azcentral.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 406 Not Acceptable\r\ncache-control: private, no-store\r\naccept-ranges: bytes\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\nnel: {\"report_to\":\"default\",\"max_age\":31557600,\"include_subdomains\":true,\"success_fraction\":0.005}\r\nreport-to: {\"max_age\":31557600,\"include_subdomains\":true,\"endpoints\":[{\"url\":\"https://reporting-api.gannettinnovation.com\"}]}\r\ndocument-policy: include-js-call-stacks-in-crash-reports\r\ncontent-security-policy: upgrade-insecure-requests\r\nstrict-transport-security: max-age=63072000;includeSubDomains;preload\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"406","status_text":"Not Acceptable","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/aci.js","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /aci.js HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 8799\r\nlast-modified: Mon, 08 Sep 2025 17:51:42 GMT\r\netag: \"68bf17ae-225f\"\r\ncontent-encoding: gzip\r\nexpires: Sun, 21 Dec 2025 08:49:22 GMT\r\ncache-control: max-age=43200\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31372,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (31372), with no line terminators","md5":"20f0381069e78a636d53b3d505e967c7","sha1":"800464b5f1400a923482d4298b472e17cda20737","sha256":"7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37","sha512":"5aa6d98aca4d9881d5bf2c8dd71ff3d35e534a09ee749bf248c3d6f838f240f0d77edf06f8f2eae1b7a3797d9d447fe2da922395243f22547a13c4b6ea9981a2","ssdeep":"768:EMNY2uNr6tm67+DVRhNk6L0Wbha0XByPcf0:EMN/uNWo67+DLhNZaMByks","tlshash":"1ce2f98a7191f47306d3a179c12f050bf136696620e8d0e4f536dce0aeb858e6577f3a","first_seen":"2024-10-20T11:06:54.910201Z","last_seen":"2026-01-29T05:23:48.922533Z","times_seen":4303,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":91,"dns":3,"connect":28,"send":0,"wait":29,"receive":27,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mediatoday.ru/c/m.gif?s=32\u0026id=366\u0026reference=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D366%26euid%3D%7Bvisitor_id%7D","fqdn":"mediatoday.ru","domain":"mediatoday.ru","tld":"ru"},"ip":{"addr":"194.186.91.196","port":443,"asn":3216,"as":"PVimpelCom","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mediatoday.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 09:53:51 GMT","end":"Sun, 08 Feb 2026 09:53:50 GMT"},"fingerprint":{"sha1":"43:56:05:2D:39:36:28:96:AE:74:07:D6:E8:52:76:1A:89:83:A2:81","sha256":"7F:E0:EE:71:80:3C:CB:DE:47:F8:52:85:81:45:A4:6D:94:9D:8A:08:9F:CC:57:C4:F4:70:0C:0B:5D:3F:33:37"}}},"request":{"raw":"GET /c/m.gif?s=32\u0026id=366\u0026reference=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D366%26euid%3D%7Bvisitor_id%7D HTTP/1.1\r\nHost: mediatoday.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 124\r\ncache-control: no-cache, max-age=0, must-revalidate, no-store\r\npragma: no-cache\r\nexpires: Tue, 11 Sep 2001 12:46:00 GMT\r\nset-cookie: idntfy=VUsDebx22BrU5q7; expires=Tue, 18-Dec-2035 20:49:23 GMT; domain=mediatoday.ru; path=/c/; SameSite=None; Secure\nidntfy=VUsDebx22BrU5q7; expires=Tue, 18-Dec-2035 20:49:23 GMT; domain=mediatoday.ru; path=/core/; SameSite=None; Secure\nidntfy=deleted; path=/c; domain=mediatoday.ru; expires=Tue, 11 Sep 2001 12:46:00 GMT; SameSite=None; Secure\nidntfy=deleted; path=/core; domain=mediatoday.ru; expires=Tue, 11 Sep 2001 12:46:00 GMT; SameSite=None; Secure\r\nlocation: https://mc.acint.net/match?dp=366\u0026euid=VUsDebx22BrU5q7\r\nalt-svc: h3=\":443\"; ma=86400,h3-29=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":746,"timings":{"blocked":316,"dns":0,"connect":54,"send":0,"wait":58,"receive":0,"ssl":318},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp.bidster.net/sync/75b31511-b167-4007-830c-56630c3c6617?id=0200007FD20B47692E05F30F02C49031\u0026redirect=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D385%26euid%3D%7Bid%7D","fqdn":"ssp.bidster.net","domain":"bidster.net","tld":"net"},"ip":{"addr":"87.228.58.108","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssp.bidster.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 19:21:55 GMT","end":"Fri, 20 Feb 2026 19:21:54 GMT"},"fingerprint":{"sha1":"BC:CD:E5:41:60:B2:62:54:EC:C0:2A:0F:26:B9:9F:A7:E3:9A:8B:1A","sha256":"6A:5E:5C:25:8D:31:5E:BB:CD:E8:CD:48:AA:F4:B3:AC:F8:77:F3:09:D1:90:1E:81:55:DC:53:76:61:AC:0F:02"}}},"request":{"raw":"GET /sync/75b31511-b167-4007-830c-56630c3c6617?id=0200007FD20B47692E05F30F02C49031\u0026redirect=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D385%26euid%3D%7Bid%7D HTTP/1.1\r\nHost: ssp.bidster.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 303 See Other\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nlocation: https://mc.acint.net/match?dp=385\u0026euid=65d5445491165d493051f\r\nset-cookie: uid=65d5445491165d493051f; Max-Age=34560000; Domain=.bidster.net; Path=/; Expires=Sun, 21 Dec 2025 06:25:23 GMT; Secure; SameSite=None\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See Other","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":762,"timings":{"blocked":327,"dns":0,"connect":56,"send":0,"wait":70,"receive":0,"ssl":309},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"id.adx.bid/match/sape?eid=0200007FD20B47692E05F30F02C49031","fqdn":"id.adx.bid","domain":"adx.bid","tld":"bid"},"ip":{"addr":"104.26.1.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adx.bid","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 20:44:08 GMT","end":"Tue, 10 Feb 2026 21:43:30 GMT"},"fingerprint":{"sha1":"CA:0B:25:51:E0:58:1F:6F:2B:D9:A7:61:0F:2C:11:43:C6:F3:1A:E3","sha256":"EF:58:73:9B:AA:B3:85:BA:14:6F:51:19:2C:A3:B6:EF:27:B5:C5:A0:1A:23:97:91:E8:05:BB:EE:6C:9D:A4:C6"}}},"request":{"raw":"GET /match/sape?eid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: id.adx.bid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\nserver: cloudflare\r\nx-error: not_active\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Range\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TizCWWSkNAXVZyxjzFGGMgPecrkaryUQrZpTtsXY8KTy7TjbhfCkpPdF01s14WP%2Fm9iHYZFdtKarv09aa9awGBNk2hcZ56AkyQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b120186edf3dfec-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":42,"connect":1,"send":0,"wait":30,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4678\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 09 Jun 2023 15:19:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iMdgbOTn2XmhW8iS%2BlcKabU%2BctpiO01sxuOCJLYPBSqZJ7ZCRlO%2FoLgSMXjxr9o0CtV%2FfHaPZT08M%2FUAFYur7jUYo%2FTJUZnkOuzxaqk2\"}]}\r\ncf-ray: 9b120181a93149c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-25T15:55:37.689347Z","times_seen":687522,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.3","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.3 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 3369\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 24 Nov 2025 00:30:01 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BPVeF1ahYQi40lE79SAFyDygTAm9Lz6uhLBWn3%2BZuDBerua%2FfAtbdn8Zj1Os%2BtUqAFuWyrPD8b7g7A97ViiIX9%2BHH%2Bq8DqDUabWiggVK\"}]}\r\ncf-ray: 9b120181d9be49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":12512,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (12512), with no line terminators","md5":"96e7dc3f0e8559e4a3f3ca40b17ab9c3","sha1":"d363d0291e92c233e828023583dcf6685f2da5a2","sha256":"29fdd17a7002a2e1bbd9b33adafc53457c64006b5aca8f6e4dbf907de35433ca","sha512":"851dcea59510a12dd72c8391a9ea6ffa96bcbe0f009037d7a0b6e27bae63a494709b6eee912b5ed8d25605fbb767a885f543915996f8a8aff34395992e3332dc","ssdeep":"384:wwuf8OQL0sARrAZcNWLq/+Ffm/hibLexa2VautyX2fsL3ZHO1O9H:wwuf8OQL0sAZAGNWmGcibLexa2Vau0XD","tlshash":"d34235e16197e0f0c7c338a48816c051f2bf866cb9898054fb5dcdd22d5de07626b77a","first_seen":"2025-03-11T19:47:45.42406Z","last_seen":"2026-04-25T15:56:53.067627Z","times_seen":162482,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/wp-forms-puzzle-captcha/assets/js/wfpc-puzzle-captcha.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/plugins/wp-forms-puzzle-captcha/assets/js/wfpc-puzzle-captcha.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 3420\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 06 Jun 2024 01:22:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WWEt82ZVh19wCX4LnlwGNNbbyrczC%2FcErMIvNkGpXxxgDWsQd2sYd1tHUFJYPxsa1qUvwERKmdV4o4OYRgO28GTSiJWPSkXn1ZO9nXT0\"}]}\r\ncf-ray: 9b120181d9c049c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13434,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"80e99918ae697df48e8b9e020056e50a","sha1":"78f338692935dbf9979b40d3ad0dbce04566a45e","sha256":"6e61ec16b43db70283d9b4690a5c67d81ef49e9e655b60167a509d0a8739e2b8","sha512":"9b5a00f510bcb3d32c2d9a5a4f4f0c1aa0c59623bd8818c68d304fcb58fe21185023b8d26f12b912cb8029b6b95b85a034d71b3534478e5612eceef9f5e83294","ssdeep":"192:S4STNixqFkET1lLvRK/VwdETigoTHKAtaF:cRK/idLQF","tlshash":"b65255087ebb1275946350af4f9fa40ce2b8912b0d05d958bc9ce3c88f58538d5a6bf9","first_seen":"2023-03-07T13:20:53Z","last_seen":"2026-04-25T13:12:03.810476Z","times_seen":54,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssp.al-adtech.com/api/sync/sape","fqdn":"ssp.al-adtech.com","domain":"al-adtech.com","tld":"com"},"ip":{"addr":"45.139.25.120","port":443,"asn":34959,"as":"Kviktel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.al-adtech.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Oct 2025 07:19:40 GMT","end":"Sun, 18 Jan 2026 07:19:39 GMT"},"fingerprint":{"sha1":"49:E7:E6:61:8C:94:61:60:5D:BD:36:D3:9F:62:39:4D:B0:9E:4F:32","sha256":"5E:4B:55:76:B2:4F:F0:62:A1:AB:66:B8:93:41:28:AD:E7:86:98:99:13:64:E8:01:12:8A:4F:8C:A1:D6:21:97"}}},"request":{"raw":"GET /api/sync/sape HTTP/1.1\r\nHost: ssp.al-adtech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.20.1\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin\r\nAccess-Control-Allow-Origin: \r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://mc.acint.net/rmatch?dp=261\u0026euid=4c2b70eb-8044-4361-bf7a-562e70bf079e\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261\r\nSet-Cookie: afp_cookie=gAAAAABpRwvT69psVRwdNpOG7dDb1GN7NZ17ChuqL2lM108_FSdIfcJ985Rg-oEs3I0mV1Y0t87k2RhpI2kZMbuotwSXwNvpayTFhvEn2pgUt1_uWzoYm6wHJyiEQg6wFGbBiz_t7okgM9lV7pH-vQC1-r4OP2mUY88s-VLjXuut9hdWo6MotVrlTi-JU7KuXJ6PmNv01ttt-G_geANysICQlDsERx3Nlw==$; expires=Tue, 20 Jan 2026 20:49:23 GMT; path=/; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":132,"dns":1,"connect":54,"send":0,"wait":53,"receive":0,"ssl":356},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.opendsp.ru/match/sape_ex?id=0200007FD20B47692E05F30F02C49031","fqdn":"sync.opendsp.ru","domain":"opendsp.ru","tld":"ru"},"ip":{"addr":"176.114.85.200","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.opendsp.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 05 Aug 2025 11:37:07 GMT","end":"Sun, 06 Sep 2026 11:37:06 GMT"},"fingerprint":{"sha1":"A6:D2:A4:C1:9C:FF:E8:4A:C2:A7:58:7A:3B:98:4B:CC:11:C8:FF:1F","sha256":"26:E3:31:B9:C2:C0:30:F6:85:B7:6E:2F:0E:4F:B0:C6:E5:39:D0:1A:8A:86:02:1E:55:68:94:B1:95:F1:4A:A7"}}},"request":{"raw":"GET /match/sape_ex?id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.opendsp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"07fff40b5dd495aca2ac4e1c3fbc60aa","sha1":"e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4","sha256":"a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7","sha512":"49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a","ssdeep":"","tlshash":"55900003caa0800bc2a2c0300a080320ab80a23002080b0e80ac32a8ec2a2a20c00000","first_seen":"2023-04-05T13:33:10Z","last_seen":"2026-04-25T16:16:46.645196Z","times_seen":33956,"resource_available":true,"data":null}},"time_used":977,"timings":{"blocked":192,"dns":0,"connect":40,"send":0,"wait":40,"receive":0,"ssl":703},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.pxltag.com/rsync?platform_id=aed2070256c34c4c8098476a32bf5b32\u0026sync_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D337%26euid%3D%7Binner_id%7D","fqdn":"cm.pxltag.com","domain":"pxltag.com","tld":"com"},"ip":{"addr":"87.228.57.56","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pxltag.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:13:44 GMT","end":"Tue, 10 Mar 2026 06:13:43 GMT"},"fingerprint":{"sha1":"E4:D2:DA:16:48:1F:14:8A:3B:A2:4F:3C:9D:D6:D9:1C:49:B3:5A:0D","sha256":"A5:05:F3:6D:C3:71:05:C2:64:63:4F:3B:F6:68:00:58:3E:45:9B:8A:A8:18:B8:F8:1A:9D:AC:CC:FC:DB:1F:2F"}}},"request":{"raw":"GET /rsync?platform_id=aed2070256c34c4c8098476a32bf5b32\u0026sync_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D337%26euid%3D%7Binner_id%7D HTTP/1.1\r\nHost: cm.pxltag.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.20.1\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nlocation: https://acint.net/match?dp=337\u0026euid=4OJzIshiU\r\nset-cookie: smi_uid=4OJzIshiU; max-age=31536000; domain=.pxltag.com; path=/; HttpOnly; secure; SameSite=None\r\nstrict-transport-security: max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":243,"dns":0,"connect":54,"send":0,"wait":100,"receive":0,"ssl":362},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/rmatch?dp=126\u0026euid=542264ae-da49-453c-6c49-8b489ceccfad\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=126\u0026euid=542264ae-da49-453c-6c49-8b489ceccfad\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126\u0026dp=14\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nset-cookie: cSyncDp14v4=1766263763; expires=Mon, 19-Jan-26 20:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":353,"dns":0,"connect":28,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/match?dp=433\u0026euid=eba3fe0d-1857-43b4-8ede-fbe35cab9111","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=433\u0026euid=eba3fe0d-1857-43b4-8ede-fbe35cab9111 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pymnts.com/wp-content/uploads/2023/06/PayPal.jpg","fqdn":"www.pymnts.com","domain":"pymnts.com","tld":"com"},"ip":{"addr":"192.0.66.138","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pymnts.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 11 Nov 2025 17:51:26 GMT","end":"Mon, 09 Feb 2026 17:51:25 GMT"},"fingerprint":{"sha1":"16:5B:DF:95:DF:73:F2:25:56:0A:71:9A:60:BE:CB:64:45:B8:F5:8D","sha256":"70:EF:3F:DF:58:10:EB:76:CC:4D:83:17:15:2F:96:83:47:65:B4:2C:BB:C9:77:4A:6B:19:33:B4:57:2B:62:3F"}}},"request":{"raw":"GET /wp-content/uploads/2023/06/PayPal.jpg HTTP/1.1\r\nHost: www.pymnts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: image/webp\r\ncontent-length: 848974\r\nlast-modified: Sat, 20 Dec 2025 20:49:22 GMT\r\netag: \"cf50a67a7d01c47f\"\r\nvary: Accept\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nx-rq: arn2\r\nx-cache: MISS\r\naccept-ranges: bytes, bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":848974,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a9fef59585094f5b7de30685d65b9314","sha1":"ccb0b89ecd7ff09f7a34c1f7ea716d44bb0974d0","sha256":"8668885a40289a2c0a02978a41e764022e857382e141f42ae95ba6c28f9a9d95","sha512":"cbbcfd41c0104f8e5369c9ddea38e92ba7e51aa20ac8518b721f63f9ce0949402238a69e98898f539895d65ab8b066d3b9cdfa8bd8fa636f742d9de244bac0c1","ssdeep":"24576:ZSdbiRoTI5pgI9mDrBYZz0Ug1ioyRkj6sg+8n:CbZTuiI9EVYl0Ud1a6sgn","tlshash":"6d052363306fb21a5bafa2592d272d3c9e9035d06875943d37b4ebe8f8374a064943cd","first_seen":"2025-12-20T20:50:01.564843Z","last_seen":"2025-12-20T20:50:01.564843Z","times_seen":1,"resource_available":false,"data":null}},"time_used":799,"timings":{"blocked":35,"dns":24,"connect":8,"send":0,"wait":651,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"match.new-programmatic.com/userbind?src=sape\u0026id=0200007FD20B47692E05F30F02C49031","fqdn":"match.new-programmatic.com","domain":"new-programmatic.com","tld":"com"},"ip":{"addr":"217.65.2.150","port":443,"asn":3175,"as":"Citytelecom LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"admanager.geniusgroup.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Dec 2025 09:13:46 GMT","end":"Tue, 03 Mar 2026 09:13:45 GMT"},"fingerprint":{"sha1":"8E:DB:65:4E:B4:C0:6B:8E:F4:21:46:D2:07:19:4B:66:31:CA:47:14","sha256":"B3:2D:0D:52:14:DE:FA:E7:6C:F7:2E:51:97:84:95:E1:45:E6:C5:A5:8F:60:9A:B5:00:B9:83:59:83:32:89:8B"}}},"request":{"raw":"GET /userbind?src=sape\u0026id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: match.new-programmatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.22.1\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":698,"timings":{"blocked":10,"dns":0,"connect":287,"send":0,"wait":36,"receive":0,"ssl":365},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/match?dp=394\u0026euid=996abbbf-37fd-4071-b860-ac1f42ffb9ef","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=394\u0026euid=996abbbf-37fd-4071-b860-ac1f42ffb9ef HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/owl.carousel.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/owl.carousel.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 471\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eobY1VRtG0OJ3Zm9FLQI3ozhC1V%2FRrhhEY48PbfOAV395fR8VLEbJyN54ktVHhv1wXHz7LHVZiNJcTL%2FYR4QychEAyCZMMFesjKLsD12\"}]}\r\ncf-ray: 9b120181992849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1543,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"c01cb063daa1dd1f8aa6c5e6314116e7","sha1":"7620d7104d375c36d40b2620ba35f2840c594cbd","sha256":"0e180e2cf5cf8e21c295e53c3a91a4e98441e57b0527995543a68ca4b4058df1","sha512":"1da5b4399533e05856a8dc5b78733fe887c9ad8eba5827e7e6a0d946a06cadd454dd7e3cd7d1506b04baa2b50b2aab8425554ca058ef033cca0aa993399b8d5b","ssdeep":"","tlshash":"d031ace41231218d12668b6947fee7284c3dd0519d03104f3a4f2e0a47cfe6d651f75b","first_seen":"2023-05-12T05:52:18Z","last_seen":"2026-04-25T13:58:42.022978Z","times_seen":645,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/custom.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/custom.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1123\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9A%2FVgytfDypprS6fZZLATrkT13Xw78zDll60QUkEI%2BvEsq2r36hCclF3e%2B7kgwojk93Gid56v6inYPlkOeMeWNuTG33miW%2BPjvTNP%2FIB\"}]}\r\ncf-ray: 9b120181d9c349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4628,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"c9927fcc6ab564e4096c3030c7d4bf11","sha1":"9c34a1822622fa3c3ae5b64d0eaa032deb1273df","sha256":"5d0cd204b110ecef8a535543689de8a36fc7a9ad495f9d6d31c9e2cd5f4bd9bb","sha512":"62d268de919f54f6f4e9629f028c187377a4eb04b3b7b6bdd9b5326ba1c1bc221ae6389f66cb5b377e6ca3f1a285c5ffa2195c6c592e22fe2a346dac2c19eb15","ssdeep":"96:J3iF2hboerilmeulEeWEen4I7V13FZhnwTO3/r1AJt:J3+2hboerymeyEeWEeVVjZhnwTOj1Wt","tlshash":"30a1e25b70182476497b2b7eea777300fd76090fa001a406b8ff46d11f7275957a3e98","first_seen":"2024-08-01T02:43:02Z","last_seen":"2026-04-25T13:58:42.025368Z","times_seen":466,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kimberlite.io/rtb/sync/sape2?u=0200007FD20B47692E05F30F02C49031","fqdn":"kimberlite.io","domain":"kimberlite.io","tld":"io"},"ip":{"addr":"37.0.127.86","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kimberlite.io","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 03 Mar 2025 10:28:30 GMT","end":"Sat, 04 Apr 2026 10:28:29 GMT"},"fingerprint":{"sha1":"D5:F7:CA:61:DC:40:4D:B7:43:BC:F1:6F:13:3A:45:A0:D0:53:09:FA","sha256":"BD:79:98:BE:D4:24:4A:51:5B:6D:A8:A1:58:2B:4E:1D:6B:90:66:40:1F:2C:E3:4A:C4:9F:7E:A3:A2:F6:79:12"}}},"request":{"raw":"GET /rtb/sync/sape2?u=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: kimberlite.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\ncache-control: no-store\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\nlocation: /rtb/sync/sape2?u=0200007FD20B47692E05F30F02C49031\u0026rc=1\r\nset-cookie: u=aUcL0-_m5sY~SvYtaLFXeqxUrIRIpU9gY8DcT7k; path=/; max-age=7776000; samesite=none; httponly; secure\r\nreferrer-policy: no-referrer\r\nserver-timing: app;srv=s3a;dur=0.0002\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":728,"timings":{"blocked":109,"dns":2,"connect":69,"send":0,"wait":107,"receive":0,"ssl":441},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimberlite.io/rtb/sync/sape2?u=0200007FD20B47692E05F30F02C49031\u0026rc=1","fqdn":"kimberlite.io","domain":"kimberlite.io","tld":"io"},"ip":{"addr":"37.0.127.86","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kimberlite.io","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 03 Mar 2025 10:28:30 GMT","end":"Sat, 04 Apr 2026 10:28:29 GMT"},"fingerprint":{"sha1":"D5:F7:CA:61:DC:40:4D:B7:43:BC:F1:6F:13:3A:45:A0:D0:53:09:FA","sha256":"BD:79:98:BE:D4:24:4A:51:5B:6D:A8:A1:58:2B:4E:1D:6B:90:66:40:1F:2C:E3:4A:C4:9F:7E:A3:A2:F6:79:12"}}},"request":{"raw":"GET /rtb/sync/sape2?u=0200007FD20B47692E05F30F02C49031\u0026rc=1 HTTP/1.1\r\nHost: kimberlite.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: u=aUcL0-_m5sY~SvYtaLFXeqxUrIRIpU9gY8DcT7k\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\ncache-control: no-store\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\nset-cookie: u=aUcL0-_m5sY~SvYtaLFXeqxUrIRIpU9gY8DcT7k; path=/; max-age=7776000; samesite=none; httponly; secure\nda=UX4CYAAAAAE; path=/rtb; max-age=604800; samesite=none; httponly; secure\r\nlocation: https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Frmatch%253Fdp%253D243%2526euid%253DaUcL0-_m5sY%2526r%253Dhttps%25253A%25252F%25252Facint.net%25252Fcmatch%25253Fdp%25253D243%26n%3D1\r\nreferrer-policy: no-referrer\r\nserver-timing: app;srv=s13;dur=0.0007\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acint.net/rmatch?dp=368\u0026euid=NT_2_0200007FD20B47692E05F30F02C49031_2024909618263469_nqYvrT\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368","fqdn":"acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=368\u0026euid=NT_2_0200007FD20B47692E05F30F02C49031_2024909618263469_nqYvrT\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368 HTTP/1.1\r\nHost: acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://mc.acint.net/cmatch?dp=368\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fbid.sspnet.tech%2Fsync%2Freverse%3Fdsp_slug%3Dbuzzoola%26dsp_user_id%3D%24%7BUUID%7D%26sync_id%3D06c93b63-4fac-4a42-b2a6-6f632ecdf2e6","fqdn":"exchange.buzzoola.com","domain":"buzzoola.com","tld":"com"},"ip":{"addr":"176.114.74.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzoola.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 06:11:29 GMT","end":"Mon, 09 Mar 2026 06:11:28 GMT"},"fingerprint":{"sha1":"6D:1A:28:D1:AB:8D:18:D1:38:1A:55:28:34:A1:03:2A:BC:7A:1C:5A","sha256":"AB:C0:F2:6B:07:6C:D6:89:63:34:97:78:29:CD:C6:D1:2A:75:3D:C0:7C:E0:05:94:11:71:82:6B:67:8C:2D:36"}}},"request":{"raw":"GET /cookiesync/redirect?redirect_url=https%3A%2F%2Fbid.sspnet.tech%2Fsync%2Freverse%3Fdsp_slug%3Dbuzzoola%26dsp_user_id%3D%24%7BUUID%7D%26sync_id%3D06c93b63-4fac-4a42-b2a6-6f632ecdf2e6 HTTP/1.1\r\nHost: exchange.buzzoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uuid=542264ae-da49-453c-6c49-8b489ceccfad\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 179\r\nlocation: https://bid.sspnet.tech/sync/reverse?dsp_slug=buzzoola\u0026dsp_user_id=542264ae-da49-453c-6c49-8b489ceccfad\u0026sync_id=06c93b63-4fac-4a42-b2a6-6f632ecdf2e6\r\nset-cookie: uuid=542264ae-da49-453c-6c49-8b489ceccfad; Path=/; Domain=buzzoola.com; Expires=Mon, 19 Jan 2026 20:49:23 GMT; Max-Age=2592000; Secure; SameSite=None\r\nserverid: TODO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1026--d98dcc7a-51eb-4916-a95e-2482bcecb560.stbid.ru/?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd","fqdn":"1026--d98dcc7a-51eb-4916-a95e-2482bcecb560.stbid.ru","domain":"stbid.ru","tld":"ru"},"ip":{"addr":"185.115.93.194","port":443,"asn":42881,"as":"Sc Itns.net Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:24.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.stbid.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 09:20:40 GMT","end":"Sun, 24 May 2026 09:20:39 GMT"},"fingerprint":{"sha1":"CD:D0:42:9B:03:7A:27:A9:42:E1:4D:28:F3:FC:EA:D1:AC:D7:13:7E","sha256":"17:48:80:43:30:8B:5E:01:B8:65:DF:1B:22:DC:DB:13:D8:6B:DF:48:78:50:08:AB:69:B1:90:41:E5:62:3E:C4"}}},"request":{"raw":"GET /?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd HTTP/1.1\r\nHost: 1026--d98dcc7a-51eb-4916-a95e-2482bcecb560.stbid.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Angie/1.10.3\r\nDate: Sat, 20 Dec 2025 20:49:24 GMT\r\nContent-Length: 0\r\nConnection: close\r\nLocation: https://sync.upravel.com/image?source=pbd\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Angie:1.10.3","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":534,"timings":{"blocked":252,"dns":126,"connect":30,"send":0,"wait":30,"receive":0,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/match?dp=385\u0026euid=65d5445491165d493051f","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=385\u0026euid=65d5445491165d493051f HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/sape/sync","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /sape/sync HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nlocation: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=\r\nset-cookie: session_tptc=1766263763714;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180\nsession_tptc-legacy=1766263763714;Version=1;Domain=.upravel.com;Path=/;Max-Age=180\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":1571,"timings":{"blocked":696,"dns":6,"connect":305,"send":0,"wait":163,"receive":0,"ssl":400},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"match.ohmy.bid/cm?ssp=sape\u0026redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D","fqdn":"match.ohmy.bid","domain":"ohmy.bid","tld":"bid"},"ip":{"addr":"37.0.127.208","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ohmy.bid","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 15:45:39 GMT","end":"Sat, 03 Jan 2026 15:45:38 GMT"},"fingerprint":{"sha1":"EF:A2:21:7D:62:B9:E9:0F:EE:11:F0:38:1C:D6:7A:E7:53:65:15:8D","sha256":"45:80:3D:62:8B:EC:78:D5:D1:84:F8:93:1B:E2:FF:CE:65:BC:36:20:3B:B4:48:50:BD:29:09:74:68:5A:BA:B8"}}},"request":{"raw":"GET /cm?ssp=sape\u0026redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1\r\nHost: match.ohmy.bid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nBidder: bid-06 1.2245.f77a67ed\r\nLocation: https://mc.acint.net/match?dp=217\u0026euid=8afad06b-1952-460d-9ec2-dbfbef1d08a2\r\nSet-Cookie: uid=8afad06b-1952-460d-9ec2-dbfbef1d08a2.69470bd3.5a78f2342cc98763; domain=.ohmy.bid; path=/; expires=Mon, 19-Jan-2026 20:49:23 GMT; SameSite=None; Secure;\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":608,"timings":{"blocked":70,"dns":1,"connect":68,"send":0,"wait":67,"receive":0,"ssl":401},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.dmp.otm-r.com/match/sape?id=0200007FD20B47692E05F30F02C49031\u0026otcm_check=1766263763","fqdn":"sync.dmp.otm-r.com","domain":"otm-r.com","tld":"com"},"ip":{"addr":"194.55.244.180","port":443,"asn":34959,"as":"Kviktel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sync.dmp.otm-r.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 06:06:37 GMT","end":"Tue, 10 Mar 2026 06:06:36 GMT"},"fingerprint":{"sha1":"C0:50:09:84:7A:D9:92:52:FE:BD:EA:94:B3:65:D6:83:2C:B3:52:8A","sha256":"6A:F5:31:88:A3:2A:6E:A1:F0:48:DA:7C:7D:A2:DD:EF:82:C2:71:12:9E:54:D7:9E:4F:C0:88:FA:C6:F9:E3:B3"}}},"request":{"raw":"GET /match/sape?id=0200007FD20B47692E05F30F02C49031\u0026otcm_check=1766263763 HTTP/1.1\r\nHost: sync.dmp.otm-r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mpid=Njk0NzBiZDMwNDAzYThjNQ==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.27.4\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\nlocation: https://www.acint.net/match?dp=68\u0026euid=Njk0NzBiZDMwNDAzYThjNQ%3D%3D\r\nset-cookie: mpid=Njk0NzBiZDMwNDAzYThjNQ==; max-age=31536000; domain=otm-r.com; path=/; secure; SameSite=None; Partitioned\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.27.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/match?dp=217\u0026euid=8afad06b-1952-460d-9ec2-dbfbef1d08a2","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=217\u0026euid=8afad06b-1952-460d-9ec2-dbfbef1d08a2 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/css/dist/block-library/style.min.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 14921\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Wed, 03 Dec 2025 13:21:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QPNjB6jbuDlqFj7pgtHw8OZ2QZTSfpPRsz1hbRRqSThFn%2FDtC7B8%2FEa6Z5FgLHzfiQcb92FJgL61K1JpONapeIGtmT%2BJtrL6YfzevuR2\"}]}\r\ncf-ray: 9b120181991c49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":119695,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55871)","md5":"693359d40ab420bb23aa1b4be239f162","sha1":"67719855e95b9befb5e16556455ea78f3b9d7d92","sha256":"b4cd2f5507698b3ebd388e2d1ed31bef9c5704a171ccd53720c27c66df2510c7","sha512":"3ea55e5e2d2cfa21f66701e322928f3199042b8d3eef8f611cae1ee5d931903fb69d39b5cbb72f493e84f477b56f44fb24badc73f2c298785a9f29eb72b6d8a5","ssdeep":"3072:SoeJBCCUQg5MG7x+qehvX02dclkWwbFpPu:mfUQg5MG7x+qehvX02dclkWiF0","tlshash":"7ec3621417b4dcf935ffa73a5e4ee258a107aa41c68a67e6e066d190718ca490cf3f0f","first_seen":"2025-12-02T22:14:51.412485Z","last_seen":"2026-04-25T13:10:33.099328Z","times_seen":20959,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"media.glamour.com/photos/6685506f17e6fd3b184d0150/16:9/w_1280,c_limit/7.1_GL_lede-for-fourth-of-july-story.4.jpg","fqdn":"media.glamour.com","domain":"glamour.com","tld":"com"},"ip":{"addr":"3.167.227.87","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vulcan.conde.digital","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 25 Sep 2025 00:00:00 GMT","end":"Sat, 24 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:1A:94:44:7C:C0:2E:53:2E:F9:9B:E1:0C:70:7B:57:57:9A:07:06","sha256":"A8:40:03:39:F5:0F:11:C1:CF:5E:D3:20:DA:72:B5:36:BF:75:F2:1E:DF:C9:79:DF:C2:21:39:9F:1C:D7:79:D1"}}},"request":{"raw":"GET /photos/6685506f17e6fd3b184d0150/16:9/w_1280,c_limit/7.1_GL_lede-for-fourth-of-july-story.4.jpg HTTP/1.1\r\nHost: media.glamour.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 139968\r\ndate: Fri, 19 Dec 2025 13:03:02 GMT\r\nlast-modified: Fri, 14 Mar 2025 17:23:19 GMT\r\netag: \"f49578e276cb6a0122684cb0bf87842d\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: fBhX23hYKsVDdBeYNCt0Vm7oDuelqgki\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncache-control: public, max-age=3600, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=300\r\nvia: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront), 1.1 4f9278fb12fe51f34089ffab835bdc00.cloudfront.net (CloudFront)\r\nexperience: Spectra (Vulcan)\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: FRA56-P2, FRA60-P11\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: zQumExDFNaMPLjSp6cK_ToBXukai1Y3lMAAqR5qNzOeLHBqmvypanw==\r\nage: 114381\r\nserver-timing: cdn-cache-hit,cdn-pop;desc=\"FRA60-P11\",cdn-rid;desc=\"zQumExDFNaMPLjSp6cK_ToBXukai1Y3lMAAqR5qNzOeLHBqmvypanw==\",cdn-hit-layer;desc=\"REC\",cdn-downstream-fbl;dur=5\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":139968,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f49578e276cb6a0122684cb0bf87842d","sha1":"eb5db7e430ef9e5a453633008779671f94cd853b","sha256":"abb0ecb04f81bf02c947cdd66d09a128b16b3ac32c4c7904fc38f567eb74635b","sha512":"e5b0655a65049b37970b7681ec7cff1e2b7a070fcb307c878e09b7a47e2d6df705eb65c7d992e8ba0f7a9c5da8dcce9fcb9a0ca0f44173f9ff2afd90691f0784","ssdeep":"3072:o/t6eaA/X+QDPzGqjNub9uQm8+Qbzoxk5DsSexPMovGAAU4KWXDDr:46eaAPHDPaqZu0QkOK9tafD3","tlshash":"37d312227489437b57d28c8fdb2f196f3c8ddad94ded31be5112424301ab79848ec7a5","first_seen":"2025-12-20T20:50:01.581722Z","last_seen":"2025-12-20T20:50:01.581722Z","times_seen":1,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":64,"dns":0,"connect":20,"send":0,"wait":28,"receive":44,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.3","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.3 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4008\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 24 Nov 2025 00:30:01 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bD46V31Q4kxNn%2FRtQ%2FLcYkSsF%2FmKk3gmWW4AsQQV%2BBcJPIzab8E%2BRAwwro4wZIzYCiKGnHjuTNfRhO%2FtDvhjCot8PSiFQj4JDB7ekno1\"}]}\r\ncf-ray: 9b120181d9bf49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":13452,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (13452), with no line terminators","md5":"2912c657d0592cc532dff73d0d2ce7bb","sha1":"70a679e2769825236f83bcc56965a9d0bd86c4e9","sha256":"ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0","sha512":"9646384e65d09bf00cb20365f43e06dd41e7428e3fc6cc2737f4e69b50f006ebb25bd24a566fcd9faec2f0dcb24404e25d57ba7b8c6aba61797a29c515ad5144","ssdeep":"384:IsIRHeFJ1yQ7QdfnJgeYh7MXlsNqrBp1pgQpwOjNtqohIQ/5Z:IsIR+L1yQ7QdpYh7M1iqrBp1pgQpwOjn","tlshash":"0a52d7a1472955321eb506e391e513c1769075aef44b8aa1a898dc2e18bdcc328f3ff7","first_seen":"2024-11-04T17:50:00.022634Z","last_seen":"2026-04-25T15:56:53.135456Z","times_seen":169003,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"media.cnn.com/api/v1/images/stellar/prod/gettyimages-1238670231.jpg?c=16x9\u0026q=w_800,c_fill","fqdn":"media.cnn.com","domain":"cnn.com","tld":"com"},"ip":{"addr":"199.232.175.5","port":443,"asn":54113,"as":"FASTLY","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cnn.com","organization":"Warner Bros. Discovery, Inc."},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 14:21:02 GMT","end":"Sat, 04 Jul 2026 14:21:01 GMT"},"fingerprint":{"sha1":"D1:C5:B0:F4:00:75:06:AD:09:7C:E2:0F:31:09:74:5C:6D:B4:BF:F0","sha256":"AE:F9:14:4C:2C:95:E8:1F:36:43:C7:A5:06:4C:EC:85:E4:A8:85:DA:A9:9F:CC:50:92:BA:92:DC:53:BF:95:E4"}}},"request":{"raw":"GET /api/v1/images/stellar/prod/gettyimages-1238670231.jpg?c=16x9\u0026q=w_800,c_fill HTTP/1.1\r\nHost: media.cnn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\naccess-control-allow-origin: *\r\nlast-modified: Thu, 20 Jun 2024 17:51:42 GMT\r\nx-content-hub-dam: build-env=prod; unique-deployment-key=dam0008; build-version=v6.6.0; build-commit-hash=4e7d6eae500a36a0248b3de2fa1a156ca7302384\r\ncontent-type: image/jpeg\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\nage: 107768\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\nset-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure\nstateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure\ngeoData=oslo|03|0151|NO|EU|100|broadband|59.910|10.740; Domain=.cnn.com; Path=/; SameSite=None; Secure\r\nx-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kjyo7100108-IAD, cache-bma-essb1270034-BMA\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 271, 0\r\nx-timer: S1766263763.716149,VS0,VE1\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 33037\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":33037,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x450, components 3","md5":"a69b5faab564dfc2007a731eb181ba87","sha1":"d191a5627c7dfe3b18ca43f718d5fa4620748d13","sha256":"4b8af1c308d089a7ae028d3c296fa936b07cfe977ea718727a48a89fac091822","sha512":"fdded193c72227d06cdd8dd0200ec469441b9e320709d965b741cfca45b398e57422a885a46eba6a472d77d810fc1163093b280c70d92b5672ce3873a598d9c2","ssdeep":"768:P1uD3isokp/C3Rqp3darhhncUnvdEYuoB0E:cDS2Qgon1dDuoBZ","tlshash":"14e2f11a46dec723e9a0c2301bde699d45a5b8c9f0ceb706d91b4f02defd8cdba02015","first_seen":"2025-12-20T20:50:01.585022Z","last_seen":"2025-12-20T20:50:01.585022Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":27,"dns":2,"connect":9,"send":0,"wait":11,"receive":4,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dm-eu.hybrid.ai/match?id=106\u0026vid=0200007FD20B47692E05F30F02C49031","fqdn":"dm-eu.hybrid.ai","domain":"hybrid.ai","tld":"ai"},"ip":{"addr":"37.230.131.21","port":443,"asn":200197,"as":"Hybrid Adtech Sp.z.o.o.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.hybrid.ai","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 22 Sep 2025 00:00:00 GMT","end":"Sun, 04 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:21:9E:FA:EF:FF:FF:F2:8D:68:A8:F9:EB:ED:53:32:CC:17:9B:ED","sha256":"C9:20:9A:53:1E:FA:35:C7:29:64:1F:C3:7B:1E:34:73:C8:15:87:43:EA:35:06:B8:8D:86:E5:11:19:2A:60:FC"}}},"request":{"raw":"GET /match?id=106\u0026vid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: dm-eu.hybrid.ai\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\nexpires: -1\r\np3p: CP=\"NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC\"\r\nx-mode: 5035\r\nx-xss-protection: 1; mode=block\r\naccess-control-allow-origin: https://www.acint.net\r\naccess-control-allow-credentials: true\r\nserver: Hybrid Web Server\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":61,"dns":3,"connect":23,"send":0,"wait":27,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/cmatch?dp=126","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /cmatch?dp=126 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://match.qtarget.tech/userbind?src=sape\u0026id=0200007FD20B47692E05F30F02C49031\r\nset-cookie: cSyncDp241v2=1766263763; expires=Mon, 19-Jan-26 20:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/font-awesome/css/v4-shims.min.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 3949\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mk7gRNjraUtO3aXa6hDOf38RyN2Bm1r7ClZCPAmqyqy9roAPfJ8bH9Y7V8qqSblsUnrtlpkqTFT2%2Fq5YrKPOlwoqWQqJMWBRvSg3b6TS\"}]}\r\ncf-ray: 9b120181992749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":26626,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26440)","md5":"dbda9a989c9cef25c74b01808983aa5e","sha1":"fbd55b7df70b9d822e5d237e6d99f98b1ba663f1","sha256":"43c76c55901666edc020c33b12756390a7d723063c0bfe58899776b2db4d85da","sha512":"19b3636cbe2970e3a5a98a51c2e85354fd735d924669fba756ab3738383eaf21c3729a6fd061865eb218cb92b83b3fa784c8c25c6a93ef8bf858ac3e0b4e44b2","ssdeep":"192:jP6RT1bwl4w0QUmQ10PwKiAu5CwWavpHo4O6wgLPbJVR8XD7myNtQ:WR+l4w0QK+PwK45eavpmgPPeXD7my7Q","tlshash":"7ec20665930c60d3a3eef847ba0172a8277577999a864c54f30b7c9c8dc3a5772e8f18","first_seen":"2023-04-06T02:16:24Z","last_seen":"2026-04-25T13:58:42.007872Z","times_seen":1016,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/plugins/wp-forms-puzzle-captcha/assets/js/wfpc-custom-script.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/plugins/wp-forms-puzzle-captcha/assets/js/wfpc-custom-script.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 317\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 06 Jun 2024 01:22:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=csW4m4i%2Fk6mq1Qfr%2FGEcV4JAIMJ363QTK5S8eQQCPlmVt7SRr%2B5g3tfmd3btosKWkwPWF%2BHmToD2AAhPhbFn%2FLK%2BPlcrj0djZFxjviQH\"}]}\r\ncf-ray: 9b120181d9c249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":926,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"a927aa0311b0e2650712a2fbc85f4e34","sha1":"bc646bb7b86df06a7fff8df5dcda1d1e3625c961","sha256":"5a3b85557777420cb52ef0c5e68d29657d9ea3c0c75a5bdad8268161a1c45e5e","sha512":"6db9d3fb5c5140a8446f4c2c1e1fb37dfde9fba83168d3de3e8c10c8a557a2fb855191202877a46fa162f6e0b88b55450c07e44c549aec3cf308b9e064d93aaf","ssdeep":"","tlshash":"94116668f12519e889b310a1b4b6ab58f845e925f20a5754f18f507e5f7c9e07201eb8","first_seen":"2023-03-07T13:20:53Z","last_seen":"2026-04-25T13:12:03.845309Z","times_seen":54,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/gpmdata/sync","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:24.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /gpmdata/sync HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: session_tptc=1766263763714; user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\ncontent-length: 0\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\nset-cookie: user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\nuser_id-legacy=d98dcc7a-51eb-4916-a95e-2482bcecb560;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\r\nlocation: https://tms.gpmdata.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da\u0026dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693\u0026dsp_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026ru=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dgpmdata\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/rmatch?dp=95\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95\u0026euid=SZHPEBUM","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:25.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=95\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95\u0026euid=SZHPEBUM HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://mc.acint.net/cmatch?dp=95\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 21986\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UTk0is1Bv1773aVS6HlJnWCNOiboqDGWCgoaL1X6dv5BxjLqdvBf64k77dey6j2so91QOMaye9EyHIGlwQZFQWROVn7M9TZHaA9ZojSw\"}]}\r\ncf-ray: 9b120181992649c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":102644,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52275)","md5":"54bda10c870e2609f7eb7febeb110e9c","sha1":"1bc517fc609893a7979038aedf89262494c63464","sha256":"3548d37f54914ba085e8616975e91b0f37e856736c530ba9833e8921e2aa88b4","sha512":"7e3f58c716fc1cedc5d4dd51139b75f49aebeccb5ae9188d7d671118daff5e0a1f58ea0f2c913409d75b1f67eef8caea28840eb3bbc9141162bb4f9c7daa5fe6","ssdeep":"1536:iUMCMPMCMjMCM4MCMwMCM3sVMx709gbPMfjSFOTyPG9hpgSLCJ:8709gMGFiyPG9hiSLCJ","tlshash":"7da3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-12-19T08:37:24Z","last_seen":"2026-04-25T13:58:42.018853Z","times_seen":720,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.kff.org/wp-content/uploads/sites/7/2025/07/vFJTA-two-thirds-of-adults-say-they-are-worried-about-being-able-to-afford-the-cost-of-health-care-unexpected-medical-bills.png","fqdn":"www.kff.org","domain":"kff.org","tld":"org"},"ip":{"addr":"192.0.66.210","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"embeds.develop.kff.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Dec 2025 06:22:19 GMT","end":"Thu, 05 Mar 2026 06:22:18 GMT"},"fingerprint":{"sha1":"E9:F1:33:9C:D9:5A:46:72:E0:06:4A:79:30:91:05:F8:55:07:A2:60","sha256":"56:4C:EC:5B:A8:11:E9:AB:3A:9D:21:9A:3F:63:78:50:84:BF:BF:F2:4A:6B:AF:48:DA:4D:74:F0:ED:E2:44:54"}}},"request":{"raw":"GET /wp-content/uploads/sites/7/2025/07/vFJTA-two-thirds-of-adults-say-they-are-worried-about-being-able-to-afford-the-cost-of-health-care-unexpected-medical-bills.png HTTP/1.1\r\nHost: www.kff.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: image/webp\r\ncontent-length: 66264\r\nlast-modified: Sat, 20 Dec 2025 20:49:22 GMT\r\netag: \"956aab34b063cfbb\"\r\nx-bytes-saved: 162349\r\nvary: Accept\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nx-rq: arn2\r\nx-cache: MISS\r\naccept-ranges: bytes, bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66264,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8d1d072c23a44cb95a5c8f73da3b147f","sha1":"51d706ceaca92967d9eb0d66749bdafe15a567c1","sha256":"a58c8f64143f39440b6ff72cc36402d6700d18394a325ba3458fa1a8992925db","sha512":"873e392e64d44241fbd0a3c8210fbb0882f38bdce5d2e450cb0ab326de2cbe82efc2fdc5da1e4350383b99732f9aa893ba016fa3e109fec1417ced91da067848","ssdeep":"1536:evOxJ0SRYQE+Wql3cUeA7h7aDShtWzFqwbL71Sv37:iiJ0OYQNMr8h7aDtht/w37","tlshash":"ad53f25648bd5675d413b07839dabfec12b01bb8200875b2113d529fe3368ddb6ec2e2","first_seen":"2025-12-20T20:50:01.587873Z","last_seen":"2025-12-20T20:50:01.587873Z","times_seen":1,"resource_available":false,"data":null}},"time_used":357,"timings":{"blocked":63,"dns":58,"connect":8,"send":0,"wait":195,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"5d47878c-dde5-11f0-b60c-002590c82436.n4.sync.bumlam.com/?src=sape","fqdn":"5d47878c-dde5-11f0-b60c-002590c82436.n4.sync.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"185.115.93.199","port":443,"asn":42881,"as":"Sc Itns.net Srl","country":"Moldova","country_code":"MD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.n0.sync.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 08 Nov 2025 16:52:42 GMT","end":"Fri, 06 Feb 2026 16:52:41 GMT"},"fingerprint":{"sha1":"D6:13:3A:3E:71:02:DF:C5:96:43:AD:36:A2:BA:99:EC:85:72:1B:47","sha256":"AB:C7:4E:DF:6B:02:15:86:BE:BB:3C:DE:16:88:C1:CE:99:3D:4E:DB:4E:7F:19:6E:C7:9B:85:6F:52:4E:74:D5"}}},"request":{"raw":"GET /?src=sape HTTP/1.1\r\nHost: 5d47878c-dde5-11f0-b60c-002590c82436.n4.sync.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Angie/1.10.3\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: close\r\nLocation: https://pix.bumlam.com/sync/sape/done\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\r\nPragma: no-cache\r\nExpires: 0\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie:1.10.3","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":243,"dns":103,"connect":35,"send":0,"wait":38,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/cmatch?dp=368","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /cmatch?dp=368 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pix.bumlam.com/sync/sape/done","fqdn":"pix.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"31.172.81.4","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 15:01:44 GMT","end":"Thu, 19 Mar 2026 15:01:43 GMT"},"fingerprint":{"sha1":"73:09:47:20:FC:A8:0D:DC:79:F0:08:58:30:EF:F6:AE:72:A0:E1:0B","sha256":"73:92:7B:67:F8:0C:85:9F:42:64:89:B1:B4:BA:C5:BB:D0:C1:72:38:91:59:BA:0B:54:55:C0:4E:84:7F:12:34"}}},"request":{"raw":"GET /sync/sape/done HTTP/1.1\r\nHost: pix.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 43\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.acint.net\r\nAccess-Control-Allow-Credentials: true\r\nTiming-Allow-Origin: *\r\nCross-Origin-Resource-Policy: cross-origin\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, proxy-revalidate, s-maxage=0\r\nPragma: no-cache\r\nExpires: 05-Jun-2005 22:00:00 GMT\r\nX-Xss-Protection: 0\r\nP3P: policyref=\"https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml\", CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D","fqdn":"ssp.bestssp.com","domain":"bestssp.com","tld":"com"},"ip":{"addr":"83.222.96.170","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bestssp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 06:22:36 GMT","end":"Wed, 28 Jan 2026 06:22:35 GMT"},"fingerprint":{"sha1":"95:A8:8C:CC:00:4B:4F:F7:FA:C9:DB:10:E2:5E:90:5F:D2:BE:4F:DE","sha256":"6D:09:43:87:06:3E:CB:12:D7:3E:D4:A3:AA:E3:F9:C3:A4:4C:F9:C2:68:79:63:4A:85:7D:E1:67:41:4D:27:55"}}},"request":{"raw":"GET /sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP/1.1\r\nHost: ssp.bestssp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.22.0\r\ndate: Sat, 20 Dec 2025 20:49:25 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 126\r\nlocation: https://mc.acint.net/rmatch?dp=95\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95\u0026euid=SZHPEBUM\r\nset-cookie: uid=SZHPEBUM; Expires=Tue, 18 Dec 2035 20:49:25 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.22.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":2413,"timings":{"blocked":-1,"dns":1619,"connect":152,"send":0,"wait":163,"receive":0,"ssl":479},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.dsp.solta.io/match/sape?id=0200007FD20B47692E05F30F02C49031","fqdn":"sync.dsp.solta.io","domain":"solta.io","tld":"io"},"ip":{"addr":"217.199.220.73","port":443,"asn":61400,"as":"Start LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dsp.solta.io","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 04 Aug 2025 11:49:51 GMT","end":"Sat, 05 Sep 2026 11:49:50 GMT"},"fingerprint":{"sha1":"47:08:04:35:5D:1F:29:FE:9D:B8:04:FB:41:AA:98:1C:B3:95:76:78","sha256":"F4:28:D6:EC:60:7B:5B:18:1C:90:EA:96:70:90:94:81:60:02:76:08:87:8B:89:2E:6B:35:EB:89:97:42:D1:75"}}},"request":{"raw":"GET /match/sape?id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.dsp.solta.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"07fff40b5dd495aca2ac4e1c3fbc60aa","sha1":"e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4","sha256":"a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7","sha512":"49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a","ssdeep":"","tlshash":"55900003caa0800bc2a2c0300a080320ab80a23002080b0e80ac32a8ec2a2a20c00000","first_seen":"2023-04-05T13:33:10Z","last_seen":"2026-04-25T16:16:46.645196Z","times_seen":33956,"resource_available":true,"data":null}},"time_used":1151,"timings":{"blocked":123,"dns":1,"connect":75,"send":0,"wait":77,"receive":0,"ssl":875},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.adspend.space/check?uid=0200007FD20B47692E05F30F02C49031\u0026ssp=sape","fqdn":"sync.adspend.space","domain":"adspend.space","tld":"space"},"ip":{"addr":"5.189.234.227","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adspend.space","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 12:52:42 GMT","end":"Mon, 26 Jan 2026 12:52:41 GMT"},"fingerprint":{"sha1":"AC:B3:38:66:C2:FC:35:EC:DA:72:49:D5:D9:BF:BD:DF:99:F7:6D:B4","sha256":"30:85:8C:F6:1D:73:6D:12:AE:79:49:D8:B6:3A:64:D8:38:8D:53:42:DC:FA:CD:0E:44:44:C9:0C:E6:4A:08:04"}}},"request":{"raw":"GET /check?uid=0200007FD20B47692E05F30F02C49031\u0026ssp=sape HTTP/1.1\r\nHost: sync.adspend.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: as-user=eea83bd6-fb45-4cb8-83c5-b712f0f6e508\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.26.2\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 232\r\nlocation: https://x01.aidata.io/0.gif?pid=6472613\u0026id=eea83bd6-fb45-4cb8-83c5-b712f0f6e508\u0026dest=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3Deea83bd6-fb45-4cb8-83c5-b712f0f6e508%26r%3D\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.26.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D\u0026dp=14","fqdn":"ssp-rtb.sape.ru","domain":"sape.ru","tld":"ru"},"ip":{"addr":"193.3.184.186","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sape.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 23:36:44 GMT","end":"Sat, 07 Mar 2026 23:36:43 GMT"},"fingerprint":{"sha1":"3D:9F:9C:85:A9:AB:7C:9C:83:0D:C2:B6:55:54:6F:89:BB:7F:7F:EE","sha256":"49:D9:BD:BD:C8:71:CC:CD:39:05:E4:44:2E:9E:54:03:9D:A8:07:B3:9E:E4:4E:FD:7A:38:89:6D:8A:12:EA:15"}}},"request":{"raw":"GET /rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D\u0026dp=14 HTTP/1.1\r\nHost: ssp-rtb.sape.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sspuid=CkIDO2lHC9O21AEXmm/SAqipadzLKrprjsJwb0G/d0hFpbnq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 142\r\nlocation: https://acint.net/match?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/cmatch?dp=261","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /cmatch?dp=261 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.adiam.tech/sync?ssp=29","fqdn":"a.adiam.tech","domain":"adiam.tech","tld":"tech"},"ip":{"addr":"172.67.200.122","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adiam.tech","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Dec 2025 13:36:13 GMT","end":"Sun, 15 Mar 2026 14:33:45 GMT"},"fingerprint":{"sha1":"55:AB:2E:8E:B1:CA:24:0F:FB:1D:DB:46:CE:AE:A3:FF:CA:4D:E6:82","sha256":"CA:59:80:58:08:A8:DA:D0:34:C1:52:5B:95:A0:20:A7:1C:ED:5A:8C:F4:A5:38:BD:39:0F:A6:10:30:AC:76:0A"}}},"request":{"raw":"GET /sync?ssp=29 HTTP/1.1\r\nHost: a.adiam.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: preadiam=1; Expires=Mon, 19 Jan 2026 23:49:23 GMT; Domain=.adiam.tech; SameSite=None; Secure; Path=/\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7IpIL1NyxskBXGdqSSHPfCVIqmcC6m5Ih9bwTElicMmuGDtAhLrLppV0tTw5QGxrJXIYxjh4XUTlitqYI1So0Sq6AQgUlYrDs9Vxcw%3D%3D\"}]}\r\ncf-ray: 9b12018a8c2f5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":304,"dns":0,"connect":4,"send":0,"wait":104,"receive":0,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sp.kombinat.digital/cm?ssp=sape\u0026redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D433%26euid%3D%7Buid%7D","fqdn":"sp.kombinat.digital","domain":"kombinat.digital","tld":"digital"},"ip":{"addr":"77.223.120.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.kombinat.digital","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 10:23:18 GMT","end":"Sun, 01 Mar 2026 10:23:17 GMT"},"fingerprint":{"sha1":"8F:91:B2:43:1C:1F:A6:7C:68:6E:71:E2:4A:D8:77:95:57:07:CE:0C","sha256":"3F:EC:8A:F1:CB:4E:59:7A:CB:F6:B0:F9:54:88:5C:B3:1A:7B:72:38:BF:75:51:79:B2:E6:7D:62:32:10:45:03"}}},"request":{"raw":"GET /cm?ssp=sape\u0026redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D433%26euid%3D%7Buid%7D HTTP/1.1\r\nHost: sp.kombinat.digital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nBidder: bid-01 1.105.a1db8cf\r\nLocation: https://mc.acint.net/match?dp=433\u0026euid=eba3fe0d-1857-43b4-8ede-fbe35cab9111\r\nSet-Cookie: uid=eba3fe0d-1857-43b4-8ede-fbe35cab9111.69470bd3.f79aff9546b87599; domain=.kombinat.digital; path=/; expires=Mon, 19-Jan-2026 20:49:23 GMT; SameSite=None; Secure;\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":718,"timings":{"blocked":401,"dns":0,"connect":26,"send":0,"wait":30,"receive":0,"ssl":261},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.bumlam.com/?src=sape","fqdn":"sync.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"31.172.81.146","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 15:01:44 GMT","end":"Thu, 19 Mar 2026 15:01:43 GMT"},"fingerprint":{"sha1":"73:09:47:20:FC:A8:0D:DC:79:F0:08:58:30:EF:F6:AE:72:A0:E1:0B","sha256":"73:92:7B:67:F8:0C:85:9F:42:64:89:B1:B4:BA:C5:BB:D0:C1:72:38:91:59:BA:0B:54:55:C0:4E:84:7F:12:34"}}},"request":{"raw":"GET /?src=sape HTTP/1.1\r\nHost: sync.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 15 Dec 2045 20:49:23 GMT; Domain=bumlam.com; SameSite=None; Secure\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nLocation: https://pix.bumlam.com/sync/sape/sync_ok?guid=5d47878c-dde5-11f0-b60c-002590c82436\r\nCache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0\r\nAccess-Control-Allow-Origin: https://acint.net\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":356,"dns":0,"connect":20,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acint.net/rmatch?dp=313\u0026euid=NT_2_0200007FD20B47692E05F30F02C49031_2038940579297116_NsiRtK\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313","fqdn":"acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=313\u0026euid=NT_2_0200007FD20B47692E05F30F02C49031_2038940579297116_NsiRtK\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313 HTTP/1.1\r\nHost: acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://mc.acint.net/cmatch?dp=313\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap\u0026subset=latin%2Clatin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap\u0026subset=latin%2Clatin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://levitra-gg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 20 Dec 2025 20:49:22 GMT\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7268,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ec43b037829c8ccb0c07a4b79ea4076b","sha1":"b888c8335dee7298f5bc930d6c25194b52fd3427","sha256":"249ebefb9ab280123055e74813e35caabd456fafd3f2e5675811dbf9b32f336a","sha512":"9499b61cbe712f0c6656e360a33aa0305b32a4b2b9920f9f32fa50257f0bb28ba8662c16282d1d747ddb70190988b2e5bb306a5da1e02fec6095545b96df4e50","ssdeep":"192:qRa7h5OsuyR97uGOXuQRD780ORuhRm71dOAu8:+Sjp+nPeD","tlshash":"e6e1ae51141ae500a7472cc923cf7e26cd4e21667494c476bbfe2ca8ade6c365321b3d","first_seen":"2025-09-05T05:00:14.508888Z","last_seen":"2026-04-25T13:58:42.028587Z","times_seen":534,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":56,"dns":1,"connect":9,"send":0,"wait":21,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/jquery.smartmenus.bootstrap.css?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 915\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b2mbR1lf4%2F5mSs22aWzJWX4QihXhgzLDL9y17yltw6QqzSGwkfR6NeoHEYeaT%2Fdfy%2BJnKW%2B6feAlhu%2BcJfihdB43mSw9mBtj3HOMwusT\"}]}\r\ncf-ray: 9b120181992a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3369,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"830a0e8564ef34e1f8bf998ec9931a95","sha1":"8edc64024e12d2a0a077e4d0f5c1b39c17b5ad51","sha256":"2d63cc4c571351c9a41bd88e5ea38592122c05a20bc49d6931a1cb2fc0172ca4","sha512":"46b3e1287486f35bb5b9052d1e89a217b21271ae3542c67c3ebd71e1a32818688a98d3096f3692ef399393225500c63129a414e1e8b0decb7be2728d9af0e0dc","ssdeep":"","tlshash":"cc6131fc72f0300411b5ba69a5f56684fdcf6134aa0f846bbc63738d96814d12a7ae74","first_seen":"2023-05-12T05:52:18Z","last_seen":"2026-04-25T13:58:42.00334Z","times_seen":667,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2119\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 03 Dec 2025 13:21:23 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YsS3cskcqnFF%2FtEAgPx2%2FQkuRZjA5%2BI8UxB%2FwGeXPH7drwMytyo1jN8Le5mEz6WAaDBnNUprZEM2LgGHRgUGVfPL1naAsLqRyoBC2g2a\"}]}\r\ncf-ray: 9b120181d9bc49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5314,"size_decoded":0,"mime_type":"text/javascript","magic":"data","md5":"3a5838d1182eb0b11f5a58bfe26e2529","sha1":"920b2291e65d62eb55c1958911768540abaff5cf","sha256":"d4efe709c65438ae90dff385486421fea45762880f21fc4e0dca3fa96210f428","sha512":"bc41d50cd2e5c17c75ba737c303f2f498cc94e2c3fe402b2f15c5f10531e53633598093da98579b2dee65733dce0f763d77380ae35a9591d8bf91f975b7c6845","ssdeep":"96:L9emIWL7lnv93ssmAeGejQVnmggoC7arVCG0GXF730IQRDdlZq+SxSD3LmD:8mIWZVszMuinmg3rQ8Xd30DDdlZq+Sx3","tlshash":"2bb157dcb9d57022235121a0597fb409f3357d6470ebb8006ba9c4a47eb15cfb1a2fad","first_seen":"2025-10-27T08:47:54.280246Z","last_seen":"2026-04-25T15:58:14.207855Z","times_seen":132442,"resource_available":true,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 156496\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Nu8YWrbj0GdDW7fMzr8OEvGa3O8bNKDEwcMQMEaA49%2FO6KPDArLxhsu3IHpZEvqUZdbZTfYYlV5eqGSlfJOgTp8FZ4R17dk0hjp5s8G\"}]}\r\ncf-ray: 9b120184df8b49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":156496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-25T16:01:10.854454Z","times_seen":35906,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":373,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync.gonet-ads.com/match/sape.js?id=0200007FD20B47692E05F30F02C49031","fqdn":"sync.gonet-ads.com","domain":"gonet-ads.com","tld":"com"},"ip":{"addr":"188.42.104.140","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gonet-ads.com","organization":"Go Mobile Inc"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 10 Jun 2025 00:00:00 GMT","end":"Fri, 19 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DC:9B:E1:71:D4:17:D5:18:6C:A4:F9:5F:2F:DD:DE:56:8C:CB:EC:5F","sha256":"A2:75:01:34:62:6B:85:83:76:99:89:B4:24:0B:18:DF:F2:6E:B4:35:EE:60:EC:E8:1C:4D:E1:23:9E:07:6B:1D"}}},"request":{"raw":"GET /match/sape.js?id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.gonet-ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"07fff40b5dd495aca2ac4e1c3fbc60aa","sha1":"e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4","sha256":"a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7","sha512":"49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a","ssdeep":"","tlshash":"55900003caa0800bc2a2c0300a080320ab80a23002080b0e80ac32a8ec2a2a20c00000","first_seen":"2023-04-05T13:33:10Z","last_seen":"2026-04-25T16:16:46.645196Z","times_seen":33956,"resource_available":true,"data":null}},"time_used":529,"timings":{"blocked":-1,"dns":4,"connect":18,"send":0,"wait":43,"receive":0,"ssl":464},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.opendsp.ru/match/sape?id=0200007FD20B47692E05F30F02C49031","fqdn":"sync.opendsp.ru","domain":"opendsp.ru","tld":"ru"},"ip":{"addr":"176.114.85.200","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.opendsp.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 05 Aug 2025 11:37:07 GMT","end":"Sun, 06 Sep 2026 11:37:06 GMT"},"fingerprint":{"sha1":"A6:D2:A4:C1:9C:FF:E8:4A:C2:A7:58:7A:3B:98:4B:CC:11:C8:FF:1F","sha256":"26:E3:31:B9:C2:C0:30:F6:85:B7:6E:2F:0E:4F:B0:C6:E5:39:D0:1A:8A:86:02:1E:55:68:94:B1:95:F1:4A:A7"}}},"request":{"raw":"GET /match/sape?id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.opendsp.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"07fff40b5dd495aca2ac4e1c3fbc60aa","sha1":"e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4","sha256":"a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7","sha512":"49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a","ssdeep":"","tlshash":"55900003caa0800bc2a2c0300a080320ab80a23002080b0e80ac32a8ec2a2a20c00000","first_seen":"2023-04-05T13:33:10Z","last_seen":"2026-04-25T16:16:46.645196Z","times_seen":33956,"resource_available":true,"data":null}},"time_used":980,"timings":{"blocked":83,"dns":1,"connect":28,"send":0,"wait":40,"receive":0,"ssl":827},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acint.net/match?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A","fqdn":"acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A HTTP/1.1\r\nHost: acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":125,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp-statistics.dsp.nt.technology/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8Snrw/sync?sspUserId=0200007FD20B47692E05F30F02C49031\u0026r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D368%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D368","fqdn":"ssp-statistics.dsp.nt.technology","domain":"nt.technology","tld":"technology"},"ip":{"addr":"52.213.188.202","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dsp.nt.technology","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 16 Dec 2025 00:00:00 GMT","end":"Thu, 14 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B8:F8:FC:4E:74:F8:92:8E:25:3D:67:9F:86:DC:9C:44:60:FB:9E:EC","sha256":"05:1C:13:14:4D:C3:00:3F:28:90:AD:59:1E:DF:BC:A6:09:D4:AE:24:83:25:90:22:9E:75:14:2F:59:C5:66:9A"}}},"request":{"raw":"GET /api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8Snrw/sync?sspUserId=0200007FD20B47692E05F30F02C49031\u0026r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D368%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D368 HTTP/1.1\r\nHost: ssp-statistics.dsp.nt.technology\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nlocation: https://acint.net/rmatch?dp=368\u0026euid=NT_2_0200007FD20B47692E05F30F02C49031_2024909618263469_nqYvrT\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nx-xss-protection: 1 ; mode=block\r\nreferrer-policy: no-referrer\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":217,"dns":1,"connect":33,"send":0,"wait":72,"receive":0,"ssl":404},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/rmatch?dp=261\u0026euid=4c2b70eb-8044-4361-bf7a-562e70bf079e\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=261\u0026euid=4c2b70eb-8044-4361-bf7a-562e70bf079e\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://mc.acint.net/cmatch?dp=261\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acint.net/match?dp=337\u0026euid=4OJzIshiU","fqdn":"acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=337\u0026euid=4OJzIshiU HTTP/1.1\r\nHost: acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/match?dp=186\u0026euid=5be272aa-d2ca-4a21-921c-52157b47887a","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /match?dp=186\u0026euid=5be272aa-d2ca-4a21-921c-52157b47887a HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/image?source=gpmdata","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:30.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /image?source=gpmdata HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: session_tptc=1766263763714; user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:33 GMT\r\ncontent-length: 0\r\nlocation: https://sync.upravel.com/amberdata/sync\r\nset-cookie: user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\nuser_id-legacy=d98dcc7a-51eb-4916-a95e-2482bcecb560;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":7197,"timings":{"blocked":3473,"dns":1,"connect":3409,"send":0,"wait":251,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/wp-content/themes/newsup/css/font-awesome/css/all.min.css?ver=6.9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 156496\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 0\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BZCdtzrtouHUT5sUpkdXGsIk0NNK4927rICI9k70v1yhlRAO%2BmxEv9MeecwTFLY2So3CaOwZYO3kvh60G8VHNN74LUkbNsrQgBteQgoH\"}]}\r\ncf-ray: 9b120184efa249c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-25T16:01:10.854454Z","times_seen":35906,"resource_available":false,"data":null}},"time_used":617,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":371,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cs.agency2.ru/p?ssp=sp\u0026uid=0200007FD20B47692E05F30F02C49031","fqdn":"cs.agency2.ru","domain":"agency2.ru","tld":"ru"},"ip":{"addr":"88.212.234.239","port":443,"asn":39134,"as":"Edinaya Set Limited Liability Company","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.agency2.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 12 Aug 2025 08:47:09 GMT","end":"Sun, 13 Sep 2026 08:47:08 GMT"},"fingerprint":{"sha1":"F4:53:6B:6B:EF:0D:F1:45:1E:8B:12:B7:51:88:E4:EB:78:EA:9A:8B","sha256":"B3:B9:DF:C8:91:E7:FA:77:EA:87:6A:FF:93:64:2F:02:53:8D:5C:87:80:F7:EA:F9:DE:2F:E2:5C:11:04:9F:3A"}}},"request":{"raw":"GET /p?ssp=sp\u0026uid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: cs.agency2.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nServer: fasthttp\r\nCache-Control: no-store, no-cache, must-revalidate\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nLocation: https://www.acint.net/match?dp=186\u0026euid=5be272aa-d2ca-4a21-921c-52157b47887a\r\nSet-Cookie: uuid=5be272aa-d2ca-4a21-921c-52157b47887a; expires=Fri, 11 Dec 2026 20:49:23 GMT; domain=agency2.ru; path=/; secure; SameSite=None\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT\r\nX-Host: 23.105.255.244\r\nContent-type: text/xml\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":801,"timings":{"blocked":58,"dns":0,"connect":49,"send":0,"wait":53,"receive":0,"ssl":640},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/cmatch?dp=313","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /cmatch?dp=313 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/main.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/main.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 211\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NN0CyI2VORIK6ZNvDMj0rKYXXYB4Ir2s75nFqz%2BGDiw1x6l5sm5nRvzD4hLGTU51O2ZsISPBsA5TWieBP%2BMzbfq0L0DFgQ8sBZfHwvSM\"}]}\r\ncf-ray: 9b120181a93f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":625,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"36d7f23d9f276a58aefe849a7d66aa6e","sha1":"19bfb505d918df616126eb54505d8729ac9cf678","sha256":"06d667c24b5fe211ccdb1b62741cc1c9536e8076553f0224a7d811385e580b4b","sha512":"08fe74245a6ea36f5daad908b7de4da16003243f7799c11e9c4afab0fd9df217cd29013fa8ce5f77d8a660a8b24ba729481c5f660ad78cbd612a3fb1ccc435be","ssdeep":"","tlshash":"b2f0e22cbc4c109909b6e730fc7f0339f62fa0233a098684784c8c646f31334855dd94","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.020145Z","times_seen":811,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync.adspend.space/sape?uid=0200007FD20B47692E05F30F02C49031","fqdn":"sync.adspend.space","domain":"adspend.space","tld":"space"},"ip":{"addr":"5.189.234.227","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adspend.space","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 12:52:42 GMT","end":"Mon, 26 Jan 2026 12:52:41 GMT"},"fingerprint":{"sha1":"AC:B3:38:66:C2:FC:35:EC:DA:72:49:D5:D9:BF:BD:DF:99:F7:6D:B4","sha256":"30:85:8C:F6:1D:73:6D:12:AE:79:49:D8:B6:3A:64:D8:38:8D:53:42:DC:FA:CD:0E:44:44:C9:0C:E6:4A:08:04"}}},"request":{"raw":"GET /sape?uid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: sync.adspend.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.26.2\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 79\r\nlocation: /check?uid=0200007FD20B47692E05F30F02C49031\u0026ssp=sape\r\nset-cookie: as-user=eea83bd6-fb45-4cb8-83c5-b712f0f6e508; Path=/; Max-Age=4320000; HttpOnly; Secure; SameSite=None\r\nstrict-transport-security: max-age=15724800; includeSubDomains\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: PUT, GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type, authorization\r\naccess-control-max-age: 1728000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.26.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":4,"connect":29,"send":0,"wait":35,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmr.bidderstack.com/sape/cm?user_id=0200007FD20B47692E05F30F02C49031","fqdn":"cmr.bidderstack.com","domain":"bidderstack.com","tld":"com"},"ip":{"addr":"185.149.242.234","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bidderstack.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 26 Dec 2024 14:42:05 GMT","end":"Wed, 14 Jan 2026 11:07:44 GMT"},"fingerprint":{"sha1":"D3:CF:38:0C:FA:18:1C:F8:E8:E3:18:35:3E:3D:E6:82:B4:44:12:C1","sha256":"C6:91:A1:27:F0:56:52:64:73:25:39:60:8B:AA:DA:0C:92:DF:DD:2B:3C:50:92:0B:D8:7F:AF:F4:5B:3C:A8:79"}}},"request":{"raw":"GET /sape/cm?user_id=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: cmr.bidderstack.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Angie\r\nDate: Sat, 20 Dec 2025 20:49:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 44\r\nConnection: keep-alive\r\nx-from: nrr-1\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":44,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"f9d60352c70a2ba15616d1c9421f3844","sha1":"e9abc8bea7721a4b6a50295850d13c515006a95c","sha256":"82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9","sha512":"c236b22bcd48790ff970b8bc566061eae734e0d34c1a68cd8d6160415303e0b0b51fe5780fafe7349cf71cb10089c9f322495267eee019cc63f879727263df4b","ssdeep":"","tlshash":"49900003eb80c002c2a2c0300e0ccb802b88b030ae28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-06T18:33:49Z","last_seen":"2026-04-24T11:58:04.616989Z","times_seen":4321,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":45,"dns":1,"connect":57,"send":0,"wait":56,"receive":0,"ssl":434},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otclick-adv.ru/core/match.gif?s=56\u0026reference=https%3A%2F%2Fmc.acint.net%2Fmatch%2F%3Fdp%3D361%26euid%3D%23%7BUID%7D","fqdn":"otclick-adv.ru","domain":"otclick-adv.ru","tld":"ru"},"ip":{"addr":"139.45.228.144","port":443,"asn":57304,"as":"JSC RetnNet","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.otclick-adv.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 15 Sep 2025 18:16:14 GMT","end":"Sat, 17 Oct 2026 18:16:13 GMT"},"fingerprint":{"sha1":"AC:7F:37:A5:93:0B:F1:5C:17:8C:E2:05:1C:18:98:EB:54:71:45:A1","sha256":"D0:29:C5:21:78:51:6F:01:ED:DC:C3:B6:AA:53:D9:5F:7B:59:04:97:33:EE:31:F7:62:1A:DE:FA:03:83:F2:F9"}}},"request":{"raw":"GET /core/match.gif?s=56\u0026reference=https%3A%2F%2Fmc.acint.net%2Fmatch%2F%3Fdp%3D361%26euid%3D%23%7BUID%7D HTTP/1.1\r\nHost: otclick-adv.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Length: 124\r\nConnection: keep-alive\r\nKeep-Alive: timeout=60\r\nP3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA\r\nCache-Control: no-cache, max-age=0, must-revalidate, no-store\r\nPragma: no-cache\r\nExpires: Thursday, 01-Jan-1970 00:00:00 GMT\r\nSet-Cookie: idntfy=VUhPThJn9PIBbBS; expires=Tue, 18-Dec-2035 20:49:23 GMT; domain=otclick-adv.ru; path=/c/; SameSite=None; Secure\nidntfy=VUhPThJn9PIBbBS; expires=Tue, 18-Dec-2035 20:49:23 GMT; domain=otclick-adv.ru; path=/core/; SameSite=None; Secure\r\nLocation: https://mc.acint.net/match/?dp=361\u0026euid=VUhPThJn9PIBbBS\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":691,"timings":{"blocked":278,"dns":0,"connect":31,"send":0,"wait":34,"receive":0,"ssl":347},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.bumlam.com/?src=sap1\u0026s_data=CAIQARjTl5zKBmIgMDIwMDAwN0ZEMjBCNDc2OTJFMDVGMzBGMDJDNDkwMzGiARBdR4eM3eUR8LYMACWQyCQ2","fqdn":"sync.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"31.172.81.146","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 15:01:44 GMT","end":"Thu, 19 Mar 2026 15:01:43 GMT"},"fingerprint":{"sha1":"73:09:47:20:FC:A8:0D:DC:79:F0:08:58:30:EF:F6:AE:72:A0:E1:0B","sha256":"73:92:7B:67:F8:0C:85:9F:42:64:89:B1:B4:BA:C5:BB:D0:C1:72:38:91:59:BA:0B:54:55:C0:4E:84:7F:12:34"}}},"request":{"raw":"GET /?src=sap1\u0026s_data=CAIQARjTl5zKBmIgMDIwMDAwN0ZEMjBCNDc2OTJFMDVGMzBGMDJDNDkwMzGiARBdR4eM3eUR8LYMACWQyCQ2 HTTP/1.1\r\nHost: sync.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nSet-Cookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 15 Dec 2045 20:49:23 GMT; Domain=bumlam.com; SameSite=None; Secure\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nCache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":378,"timings":{"blocked":356,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pix.bumlam.com/sync/sape/sync_ok?guid=5d47878c-dde5-11f0-b60c-002590c82436","fqdn":"pix.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"31.172.81.4","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 15:01:44 GMT","end":"Thu, 19 Mar 2026 15:01:43 GMT"},"fingerprint":{"sha1":"73:09:47:20:FC:A8:0D:DC:79:F0:08:58:30:EF:F6:AE:72:A0:E1:0B","sha256":"73:92:7B:67:F8:0C:85:9F:42:64:89:B1:B4:BA:C5:BB:D0:C1:72:38:91:59:BA:0B:54:55:C0:4E:84:7F:12:34"}}},"request":{"raw":"GET /sync/sape/sync_ok?guid=5d47878c-dde5-11f0-b60c-002590c82436 HTTP/1.1\r\nHost: pix.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: suuid3=IiQ1ZDQ3ODc4Yy1kZGU1LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.acint.net\r\nAccess-Control-Allow-Credentials: true\r\nTiming-Allow-Origin: *\r\nCross-Origin-Resource-Policy: cross-origin\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, proxy-revalidate, s-maxage=0\r\nPragma: no-cache\r\nExpires: 05-Jun-2005 22:00:00 GMT\r\nX-Xss-Protection: 0\r\nP3P: policyref=\"https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml\", CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nLocation: https://5d47878c-dde5-11f0-b60c-002590c82436.n4.sync.bumlam.com/?src=sape\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Frmatch%253Fdp%253D243%2526euid%253DaUcL0-_m5sY%2526r%253Dhttps%25253A%25252F%25252Facint.net%25252Fcmatch%25253Fdp%25253D243%26n%3D1","fqdn":"exchange.buzzoola.com","domain":"buzzoola.com","tld":"com"},"ip":{"addr":"176.114.74.36","port":443,"asn":50340,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buzzoola.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 06:11:29 GMT","end":"Mon, 09 Mar 2026 06:11:28 GMT"},"fingerprint":{"sha1":"6D:1A:28:D1:AB:8D:18:D1:38:1A:55:28:34:A1:03:2A:BC:7A:1C:5A","sha256":"AB:C0:F2:6B:07:6C:D6:89:63:34:97:78:29:CD:C6:D1:2A:75:3D:C0:7C:E0:05:94:11:71:82:6B:67:8C:2D:36"}}},"request":{"raw":"GET /cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Frmatch%253Fdp%253D243%2526euid%253DaUcL0-_m5sY%2526r%253Dhttps%25253A%25252F%25252Facint.net%25252Fcmatch%25253Fdp%25253D243%26n%3D1 HTTP/1.1\r\nHost: exchange.buzzoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uuid=542264ae-da49-453c-6c49-8b489ceccfad\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 246\r\nlocation: https://kimberlite.io/rtb/sync/buzzoola?u=542264ae-da49-453c-6c49-8b489ceccfad\u0026f=https%3A%2F%2Fwww.acint.net%2Frmatch%3Fdp%3D243%26euid%3DaUcL0-_m5sY%26r%3Dhttps%253A%252F%252Facint.net%252Fcmatch%253Fdp%253D243\u0026n=1\r\nset-cookie: uuid=542264ae-da49-453c-6c49-8b489ceccfad; Path=/; Domain=buzzoola.com; Expires=Mon, 19 Jan 2026 20:49:23 GMT; Max-Age=2592000; Secure; SameSite=None\r\nserverid: TODO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp-statistics.dev.dsp1.nominaltechno.com/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/sync?sspUserId=0200007FD20B47692E05F30F02C49031\u0026r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D313%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D313","fqdn":"ssp-statistics.dev.dsp1.nominaltechno.com","domain":"nominaltechno.com","tld":"com"},"ip":{"addr":"54.72.12.206","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dsp1.nominaltechno.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 04 Sep 2025 00:00:00 GMT","end":"Sat, 03 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:69:09:D1:44:FC:EF:3B:DA:E5:87:AC:D5:A8:4B:29:5D:43:A6:FF","sha256":"35:F6:0A:EE:1E:A2:22:52:1B:A8:7E:C4:7A:DE:E3:03:91:D4:13:20:F0:92:EB:AB:51:5E:57:F3:43:76:BE:34"}}},"request":{"raw":"GET /api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/sync?sspUserId=0200007FD20B47692E05F30F02C49031\u0026r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D313%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D313 HTTP/1.1\r\nHost: ssp-statistics.dev.dsp1.nominaltechno.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\nlocation: https://acint.net/rmatch?dp=313\u0026euid=NT_2_0200007FD20B47692E05F30F02C49031_2038940579297116_NsiRtK\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nx-xss-protection: 1 ; mode=block\r\nreferrer-policy: no-referrer\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":629,"timings":{"blocked":206,"dns":0,"connect":33,"send":0,"wait":39,"receive":0,"ssl":351},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/jquery.marquee.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/jquery.marquee.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4398\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UaP%2Bz6oO9l1qrXAjhpGe94KfBH1d3Ng86%2FcMZT1Ab%2FPib95sRYKmnO%2Bjz25lCKunvG%2Fm4dTsEBdkI94Z1aSSDcRLre53usiYAY42s%2Fuh\"}]}\r\ncf-ray: 9b120181a93d49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23985,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"194be63a342cce7446cc7fccc8a38cab","sha1":"682f89522fe73fb58408f3c0cf8f8f38c290ada3","sha256":"072cecb33bf56cf9e0f141fff4985fa1e3be682b17272e7c630aa39c0994cb46","sha512":"c8794e52b550333854956dd45e51545589195d43ea8cdd5de5d5edd9063fca441e9e6e619e471683c25495c3632c16be5ece2b3e5a85e00222a5196d1adfada3","ssdeep":"192:zS9TICbeJRRkUfIeubOQMMhCquhk7lVEepklpYm0lPYlWi121LJHu:zijbeJRRkUfOblvCquhueRpYjmZ1210","tlshash":"91b230d5755921208a37233fcb8e1149efba503761164d6a7daec3896fb08144332ffa","first_seen":"2023-03-07T12:08:44Z","last_seen":"2026-04-25T13:58:42.023556Z","times_seen":819,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-includes/js/wp-emoji-release.min.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4949\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 03 Dec 2025 13:21:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Frnp1W%2BIEgpaF7mV8FzurJl%2Bqot3HS4WfJUh5mwBi7tEaI%2BkcKRS9vLh8819ZwkCClKivX96c0FRAzfeUCXMbYfYihaAjtiv1yitbGb9\"}]}\r\ncf-ray: 9b120185489a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-25T15:55:37.731077Z","times_seen":164787,"resource_available":true,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ck.silvermob.com/sync?pid=533\u0026uid=0200007FD20B47692E05F30F02C49031\u0026rd=1\u0026r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D274%26euid%3D%5BUSER_ID%5D","fqdn":"ck.silvermob.com","domain":"silvermob.com","tld":"com"},"ip":{"addr":"212.95.41.187","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.silvermob.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4B:3C:57:8B:31:3A:8D:1D:BD:2E:AA:97:E5:85:62:E9:6E:FF:0D:27","sha256":"3F:EB:62:39:C6:44:25:10:53:E0:44:4B:F1:5C:3B:44:D0:D1:9F:17:E1:F5:ED:1D:33:6D:A7:65:3C:9A:91:BD"}}},"request":{"raw":"GET /sync?pid=533\u0026uid=0200007FD20B47692E05F30F02C49031\u0026rd=1\u0026r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D274%26euid%3D%5BUSER_ID%5D HTTP/1.1\r\nHost: ck.silvermob.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 43\r\nConnection: close\r\nX-Powered-By: Express\r\nSet-Cookie: sm_uid=sm_FED22w8FfTUI; Domain=ck.silvermob.com; Expires=Sun, 20 Dec 2026 20:49:23 GMT; Path=/; SameSite=None; Secure\r\nx-sm-trace: refresh-2\r\nCache-Control: public, max-age=0\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"07fff40b5dd495aca2ac4e1c3fbc60aa","sha1":"e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4","sha256":"a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7","sha512":"49b8daf1f5ba868bc8c6b224c787a75025ca36513ef8633d1d8f34e48ee0b578f466fcc104a7bed553404ddc5f9faff3fef5f894b31cd57f32245e550fad656a","ssdeep":"","tlshash":"55900003caa0800bc2a2c0300a080320ab80a23002080b0e80ac32a8ec2a2a20c00000","first_seen":"2023-04-05T13:33:10Z","last_seen":"2026-04-25T16:16:46.645196Z","times_seen":33956,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":155,"dns":0,"connect":31,"send":0,"wait":34,"receive":0,"ssl":384},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/uploads/2024/06/cropped-bodybuilder-gym-or-fitness-icon-logo-template-vector-illustration-2G0R22A-removebg-preview-1-192x192.png","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:23.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/cropped-bodybuilder-gym-or-fitness-icon-logo-template-vector-illustration-2G0R22A-removebg-preview-1-192x192.png HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nCookie: fid=71516970-ef54-4a5f-8c5b-001ea2720011; _ac_oid=54718e6f5096d49a4751e38622ffb9eb%3A1766267362964\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 5325\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:23 GMT\r\nlast-modified: Wed, 12 Jun 2024 07:37:22 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZqlKa5I4Z4NU%2Fkn1Fxx%2BZbGSfp9wnm76FFX31xkmNSkzCPLE%2F3gUoCtUq3nf9EMxU65bLRaA1T%2F%2FLCIX7cOw6Dup3rZz%2BhdgxOex%2FUmE\"}]}\r\ncf-ray: 9b12018958ef49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced","md5":"7ae8d3ff2943f8897ac882805118547a","sha1":"aaafcbef38463533e6086ae5f37cac8b4b977695","sha256":"45584a09791f1afa86b79ed7999d847eda1b4457ab8d9a08454954a40c4285fb","sha512":"0625752b9dc0623f0c83eac0287d404587493d53f72d27e3284d0914b9e5c3b6e28b8d3144c9a109eb21aca3b2478f94c51899ac1bf3edf4ec76e57c3cf93150","ssdeep":"96:bgbZa66tv1EnfdKvhA3RAY6BNPXxZF1nhX+GN8lCo3vT3gSk4OOjqDhI8iSEu:02knopABAYkXV1T8Co3DBObdt/Eu","tlshash":"acb16d284333c86c95cb9370129141355258e9f75d235c99287c69e0ad01dccce9ffbc","first_seen":"2025-12-20T20:50:01.597686Z","last_seen":"2025-12-20T20:50:01.597686Z","times_seen":1,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0= HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: session_tptc=1766263763714\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-length: 0\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\nset-cookie: user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\nuser_id-legacy=d98dcc7a-51eb-4916-a95e-2482bcecb560;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\r\nlocation: https://www.acint.net/rmatch?dp=71\u0026euid=d98dcc7a-51eb-4916-a95e-2482bcecb560\u0026r=https%3A%2F%2Fsync.upravel.com%2Fpbd%2Fsync\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/custom-time.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/custom-time.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 184\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OV4iDGIv3m1h%2FPh3sOovzUBztojDmGQgizlVqhwOPYZAFFbR18QMXJTq%2BsDRtibaIiz4cu5cifBYQaRwai%2BFM1%2BPLC6NTviHtYF%2Fn9CQ\"}]}\r\ncf-ray: 9b120181d9c549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":381,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"1a4a72e6152cad1722d5314062a65901","sha1":"a37cacedcbbc0322ab0e9443a26ae87f03ba77f6","sha256":"ec6c241bf5feb4fe95b908093f198c6ae6ed7991dc78db287d4107f1335b088e","sha512":"eb84995d86f048642f7cee244ffe57660e2798c6727fdff5ca062f9843cc8b0029439bc5787fac94a3e42e58510014a3b87f2a602837506c5abb59a555f3fe6b","ssdeep":"","tlshash":"77e0c01a315602905dfb277cc32b19ccffb325231a11c68031cd90082f34d7a451aec9","first_seen":"2024-05-20T21:19:40Z","last_seen":"2026-04-25T13:58:42.006676Z","times_seen":389,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adx.com.ru/sync/confirm/sapePlazkart?sspSysName=sapePlazkart\u0026uid=0200007FD20B47692E05F30F02C49031","fqdn":"adx.com.ru","domain":"adx.com.ru","tld":"com.ru"},"ip":{"addr":"83.222.105.246","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adx.com.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 20 Jun 2025 13:13:33 GMT","end":"Wed, 22 Jul 2026 13:13:32 GMT"},"fingerprint":{"sha1":"0F:34:EC:CE:BC:17:E9:5F:83:40:15:65:EF:68:EC:37:03:9C:C8:9C","sha256":"87:20:22:42:36:6F:88:B8:4D:D7:3A:11:7B:17:9F:56:7B:CD:5A:0C:00:F3:42:3C:BE:28:DE:11:8E:AD:F5:FE"}}},"request":{"raw":"GET /sync/confirm/sapePlazkart?sspSysName=sapePlazkart\u0026uid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: adx.com.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: user=69470bd3f0e0150001e733eb\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.28.0\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 349\r\ncache-control: no-store\r\nlocation: https://2-69470bd3f0e0150001e733eb.id.adx.com.ru/https://5--2--69470bd3f0e0150001e733eb.stbid.ru?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69470bd3f0e0150001e733eb%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fdsp_id%253D162%2526external_id%253D69470bd3f0e0150001e733eb%2526r%253D\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.upravel.com/image?source=pbd","fqdn":"sync.upravel.com","domain":"upravel.com","tld":"com"},"ip":{"addr":"185.131.67.10","port":443,"asn":56630,"as":"Melbikomas UAB","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:24.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.upravel.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 18 Jun 2025 16:48:51 GMT","end":"Mon, 20 Jul 2026 16:48:50 GMT"},"fingerprint":{"sha1":"8D:89:EE:F7:48:68:E7:7D:F7:C4:AF:97:AB:98:A3:A3:1E:8D:6A:92","sha256":"08:06:AA:31:11:0F:33:B8:7D:B5:7E:B4:A2:2A:65:C6:77:DE:F6:65:A2:F4:BE:D3:7E:8D:9F:84:17:CE:20:A0"}}},"request":{"raw":"GET /image?source=pbd HTTP/1.1\r\nHost: sync.upravel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: session_tptc=1766263763714; user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: Angie\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\ncontent-length: 0\r\nlocation: https://sync.upravel.com/gpmdata/sync\r\nset-cookie: user_id=d98dcc7a-51eb-4916-a95e-2482bcecb560;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\nuser_id-legacy=d98dcc7a-51eb-4916-a95e-2482bcecb560;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000\r\np3p: CP=\"NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-allow-credentials: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.acint.net/ping/?v=0.7.1\u0026uid=ba24035d-314d-4cbe-b10d-ef4e5b445b7d\u0026dp=10\u0026tz=%2B00%3A00\u0026nc=116002\u0026dT=2025-12-20T20%3A49%3A25.837","fqdn":"www.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:25.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /ping/?v=0.7.1\u0026uid=ba24035d-314d-4cbe-b10d-ef4e5b445b7d\u0026dp=10\u0026tz=%2B00%3A00\u0026nc=116002\u0026dT=2025-12-20T20%3A49%3A25.837 HTTP/1.1\r\nHost: www.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763; cSyncDp241v2=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:25 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nlast-modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-25T15:55:46.7731Z","times_seen":340481,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2908q01vomqb2.cloudfront.net/887309d048beef83ad3eabf2a79a64a389ab1c9f/2025/12/11/DBBLOG-5162-featured-images-1120x630.png","fqdn":"d2908q01vomqb2.cloudfront.net","domain":"d2908q01vomqb2.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"18.239.38.102","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:23.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /887309d048beef83ad3eabf2a79a64a389ab1c9f/2025/12/11/DBBLOG-5162-featured-images-1120x630.png HTTP/1.1\r\nHost: d2908q01vomqb2.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 218868\r\nlast-modified: Thu, 11 Dec 2025 16:56:47 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: EQD5NqCnRvoCK5u8jMtCrUJuV_8PhzOR\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\netag: \"3b7931d6dcb241437b76f4b83a4fffa3-1\"\r\nvary: accept-encoding\r\nx-cache: RefreshHit from cloudfront\r\nvia: 1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: AMS58-P2\r\nx-amz-cf-id: 6-pHmjtAYJAxV-LShoaoLAX2s7hnlfD3EKkGKkWZtSTNi4U1fPKafQ==\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=300\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":218868,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1120 x 630, 8-bit/color RGBA, non-interlaced","md5":"73123ac616f4645bd7fb0875c2d736d5","sha1":"3b842e6a7f00aa2575598efb66d78470ff1c6a73","sha256":"97441554b7006457e176456d2ab782e5cbcd0429ff10f30e75beccb05ddce892","sha512":"477b5e092b391aa5e32f3d7c83ac4c0c639ae353c89d6a3e965b3bd329013433f33dfa3254df26b61c7d32fc17fe44b40382638c504354052b671c895cb19285","ssdeep":"3072:BwVIvcwNdgeAMZGmO2BnN4fadC/eBkBGA826DjizB1Kg/vlM6V86eyZ4aHfKWZQv:UXUd30mjsT/tBuNXi7vO6V86sqfJysBu","tlshash":"af242325c9e8d7cae7903e2ce0b847d24f8029aede951d707afa1193fd251149e96f0c","first_seen":"2025-12-20T20:50:01.599419Z","last_seen":"2025-12-20T20:50:01.599419Z","times_seen":1,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":128,"dns":0,"connect":19,"send":0,"wait":341,"receive":62,"ssl":150},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.acint.net/cmatch?dp=14","fqdn":"mc.acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /cmatch?dp=14 HTTP/1.1\r\nHost: mc.acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://ads.betweendigital.com/match?bidder_id=73\u0026external_user_id=0200007FD20B47692E05F30F02C49031\r\nset-cookie: cSyncDp7v3=1766263763; expires=Mon, 19-Jan-26 20:49:23 GMT; path=/; Secure; SameSite=None; domain=.acint.net\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/owl.carousel.min.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/owl.carousel.min.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 6299\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eczsZm00yXFFxKbpsE8bQWtt44kgcqCQ6MwgKmvfDHjggfR8KFObWIsNllqlI0lmSamDvpi8o%2BeUUaTLeEbQk2wQdJ7S2k2q64tJcUWj\"}]}\r\ncf-ray: 9b120181a93749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23936,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (635), with CRLF line terminators","md5":"8c52f27fcac36c7667f8fb846e1e94d5","sha1":"e5862559db659ffd530c91452d668c5e7b3f0f2d","sha256":"6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad","sha512":"9b8f2503bf30b879d3318e8d3ee6ba447fdd0b3d7e2d4f0c3cc03eb325247e2e05e8a7978318e648c91f1a90fcd7ab7ce1018189d27f028ea33064e38307fb20","ssdeep":"384:7Ket0QK/Q52Cgwm0PQtiRX55DzNvYUyzLsxVxRbm:dK/Q4ptuXNQUyzLIk","tlshash":"08b2a54bb2202385469372b9419b110d713bfb78fc42855c70b6dadfaa4b84e9277b3d","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-25T13:58:42.011699Z","times_seen":3181,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/uploads/2024/06/Copy-of-Featured-3-1200x675.jpg.jpg","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/Copy-of-Featured-3-1200x675.jpg.jpg HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91410\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 27 Dec 2025 20:49:22 GMT\r\nlast-modified: Wed, 12 Jun 2024 07:37:39 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QQ%2BMnJ6MKZswTw3M2T34xyL6mD%2F4MbLNbSTu7VCzybXRhKvzRVshF%2BIeybBUZlhfNNnXaNpwSXF9%2FMTUZRxsHdJEvyUFdnS%2Fc1yEd3Os\"}]}\r\ncf-ray: 9b120184cf7349c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91410,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x675, components 3","md5":"e2b59f10df383ae29f710ff4e8307023","sha1":"00144120c22b04d48155d5c532945bc1f6f9322d","sha256":"cfb6675684c725db601e456d12e2378997d5d15101a89ba9a26c309b81bf8d74","sha512":"e1b4ab04f7ea3c2463f280fdde0172348b8cd2f8f9dafb7068dcc1fd1271147a4c319d24b21f0181213aadcd55fb4c78a1ab09aef6c60249a83e00548f79482b","ssdeep":"1536:PbCdbzzc4ziPYM4lNX4AYSSBkqNaygtWc0hgyBE9V41etnoNqmyZ+ea3vOxJNtb2:PbCJc4T0SSXNazchh9E2goNqpZ+ea/KE","tlshash":"b993126b3c170756fb6843b9603c1720966a07cd4da5f332b3a474a85ee626d128f45e","first_seen":"2023-07-15T22:55:43Z","last_seen":"2025-12-20T20:50:01.615247Z","times_seen":7,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14","fqdn":"ssp-rtb.sape.ru","domain":"sape.ru","tld":"ru"},"ip":{"addr":"193.3.184.186","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sape.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 23:36:44 GMT","end":"Sat, 07 Mar 2026 23:36:43 GMT"},"fingerprint":{"sha1":"3D:9F:9C:85:A9:AB:7C:9C:83:0D:C2:B6:55:54:6F:89:BB:7F:7F:EE","sha256":"49:D9:BD:BD:C8:71:CC:CD:39:05:E4:44:2E:9E:54:03:9D:A8:07:B3:9E:E4:4E:FD:7A:38:89:6D:8A:12:EA:15"}}},"request":{"raw":"GET /rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14 HTTP/1.1\r\nHost: ssp-rtb.sape.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 142\r\nlocation: https://acint.net/rmatch?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nset-cookie: sspuid=CkIDO2lHC9O21AEXmm/SAqipadzLKrprjsJwb0G/d0hFpbnq; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":85,"dns":1,"connect":28,"send":0,"wait":28,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pix.bumlam.com/sync/sape/check?sspuid=0200007FD20B47692E05F30F02C49031","fqdn":"pix.bumlam.com","domain":"bumlam.com","tld":"com"},"ip":{"addr":"31.172.81.4","port":443,"asn":44066,"as":"firstcolo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bumlam.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 15:01:44 GMT","end":"Thu, 19 Mar 2026 15:01:43 GMT"},"fingerprint":{"sha1":"73:09:47:20:FC:A8:0D:DC:79:F0:08:58:30:EF:F6:AE:72:A0:E1:0B","sha256":"73:92:7B:67:F8:0C:85:9F:42:64:89:B1:B4:BA:C5:BB:D0:C1:72:38:91:59:BA:0B:54:55:C0:4E:84:7F:12:34"}}},"request":{"raw":"GET /sync/sape/check?sspuid=0200007FD20B47692E05F30F02C49031 HTTP/1.1\r\nHost: pix.bumlam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 20 Dec 2025 20:49:23 GMT\r\nContent-Type: image/gif\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.acint.net\r\nAccess-Control-Allow-Credentials: true\r\nTiming-Allow-Origin: *\r\nCross-Origin-Resource-Policy: cross-origin\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, proxy-revalidate, s-maxage=0\r\nPragma: no-cache\r\nExpires: 05-Jun-2005 22:00:00 GMT\r\nX-Xss-Protection: 0\r\nP3P: policyref=\"https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml\", CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nLocation: https://sync.bumlam.com/?src=sape\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":34,"dns":0,"connect":20,"send":0,"wait":28,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.mos.cms.futurecdn.net/VBzwEpLNrag8u9AQvtGoFm-1200-80.jpg","fqdn":"cdn.mos.cms.futurecdn.net","domain":"futurecdn.net","tld":"net"},"ip":{"addr":"18.66.102.64","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.mos.cms.futurecdn.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 02 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B3:F8:71:33:D2:E2:CD:32:A7:63:39:97:92:3A:D3:46:E9:A1:A1:8E","sha256":"E5:02:3D:00:C4:62:E9:4F:79:BF:2B:24:E2:47:5C:DF:0E:6A:B9:34:53:DC:96:6C:C0:BB:B1:1B:2B:4C:7D:19"}}},"request":{"raw":"GET /VBzwEpLNrag8u9AQvtGoFm-1200-80.jpg HTTP/1.1\r\nHost: cdn.mos.cms.futurecdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: CloudFront\r\ncontent-type: image/jpeg\r\ncontent-length: 135053\r\ndate: Sat, 20 Dec 2025 08:01:39 GMT\r\ncache-control: max-age=5184000\r\netag: ed063d2fb6b3e7b3586ae03097dd86db\r\nexpires: Wed, 18 Feb 2026 08:01:22 UTC\r\nx-svc-build-time: Thu Dec 18 14:23:01 UTC 2025\r\nx-svc-env: prod\r\nx-svc-go-version: 1.22.12\r\nx-svc-name: kodiak-svc\r\nx-svc-version: latest\r\nxkey: /proof/VBzwEpLNrag8u9AQvtGoFm.jpg\r\nx-backend: default\r\nx-ftr-cache-status: HIT\r\nx-served-by: kodiak-varnish-f96658d5b-plk64\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\naccess-control-max-age: 1728000\r\nx-ftr-request-id: 00000000000000000000FFFF40FC55FE:3358_00000000000000000000FFFFB9711939:01BB_694657E3_B7F974:15C6BF\r\nx-ftr-balancer: bulk-proxy-prod-01\r\nx-ftr-backend: proof-mos-kodiak\r\nx-ftr-backend-server: van-prod:kodiak\r\nvia: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 46080\r\ncontent-security-policy: upgrade-insecure-requests\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: FRA56-P2\r\nx-amz-cf-id: YCMgIotayjLUSkLJ9isyrgyyLtfFw6M9RMaKQDuZm1vzYUeHwqqdkw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":135053,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.12 (Macintosh), datetime=2025:12:19 13:55:49], baseline, precision 8, 1200x627, components 3","md5":"9d6f7b66318b2f3dbc3a2659aa6e903d","sha1":"306496de321791864612573b34374fb3547f7af2","sha256":"4e7d38805039604c084a62f5e23f9c4d8f6454952692bce45c8f990379a43c27","sha512":"c5556ef4da87f6285374d12716a8324c390eb24326aee8cb50a0bd5124769a7683cf2fc43c22e4aa930bda3f5877a3134b4ddfee6a05dc34748653542b9fd753","ssdeep":"3072:54r/NpUTnfNScRRTaQso0mMDi1xwwmik5LaH4NoT4:545p8nfN3TTxSrGwwmN5g4u4","tlshash":"c4d31219ab049fa4fbc4d2bc44f4e7059b33a50686735c1bb0bd744afb3e892dc5a106","first_seen":"2025-12-20T20:50:01.617112Z","last_seen":"2025-12-20T20:50:01.617112Z","times_seen":1,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":46,"dns":18,"connect":20,"send":0,"wait":26,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.azcentral.com/gcdn/-mm-/ef520fa941b8f9e08a2920d47562b15c3bc032fd/c=42-0-1157-630/local/-/media/2018/03/12/Phoenix/Phoenix/636564624113950329-Facebook-renderings-AHS-FashionShowaroundpool-1981-229-21.jpg?width=660\u0026height=372\u0026fit=crop\u0026format=pjpg\u0026auto=webp","fqdn":"www.azcentral.com","domain":"azcentral.com","tld":"com"},"ip":{"addr":"199.232.42.62","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usatoday.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 14:45:34 GMT","end":"Tue, 24 Feb 2026 14:45:33 GMT"},"fingerprint":{"sha1":"F3:79:E9:AF:91:20:F4:3C:1C:24:40:8B:F5:00:FE:D4:8A:A1:7E:46","sha256":"D9:6D:B9:C5:EA:6C:9B:50:20:E7:5F:A1:54:98:92:EC:2F:F0:58:07:EA:8F:B7:7F:05:A4:1A:AA:75:6D:B7:92"}}},"request":{"raw":"GET /gcdn/-mm-/ef520fa941b8f9e08a2920d47562b15c3bc032fd/c=42-0-1157-630/local/-/media/2018/03/12/Phoenix/Phoenix/636564624113950329-Facebook-renderings-AHS-FashionShowaroundpool-1981-229-21.jpg?width=660\u0026height=372\u0026fit=crop\u0026format=pjpg\u0026auto=webp HTTP/1.1\r\nHost: www.azcentral.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 406 Not Acceptable\r\ncache-control: private, no-store\r\naccept-ranges: bytes\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\nnel: {\"report_to\":\"default\",\"max_age\":31557600,\"include_subdomains\":true,\"success_fraction\":0.005}\r\nreport-to: {\"max_age\":31557600,\"include_subdomains\":true,\"endpoints\":[{\"url\":\"https://reporting-api.gannettinnovation.com\"}]}\r\ndocument-policy: include-js-call-stacks-in-crash-reports\r\ncontent-security-policy: upgrade-insecure-requests\r\nstrict-transport-security: max-age=63072000;includeSubDomains;preload\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"406","status_text":"Not Acceptable","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":64,"dns":0,"connect":17,"send":0,"wait":50,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssp.bidvol.com/usersync?dspcsid=8\u0026redirect=1","fqdn":"ssp.bidvol.com","domain":"bidvol.com","tld":"com"},"ip":{"addr":"194.85.16.22","port":443,"asn":8985,"as":"Join-stock company Internet ExchangeMSK-IX","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:22.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ssp.bidvol.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 17 Nov 2025 15:36:18 GMT","end":"Sun, 15 Feb 2026 15:36:17 GMT"},"fingerprint":{"sha1":"2C:D4:B1:D6:C7:FD:4D:33:95:41:C0:D4:51:E9:65:02:A5:F5:6A:2E","sha256":"37:63:06:D3:DB:F8:A8:E8:FE:2C:AD:63:85:31:FA:C4:B4:4F:34:34:0B:AF:A7:69:B2:B5:57:6E:1E:EF:45:63"}}},"request":{"raw":"GET /usersync?dspcsid=8\u0026redirect=1 HTTP/1.1\r\nHost: ssp.bidvol.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.acint.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 20:49:28 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-request-id: e8280670-2e27-49dd-97fb-2a23de407467\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nsurrogate-control: no-store\r\nset-cookie: bvuid=brcxyd8inp; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None\nbvuid2=brcxyd8inp; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":5258,"timings":{"blocked":-1,"dns":5004,"connect":62,"send":0,"wait":64,"receive":0,"ssl":127},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acint.net/rmatch?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14","fqdn":"acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14 HTTP/1.1\r\nHost: acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://mc.acint.net/cmatch?dp=14\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":365,"dns":0,"connect":28,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acint.net/rmatch?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126","fqdn":"acint.net","domain":"acint.net","tld":"net"},"ip":{"addr":"193.3.184.27","port":443,"asn":50214,"as":"QWARTA LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.acint.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 23:34:47 GMT","end":"Mon, 16 Feb 2026 23:34:46 GMT"},"fingerprint":{"sha1":"AC:F1:F0:AE:B9:73:CD:E9:4C:12:65:4C:8E:28:C1:DF:FC:44:BE:51","sha256":"58:33:3D:E8:B5:E5:84:B5:BD:3A:18:88:C0:D8:05:F1:BD:35:00:09:84:06:D0:DC:F9:0E:03:74:B3:96:2E:11"}}},"request":{"raw":"GET /rmatch?dp=14\u0026euid=3B03420AD30B47691701D4B602D26F9A\u0026r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1\r\nHost: acint.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: aid=fwAAAmlHC9IP8wUuMZDEApr2bU+UvCEjgiCHkNdeM6wwDFtG; test_cookie=CheckForPermission; cSyncDp14v6=1766263762; cSyncDp17v3=1766263762; cSyncDp45v5=1766263762; cSyncDp53v5=1766263762; cSyncDp553=1766263762; cSyncDp62v4=1766263762; cSyncDp67v5=1766263762; cSyncDp68v3=1766263762; cSyncDp71v2=1766263762; cSyncDp85v2=1766263762; cSyncDp95v4=1766263762; cSyncDp98v3=1766263762; cSyncDp104v3=1766263762; cSyncDp107v2=1766263762; cSyncDp125v5=1766263762; cSyncDp126v3=1766263762; cSyncDp129v2=1766263762; cSyncDp136v3=1766263762; cSyncDp148v2=1766263762; cSyncDp149v3=1766263762; cSyncDp151v2=1766263762; cSyncDp251v3=1766263762; cSyncDp186v2=1766263762; cSyncDp217v2=1766263762; cSyncDp226v1=1766263762; cSyncDp239v3=1766263762; cSyncDp243v2=1766263762; cSyncDp260v2=1766263762; cSyncDp244v2=1766263762; cSyncDp248v3=1766263762; cSyncDp261v1=1766263762; cSyncDp264=1766263762; cSyncDp274=1766263762; cSyncDp289v2=1766263762; cSyncDp296v3=1766263762; cSyncDp312v1=1766263762; cSyncDp313v1=1766263762; cSyncDp368v1=1766263762; cSyncDp331v1=1766263762; cSyncDp337v1=1766263762; cSyncDp351v1=1766263762; cSyncDp361v1=1766263762; cSyncDp353v1=1766263762; cSyncDp362v1=1766263762; cSyncDp366v1=1766263762; cSyncDp385v1=1766263762; cSyncDp390v1=1766263762; cSyncDp399v1=1766263762; cSyncDp394v1=1766263762; cSyncDp415v1=1766263762; cSyncDp420v2=1766263762; cSyncDp431=1766263762; cSyncDp433=1766263762; cSyncDp444=1766263762; cSyncDp203v2=1766263762; cSyncDp450=1766263762; cSyncDp14v4=1766263763; cSyncDp7v3=1766263763\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Sat, 20 Dec 2025 20:49:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 154\r\nlocation: https://mc.acint.net/cmatch?dp=126\r\np3p: CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"\r\nexpires: Wed, 19 Apr 2000 11:43:00 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2-69470bd3f0e0150001e733eb.id.adx.com.ru/https://5--2--69470bd3f0e0150001e733eb.stbid.ru?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69470bd3f0e0150001e733eb%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fdsp_id%253D162%2526external_id%253D69470bd3f0e0150001e733eb%2526r%253D","fqdn":"2-69470bd3f0e0150001e733eb.id.adx.com.ru","domain":"adx.com.ru","tld":"com.ru"},"ip":{"addr":"83.222.104.222","port":443,"asn":42632,"as":"MnogoByte LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.acint.net/mc/?dp=10\u0026tc=1","date":"2025-12-20T20:49:23.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.id.adx.com.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 30 May 2025 22:18:44 GMT","end":"Wed, 01 Jul 2026 22:18:43 GMT"},"fingerprint":{"sha1":"E6:83:1C:38:50:4E:B2:A7:10:AB:4C:C8:FF:8B:E1:FD:27:E6:64:8A","sha256":"E0:20:57:F5:B4:57:09:84:72:9B:96:0D:FF:15:DC:73:EF:87:2B:31:7B:C2:2C:2D:AB:67:4E:7C:C1:FB:1E:9C"}}},"request":{"raw":"GET /https://5--2--69470bd3f0e0150001e733eb.stbid.ru?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69470bd3f0e0150001e733eb%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fdsp_id%253D162%2526external_id%253D69470bd3f0e0150001e733eb%2526r%253D HTTP/1.1\r\nHost: 2-69470bd3f0e0150001e733eb.id.adx.com.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.acint.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: user=69470bd3f0e0150001e733eb\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.28.0\r\ndate: Sat, 20 Dec 2025 20:49:24 GMT\r\ncontent-type: text/html\r\ncontent-length: 145\r\nlocation: https://5--2--69470bd3f0e0150001e733eb.stbid.ru?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69470bd3f0e0150001e733eb%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsync.cgi%253Fdsp_id%253D162%2526external_id%253D69470bd3f0e0150001e733eb%2526r%253D\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-25T15:55:26.931181Z","times_seen":14184276,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":94,"connect":65,"send":0,"wait":65,"receive":0,"ssl":140},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"levitra-gg.com/wp-content/themes/newsup/js/jquery.smartmenus.js?ver=6.9","fqdn":"levitra-gg.com","domain":"levitra-gg.com","tld":"com"},"ip":{"addr":"104.21.91.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://levitra-gg.com/","date":"2025-12-20T20:49:22.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"levitra-gg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 20:46:01 GMT","end":"Thu, 22 Jan 2026 21:43:42 GMT"},"fingerprint":{"sha1":"8D:62:95:9E:7C:58:99:94:65:24:49:7F:6C:A9:D1:D1:B5:83:3E:D0","sha256":"C4:87:76:B9:B7:50:3A:6A:17:4E:A7:A6:5E:F1:E8:9B:CD:30:29:04:54:23:53:55:1B:2E:45:60:51:81:69:81"}}},"request":{"raw":"GET /wp-content/themes/newsup/js/jquery.smartmenus.js?ver=6.9 HTTP/1.1\r\nHost: levitra-gg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://levitra-gg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 20:49:22 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 11268\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 02 Dec 2025 03:08:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0oBMVhObg1p6QiYpNLs7P4EbJsuJSfJXvyTLRWS7OwJAeVE9OP7TY9tCtCH0Xhym4FplCRvZyIWjJlpixf2nhrCV8g8Txd8%2Bk6YA%2BEE5\"}]}\r\ncf-ray: 9b120181a93a49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":46634,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"990c7f72521b0a27c9c858b8ccd54ea8","sha1":"e5cfb44e0808c18bc142cd72c93d101060cf454e","sha256":"489feabe8ac2d87de5bddb3638f4bb818d0c5cbc1371106eab029777a8a48364","sha512":"d4581267e5f78d3791e58cbbb39ff4cf05af54235c1a500d4992eb02f029d674ed279265f9f93fb997fadb367c40cc9606f5b40cfb70f8260129f8d48ca9b3bd","ssdeep":"768:awQfVC3IGcqeO1fqnfiLVflMib9oAaIQuIK7/0p9hxKMlL17tZAlnOFmKOKn3:a7JKy295afKMF17LYKOKn3","tlshash":"6f2372ca735d712f82d633b4853e552aeb3dd072c20350affc6e6998656046813b1db9","first_seen":"2023-03-07T12:08:43Z","last_seen":"2026-04-25T13:58:42.005679Z","times_seen":666,"resource_available":true,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"levitra-gg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}