{"report_id":"088870ff-404e-45c2-a814-bce54abf560d","version":6,"status":"done","tags":[],"date":"2025-08-25T22:31:26Z","url":{"schema":"http","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"title":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz"},"submit":{"url":{"schema":"http","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-29T22:31:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-25","alert":"Sinkholed","trigger":"jodqvcjfsmnaiil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"filemoon.to","ip":{"addr":"186.2.165.35","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"unknown","domain_rank":57502,"first_seen":"2022-05-09T13:43:27Z","last_seen":"2025-08-21T15:12:37.337018Z","alert_count":0,"request_count":2,"received_data":16913,"sent_data":911,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]},{"fqdn":"jodqvcjfsmnaiil.com","ip":{"addr":"139.45.197.165","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":1974,"sent_data":1365,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"0vg9r.com","ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-08-24T05:51:56.145171Z","last_seen":"2025-08-24T05:51:56.145171Z","alert_count":0,"request_count":15,"received_data":1215196,"sent_data":7067,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"shaglurdoa.net","ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2025-08-25","domain_rank":0,"first_seen":"2025-08-25T21:55:16.461551Z","last_seen":"2025-08-25T21:55:16.461551Z","alert_count":0,"request_count":4,"received_data":116630,"sent_data":2731,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"be7713.rcr82.waw05.i8yz83pn.com","ip":{"addr":"185.248.170.67","port":443,"asn":43668,"as":"as43668 LLC","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-09","domain_rank":634783,"first_seen":"2025-06-17T03:26:22.411468Z","last_seen":"2025-08-22T12:14:36.77011Z","alert_count":0,"request_count":3,"received_data":509363,"sent_data":1763,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"68s8.com","ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2017-04-25","domain_rank":0,"first_seen":"2025-07-25T09:08:28.810877Z","last_seen":"2025-08-19T11:24:40.055066Z","alert_count":0,"request_count":2,"received_data":110347,"sent_data":1053,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"videothumbs.me","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-03-25","domain_rank":57216,"first_seen":"2024-03-25T11:39:58Z","last_seen":"2025-08-21T11:31:44.934903Z","alert_count":0,"request_count":1,"received_data":21640,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-08-21T18:36:11.554763Z","alert_count":0,"request_count":1,"received_data":832,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"0vg9r.com/js/ls.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6784d7271569579cbc7e508fddb3fbb","sha1":"61be0722316952e865893972791486e26961cdda","sha256":"96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01","sha512":"d42027f51f276430f53215a68100fea2106e2c4347a28ebf9fd6e11c7c42fff66c5638f8c5981a0f2a15c3ff8a17ee44c8cc5abfef0ebeeafd2f8d8662f41ce0","ssdeep":"","tlshash":"b841118275e1d9904be004e728b0c002e638992e705d62d0f7b7dd827c9909bcfb57fa","size":2063,"data":"","first_seen":"2023-03-07T12:42:21Z","last_seen":"2026-01-14T01:06:54.841625Z","times_seen":1446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/dnsads.js?dfp=1\u0026ad_code=2\u0026adsrc=3","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"99eccae6afa72c589ae54b5c3890282a","sha1":"0f102f8f5b556635de65d16cf70fa8269c6761b4","sha256":"b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3","sha512":"01bc413c1695c125b8ab111c60974da99989b618fb674631d998db519996966c569503efb97a3c760b50069e87b6b42891985b00c64810a43935ada075a19d24","ssdeep":"","tlshash":"eb8000ee08e2bcbec02c0000000e02a802b00c00a023ac20a00e8e0233e2e20c228c3a","size":38,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-01T22:14:46.458669Z","times_seen":2580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1966170fe92c130b96cd3f54c83985bb","sha1":"0d2aa2177020452908a7f74423e075e8cc1dd416","sha256":"a6dbdb15eef3c8d045464ec8dea5f591ae9af27e9891d114567c6d276a4ddd75","sha512":"f441c3ee2b5897e9c5735099f1461c8b505a7c6d2934246d4a805f8dc88ba48590d8e48e7701250a5220709040280d3d882c26e0ccf1fa202dbe291a073e3c02","ssdeep":"","tlshash":"18c04c17a69cd12ac079a73ac660f0d3792e5478d2529a9d2245392c73472092d814bb","size":146,"data":"","first_seen":"2025-08-25T22:31:32.817148Z","last_seen":"2025-08-25T22:31:32.817148Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8_26/jwplayer.js?v=5.0.2","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f91de142eed44442bad231961488c5d0","sha1":"ea6c79968011a5b59e444d792f7ab048a1f7e31d","sha256":"b3031ee0f2674c203fe1400df12a96148c4bed344553fc9063c3846ba8466295","sha512":"9870ce81ead889f1a2f26abb9bc4cf17d69abba0eadec70d74e299d52791c66ab4b4669f747ef35e429928ed718d09b31ecdefee26fbb7498f694b56fd8ae370","ssdeep":"1536:lrGRl1EevCcKntukU2YYKDjAPkotbKSrvodmBiScMsz1x5rjk0ECjIUMj7DEYR/H:DeQtqR/wooiAUMj7DT9","tlshash":"5fb31ae631c2b4e643e628daa07a4041f23a0545380dc5a4fa6cede63d67947b177fbc","size":111441,"data":"","first_seen":"2024-04-13T15:29:14Z","last_seen":"2026-04-01T21:59:44.486437Z","times_seen":1517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b6d016610b92bc7ef5de1c642f41be2a","sha1":"31dee85e1018d2c345a4d88e51998a7324267173","sha256":"e548a588ea213faca31d41e3d5fda11c99e2a68025ba73b6594d52ea1cb95840","sha512":"289906211ce743e73934d9809528c6b3a74dd09d3636c41a00ba3802777cf544f0ce4b24ab042838c9e75c46e56a9e5ce7e5e4d6205319bc717ba150b2a3286d","ssdeep":"384:+v0a/K7iYFRdYtL0s0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMOY:+K72L+Q80GaIoQPzahq/AMOY","tlshash":"9dc2e5a7321eb91a8719626110ef2ec5a2cc48c4708f1b7ce724e53674d763485ebef8","size":27955,"data":"","first_seen":"2025-05-08T21:35:16.086129Z","last_seen":"2025-10-04T13:40:50.695387Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8_26/jwplayer.core.controls.js?v=2","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fee77850b6b254569cf03f43a4dfdde4","sha1":"35841d306d3404fbef6825371ffdbcd992ade913","sha256":"50b22ddf7e9cf49716e33660cc9de3c2bbf3cb90f203d8af93810f8f97bdee3f","sha512":"84d9c23a355b9aa6e6d37f4e4090a41a250499a6c3bb8d5808fa2851a376edfe71d7f1d3d35f658266299339ae88c85fc478a820014c19eeed4e026b4cdab683","ssdeep":"3072:wKH7nFuhglX/qZ3ux2wI9Y7J+3qbOXUvDY6MnJMyXR286CcYZ6mfjq:vHxA4/qZ3V3Y7J+30Y6MnJt2lSZ6mfjq","tlshash":"7d641832214256359aea82da76514604b3398085f516cfacff2ceddd4c6e8cb31f6bb4","size":326903,"data":"","first_seen":"2024-03-12T19:48:43Z","last_seen":"2026-04-01T21:59:44.373638Z","times_seen":1791,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"68s8.com/5/9254409","fqdn":"68s8.com","domain":"68s8.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"534d5052b15cceb855faf20e2b8f93ad","sha1":"1f66e98b9da1fca0437951372adac746b7ec40b3","sha256":"e651562703af5a97a21168001b2a9b0fc4ed98df4d02dd7f5b6b8fc2b8c29baf","sha512":"e3b25a38195e6cd404d09cbfdae4f63b2d1396094fd9abca9ce538f0f9c363cf7ccfe12894ea8dd4e5082ba0467e4f9d27f0edcf731fed369ef68409744e7854","ssdeep":"1536:T4jR7EZ28C3lW52ndsfSVz8ObHOwGquSLAryY1x0763:EjRYlAdsg8eOvfOY1xK63","tlshash":"a5b32c98626734b15d66803c345fc94dafe6af60044e48e4d0eaac737617074d3bbee9","size":108291,"data":"","first_seen":"2025-08-25T22:31:32.795385Z","last_seen":"2025-08-25T22:31:32.795385Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/xupload.js?v=3","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"200f7636e884860eed563210f5125c16","sha1":"3312a1318afed0df1fa4a93cac2016165c651f28","sha256":"01cd57ece4bf51c9db1a880a36145f8bda86634cf6b0cb69e6f9e7f187c107bd","sha512":"4d595766d559a98fd568a0d9c6cd416433d0040cf58c53882979173a06d8fb83d8d4b85fb4f17295564415e25542cb574baafeb8fa45fde4b4912b111a57622f","ssdeep":"192:INTUEE9YGs1axsrl6IsZWnrbll621w+4UWdRebMQ4WdReDyYQaQv7OsaaFg+Bnqa:aTfy+tBlV9GRebVReDyYS7OsaaF10fWd","tlshash":"2732664abaa379912a7730390bbf52043b398407104ada54bd5cd6c4af8452897ffbfd","size":11090,"data":"","first_seen":"2025-04-01T07:40:59.757125Z","last_seen":"2026-01-14T01:06:54.851265Z","times_seen":891,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4f98cf8486a8beb4d2d271b8e9304216","sha1":"112dd81cdd24e37a4554c9a5c5327b30a476acf8","sha256":"77b18c051d8450512853f4643dd7ac0e4c3205b7ec4cd1373ca5ad0dd2f470c3","sha512":"110b22e3e2f501f3dcc8f1dea02efaaa338ae6379f15907e15301de227279570bd997c4dbdb46e3c8814dd61779303c6fd26b9c0dfe53f3a733c1379da5e85aa","ssdeep":"","tlshash":"ca90003208200280ae2c0a20200aa0888820ae3b232208a28bb20a0a08088a0028cbe2","size":43,"data":"","first_seen":"2023-03-08T08:46:55Z","last_seen":"2026-04-01T21:59:44.549375Z","times_seen":1567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d882b49167571a8dc4de310e0b2e623d","sha1":"426f496e1155dfab34840a7a467866838448c8d0","sha256":"6dc67eafa621e57610ed67c02b1c0c5532e495dfe555dcade99fb81b6744899b","sha512":"aef46b85426812f38eb29a030e1f82d73c053df2d2d9077eb0563f9906353228fd5ffec1d5afc12a76b564031171bf2ec78c994b883ebed865ebe5aad64fc674","ssdeep":"","tlshash":"e3c02b64e22c32c038bfe310486beb2c7503a5337f4b4e54196954aa2c2cd3b705b9f9","size":154,"data":"","first_seen":"2023-03-08T08:46:55Z","last_seen":"2026-04-01T21:59:44.591715Z","times_seen":1555,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d5f2dfc871117e44264ee487d8e08e03","sha1":"84df50deb1da07577c6308d6229b6838977355ca","sha256":"1d38267e6325306a1b5993faaf6250de6fdcffe27bd9a654895482f7662cab0d","sha512":"1507e457223f7d9e4236fc7b490a455e470aea75c55eb5ecd08e819e01c0e7722e0282e865d96d806c6ba65a6f62d53d32453633689c4f4afb8f8c506befb41a","ssdeep":"","tlshash":"e83155b63128347882f5166f7cbb664df07756512d1e9080905ce4643828f79f6334ce","size":1529,"data":"","first_seen":"2025-01-25T03:50:38.139741Z","last_seen":"2026-04-01T21:59:44.620656Z","times_seen":1082,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8_26/provider.hlsjs.js?v=2","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f95e38aa7bb0943693b51bd6a7deed0","sha1":"26c89f76894108f76ad23af32ecc6b1e708993ba","sha256":"1b1263b7061aaca7fe0b69168b16cb2401a7fe2ada08ccfdd373ee06c7d125b1","sha512":"664696a45bacbf3ee40fe544f92104f568b10a6cffb6a3fffa9afe351294d00dc0a1883d50cc799a1b1dba0fd00797047729670ee72c19cf0e302539fe63b075","ssdeep":"6144:GCXemC8LqtXLauG9L2aEyflDc2iGLY6I2KlqJxRC9i5q9GYqT:1MXxG9L2By5cbOYRqJxRCG","tlshash":"36943bed7795a02642c2a1a5903f4617633b7d0a3409c1bcfa2be9d75db8849b03bf74","size":422959,"data":"","first_seen":"2024-04-13T15:29:15Z","last_seen":"2026-04-01T21:59:44.278304Z","times_seen":1504,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2441b457bf4668ef3910ccb726f164ac","sha1":"fcce0999c3c9b69c46fea79a844323465724cc4a","sha256":"5444217e0909c0ab459fe160a7321d9409848e982bc0980d9fc7133df21120fb","sha512":"4160e68fdc7dc475c315be573a7ff3bab20af538ec26f04acd91b2de0d16786f1aad88ca78c4baf8d726ca07de44027650a35ae4e64bd49d891e3521a19116da","ssdeep":"1536:T4jR7EZ28C3lW52ndsfSVz8ObHOwGquSLAryY1x076aD:EjRYlAdsg8eOvfOY1xK6aD","tlshash":"28b32b9462a234b05d66813c385fc54dafe7afa0004e49e4d4eaac737617074d3bbee9","size":113423,"data":"","first_seen":"2025-08-25T22:31:32.822876Z","last_seen":"2025-08-25T22:31:32.822876Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/jquery.cookie.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","size":4331,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T14:58:36.908103Z","times_seen":4342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/jquery.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T19:30:55.929495Z","times_seen":444585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"47a7df3210911e27dfdc28583faa9264","sha1":"fb289b528d31f67e951e5415dd4e0cfca739b654","sha256":"f46f00646225f54664e4d7bb625fb06dbcfc86904826cd3382efa56c4d524ddc","sha512":"c6430fbeb6dc94e8b607f85825c3aa2b6486101fe3df10da8031dc7577bebdab521a32188470000a00d165a87657a8956349684e4ccc1a332b14f4d66f8c08cf","ssdeep":"","tlshash":"a3a002a81264d1729c5915dea80a854c3618b561875976465763b924954c2520274d28","size":60,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-02-10T10:28:48.923754Z","times_seen":1349,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fca43007e53c5fa42918a7a4ef6e66d5","sha1":"a4d9870c87d08df2f896a34dc0c14f6d8b75fb79","sha256":"c060ba0c826f33cc7211988b48f89e27b7d5d210ceaf42c82b3ca72669001ab3","sha512":"83ac1f18d1318489f3a6479e498af2d7b67452b6086aa7d4a2c435e925bb0b9583c07aff5dd28bba35823f85668a4c01f1f4afe5209ea67c85dd63ac9240e5dc","ssdeep":"192:uJ1ujKWJMcIHlIfhzLuyb+q8Y186w9hphmpW:uSjKWIHlIpzLuQ+q8086Ahphmg","tlshash":"1002085ee9941c3bc6b311f87e533104223b8e51ddaccac8f0b2558815b959231bfe8d","size":8318,"data":"","first_seen":"2025-08-25T22:31:32.826048Z","last_seen":"2025-08-25T22:31:32.826048Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/bafsd.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2432aca90e92e0370d2ded2545eb1fa","sha1":"8f1ae40f7dc9c4ccfcb91d04530a1f072e9d06eb","sha256":"89c40275bddb7257d519bda010de1c4df70a30b5f84be325f2ae53168f276cb5","sha512":"7278ab65bac73bbba9750c49161c677ad6d98d8d16f5f692a3b19e99423c2b32a9785a1bd4045321f4ffd0cf3c6270e5fe4b4ab1cc7bbe4f7cdfc3c40bb3f373","ssdeep":"192:Tb2KC3RtGFnoYcAb/XkLM17rbN5rYrWcYYgC/55wJjJUjfQFU75+xCj+8NcC+5wK:WLsrqh56lUb4kochTK","tlshash":"a852428b738da2be86fa33e4c43f2494e97ed272c115c4fab5b58a801d90815c397d79","size":13706,"data":"","first_seen":"2024-10-04T15:55:15Z","last_seen":"2026-04-01T21:59:44.382066Z","times_seen":1309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5fa693a91b22226d99147371cf609069","sha1":"6a176e7a45305dbcc8137ee8e79c7986d0ee9a7f","sha256":"500703d3c7abbc13ea5de38e3c175b0bb019a8ab3e95de1d7f00b938728aed81","sha512":"495f00b6f18096bc8b72b1e15b761004fa1a1a762c447e23596fe474711f238a1272d44a412c64b41f2d8f2935c43fe34bac907bf3d3fae210d0506a868f5e49","ssdeep":"96:xdXJPx8Zi2AeodPtKZG+GWGA+cbSrBQ/f7wlGwJDMkv4vQIzJYhPee+rhLjqbiO9:xbDdcyUtnkJDMkv4vpJkn+AGB9W","tlshash":"b8e1191e784b1c135e7519ac110f7205679a2d13be288120f6b6e5cb7bd6b81b2f72e8","size":6960,"data":"","first_seen":"2025-08-25T22:31:32.82873Z","last_seen":"2025-08-25T22:31:32.82873Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8/vast.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cd85ca1814c3fd976764bf6b83b989d","sha1":"90e931622205c6adfbc75cfe681563a127580f05","sha256":"2e4fe3d8b3565a3f8b5ec0ecfe0e5f26a756401b6847dd475327793da41897f5","sha512":"79ef69e9df2dc8184962724bf27bffca5a509c89d5e9a9ae8f350b1f2291a4851b7ce31b2649f2678097e92559cd4f31344b4996f7abf1c0fcd7af71a0a3cc7b","ssdeep":"1536:clcxhF+/+IrkRT+N+uD9CwS65+sDS0VjE3vuV1WuSpimRmmy/k0xeo+egJvLc9gD:cSpuD9CG05Vh6gV5hQfs","tlshash":"8da3a78e7395b52146d2a0b8603f01067337160f680e826cf56aedea5c7da4e727bf74","size":107114,"data":"","first_seen":"2023-09-18T06:50:32Z","last_seen":"2026-01-17T22:53:50.787658Z","times_seen":1185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f31dac1ad7ca317817de40eff5863061","sha1":"d7129254428bcb70e1e0b2429634ece026b9452d","sha256":"42e94bb654937e9c70b62f6e7693d786fd1cf3afa85e499bac19cc74f228bb1c","sha512":"aae7523261d66e79367aeda15999c158f93f7da72e21112bd5f8d00a273b5ab669ada865efa4dd89818ee8feb8c9d29b28ba8b3524c3dbb266e683fe73ca2b77","ssdeep":"","tlshash":"09c080c0e5641bb013f554d52f06de02e2d555a94ef420a35338154da7839cfe6451e5","size":172,"data":"","first_seen":"2025-08-25T22:31:32.832132Z","last_seen":"2025-08-25T22:31:32.832132Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"jodqvcjfsmnaiil.com/","fqdn":"jodqvcjfsmnaiil.com","domain":"jodqvcjfsmnaiil.com","tld":"com"},"ip":{"addr":"139.45.197.165","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"jodqvcjfsmnaiil.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 11:08:32 GMT","end":"Sat, 22 Nov 2025 11:08:31 GMT"},"fingerprint":{"sha1":"91:77:F6:06:8D:A3:DB:48:67:F1:38:CD:A2:0E:12:DA:58:61:12:F5","sha256":"72:10:5B:DC:43:57:03:FE:7C:17:02:59:8E:5D:18:E2:2E:36:02:6A:52:CD:70:EA:EC:2B:F1:2B:E8:81:0C:29"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: jodqvcjfsmnaiil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/html\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:04 GMT\r\ncontent-type: text/html\r\nx-t39r25a54c24e83-54i12d81: 00000000000000000000000000000000\r\nvary: Accept-Encoding, Origin\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname\r\naccess-control-allow-credentials: true\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\ntiming-allow-origin: *\r\nx-application-key: b6faRhm9E4wkylrzeyj4\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-25","alert":"Sinkholed","trigger":"jodqvcjfsmnaiil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/adcgi?id=13992772","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /adcgi?id=13992772 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nlast-modified: Fri, 24 Jan 2025 17:58:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=leZabJDCz%2FGhaTpBPTCpDUM1zX4NUx2frpYvC5asJCeuOepHcfdQu5%2Bx8M9Y93k2oSAa0N0ohE6y76k804LTi%2Bksdf0jajM%3D\"}]}\r\ncf-ray: 974e899d79a156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2047,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"78598915b8026c43308f5937da5c2e3e","sha1":"2423083b2bfdfde76ba2079493f33d58097f05cf","sha256":"b381f11049433f95c1fa966ba65661e7905b58e240ada758a49ab86dc7f86f27","sha512":"37d6d32c9840e601b8c561e63b54c3adc5a38cd3e2d6fb91068f176879a0a16ddc0a2f22c48d5d9a2babbaf64c3f4b523b8a02bad48a758c42995f5756fb0e93","ssdeep":"","tlshash":"c64104151cc0942503327366aa17b294f142e11bcb06af503dddd29b2fb1a898d73dda","first_seen":"2025-02-01T20:10:50.054059Z","last_seen":"2026-01-14T01:06:54.864301Z","times_seen":799,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shaglurdoa.net/wrr?z=9254412\u0026p_rid=70500dad-d018-4be6-aa02-184769dd9312\u0026rb=WDZrdr1pZ9Eq29T5dynF1JC084POQOpG6ga5vMea5vJ6SeGQnjXy6wylmk2wfShIhJJw4LwYikxm-t9IP1NGZiWK26x8dEpZm3a7fBsROblJBu7Ixuxqb9A5idDGz3RHD82qiS7hOFDoMX289cEtZpMzcOPWYAapzarZgcLcfk4pmhzkIMNv8h5GVc9_41ya11sREXz5RlNuSBttZGjr4i3JwTeyey-UHbeZTLaDhj0KNngnQyanvspyw9h_XV3FWpldMmkY36RBn1qhlAJm1Bvzj4MG88YLfVO4dwMMNyk=\u0026dmn=\u0026userId=080230b814224d2ff0ec87baad9ae153","fqdn":"shaglurdoa.net","domain":"shaglurdoa.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:14.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"shaglurdoa.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 Aug 2025 06:08:13 GMT","end":"Sun, 23 Nov 2025 06:08:12 GMT"},"fingerprint":{"sha1":"DF:94:41:84:36:A6:51:A9:FF:8B:3D:C0:C5:DF:42:47:E0:B5:5A:DC","sha256":"EC:D1:C5:3E:8D:CC:97:36:02:32:79:52:48:5A:4A:58:41:DA:E3:E2:FC:16:E5:A8:F7:98:76:59:0D:EB:F2:E7"}}},"request":{"raw":"OPTIONS /wrr?z=9254412\u0026p_rid=70500dad-d018-4be6-aa02-184769dd9312\u0026rb=WDZrdr1pZ9Eq29T5dynF1JC084POQOpG6ga5vMea5vJ6SeGQnjXy6wylmk2wfShIhJJw4LwYikxm-t9IP1NGZiWK26x8dEpZm3a7fBsROblJBu7Ixuxqb9A5idDGz3RHD82qiS7hOFDoMX289cEtZpMzcOPWYAapzarZgcLcfk4pmhzkIMNv8h5GVc9_41ya11sREXz5RlNuSBttZGjr4i3JwTeyey-UHbeZTLaDhj0KNngnQyanvspyw9h_XV3FWpldMmkY36RBn1qhlAJm1Bvzj4MG88YLfVO4dwMMNyk=\u0026dmn=\u0026userId=080230b814224d2ff0ec87baad9ae153 HTTP/1.1\r\nHost: shaglurdoa.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://0vg9r.com/\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:14 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-25T22:31:02.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /bkg/c5ketf6pqcgf?ref=freudx.xyz HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 24 Aug 2025 22:31:02 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wZOFbz3C8IEctFI5frCPbLuiZAKTXI3WihUeQsVGWLhGwkGGePQcLy8ruTE2jnVTl07GMZNIfW8lwyapdEG1VzOp20N2%2Bhs%3D\"}]}\r\ncontent-encoding: br\r\nset-cookie: lang=1; HttpOnly; Path=/; Domain=0vg9r.com\r\ncf-ray: 974e89921e7e568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38583,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (28020)","md5":"1b937891217c25ab1272120c83161da6","sha1":"da4702e68d3d1dbbb149b416fd44c4c119f1a91c","sha256":"b00d6732ba17e452b085dc20fcec43c49fad198067979c9c8d8822619bb0bcaa","sha512":"84b20220a0f596ad4d3351c3ba664598ea5eb02d3cdbccb17c1ef3ab2a25165e0c7456ae7b3689e062c5ba1812cd8b2606349357a843dce8b3db06dd3817574b","ssdeep":"768:enqBl+1K72L+Q80GaIoQPzahq/AMOhSPnDkr:eqBl+I72jGI7MOhSPDS","tlshash":"110349ab351fb8078b29217450af2985e2cd48c1754f4a78f364e42635d7a3481fbef8","first_seen":"2025-08-25T22:31:32.784699Z","last_seen":"2025-08-25T22:31:32.784699Z","times_seen":1,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":38,"dns":20,"connect":1,"send":0,"wait":300,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/xupload.js?v=3","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /js/xupload.js?v=3 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 27 Mar 2025 07:57:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r5p%2BYFkxYqa1SJTA6qeeaB%2Bltij7zKfuYEzwyCZv8N7XC4FxPQjjPtF7Sxp4BgSnLtTZnir1Y%2FXjIB2dI53TTAsvH6GF%2FVs%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"67e504f8-2b52\"\r\ncf-ray: 974e8995995d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11090,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"200f7636e884860eed563210f5125c16","sha1":"3312a1318afed0df1fa4a93cac2016165c651f28","sha256":"01cd57ece4bf51c9db1a880a36145f8bda86634cf6b0cb69e6f9e7f187c107bd","sha512":"4d595766d559a98fd568a0d9c6cd416433d0040cf58c53882979173a06d8fb83d8d4b85fb4f17295564415e25542cb574baafeb8fa45fde4b4912b111a57622f","ssdeep":"192:INTUEE9YGs1axsrl6IsZWnrbll621w+4UWdRebMQ4WdReDyYQaQv7OsaaFg+Bnqa:aTfy+tBlV9GRebVReDyYS7OsaaF10fWd","tlshash":"2732664abaa379912a7730390bbf52043b398407104ada54bd5cd6c4af8452897ffbfd","first_seen":"2025-04-01T07:40:59.757125Z","last_seen":"2026-01-14T01:06:54.851265Z","times_seen":891,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be7713.rcr82.waw05.i8yz83pn.com/hls2/03/09726/c5ketf6pqcgf_h/master.m3u8?t=A3RqAH6QOQIdt-1Ncj0BRn5iZrmUCVRJdkDrTf3qbmc\u0026s=1756161062\u0026e=10800\u0026f=48631056\u0026srv=1060\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"be7713.rcr82.waw05.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.248.170.67","port":443,"asn":43668,"as":"as43668 LLC","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"be7713.rcr82.waw05.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 20:47:11 GMT","end":"Thu, 06 Nov 2025 20:47:10 GMT"},"fingerprint":{"sha1":"77:B6:E8:86:DA:28:B5:A8:B2:43:95:7A:86:CA:C9:1A:97:CC:84:5C","sha256":"C3:79:97:7B:81:4D:9D:2D:32:87:B6:40:EA:48:40:0E:4E:8A:0B:8A:AB:A8:E8:C2:FF:FB:53:C3:F0:FB:06:5A"}}},"request":{"raw":"GET /hls2/03/09726/c5ketf6pqcgf_h/master.m3u8?t=A3RqAH6QOQIdt-1Ncj0BRn5iZrmUCVRJdkDrTf3qbmc\u0026s=1756161062\u0026e=10800\u0026f=48631056\u0026srv=1060\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: be7713.rcr82.waw05.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 25 Aug 2025 22:31:03 GMT\r\nContent-Type: application/vnd.apple.mpegurl\r\nLast-Modified: Mon, 25 Aug 2025 22:31:03 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 28 Aug 2025 22:31:03 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: BYPASS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":606,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"19e754341b9399c7e4c9d8df6e7c760f","sha1":"1e37317a9891edfffc7fe746be6e074ca5226f18","sha256":"4d694ec85eaace5a6983dc99f60ee3a56d16d1cbbdce1b3ea00a56e7e13ac319","sha512":"4e809d40a31f25947d68f0b91a51e72fa5dc982959910ed07c0f584dda6b279aa037fea87bf04ae2cd7de85a596d650b5f8d4f8d13418c552f1eac338c9453f2","ssdeep":"","tlshash":"3df0ddeb59baac68caa0cc5003a83c0a7c06eacc68c850e9e1d4078617c3d25347dda4","first_seen":"2025-08-25T22:31:32.789434Z","last_seen":"2025-08-25T22:31:32.789434Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":78,"dns":26,"connect":15,"send":0,"wait":56,"receive":1,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be7713.rcr82.waw05.i8yz83pn.com/hls2/03/09726/c5ketf6pqcgf_h/index-v1-a1.m3u8?t=A3RqAH6QOQIdt-1Ncj0BRn5iZrmUCVRJdkDrTf3qbmc\u0026s=1756161062\u0026e=10800\u0026f=48631056\u0026srv=1060\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"be7713.rcr82.waw05.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.248.170.67","port":443,"asn":43668,"as":"as43668 LLC","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"be7713.rcr82.waw05.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 20:47:11 GMT","end":"Thu, 06 Nov 2025 20:47:10 GMT"},"fingerprint":{"sha1":"77:B6:E8:86:DA:28:B5:A8:B2:43:95:7A:86:CA:C9:1A:97:CC:84:5C","sha256":"C3:79:97:7B:81:4D:9D:2D:32:87:B6:40:EA:48:40:0E:4E:8A:0B:8A:AB:A8:E8:C2:FF:FB:53:C3:F0:FB:06:5A"}}},"request":{"raw":"GET /hls2/03/09726/c5ketf6pqcgf_h/index-v1-a1.m3u8?t=A3RqAH6QOQIdt-1Ncj0BRn5iZrmUCVRJdkDrTf3qbmc\u0026s=1756161062\u0026e=10800\u0026f=48631056\u0026srv=1060\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: be7713.rcr82.waw05.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 25 Aug 2025 22:31:04 GMT\r\nContent-Type: application/vnd.apple.mpegurl\r\nLast-Modified: Mon, 25 Aug 2025 22:31:04 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 28 Aug 2025 22:31:04 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: BYPASS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68068,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"d189b05aff1a8a23a77fe794959ea1db","sha1":"522044102eaa7194e029c9af35d9f9a55b54db0d","sha256":"d49ac735ec6a7908e73dfd3ef86d03db33e0cafbdcfa0e8b2b65c792d4c4c23a","sha512":"bae19877098e2b26392b7096aba82aa044a957e4a4a7e9b0cd17d5fd4f400bf2c6a5ef78a84b90fff4659fbb6df8c30174f0e05ee42b46d9193be3ad3a8d19a7","ssdeep":"192:ThKkiEf2RgbC2fgRKDElOuiTa1UvGhwrSkFqjAxW/89xA/WFkjqpY6z0VmPQByLs:TLitYsf","tlshash":"e263ddeb5af26c98cbe8cc51477478476813fecdacd920e9c25007863bd2a65356cee4","first_seen":"2025-08-25T22:31:32.792494Z","last_seen":"2025-08-25T22:31:32.792494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"68s8.com/5/9254409","fqdn":"68s8.com","domain":"68s8.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"68s8.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 07 Jul 2025 08:29:13 GMT","end":"Sun, 05 Oct 2025 08:29:12 GMT"},"fingerprint":{"sha1":"0E:7B:0D:CB:11:F3:2A:75:8A:30:D8:A9:A2:4D:DC:C7:35:3A:3D:2D","sha256":"1F:D3:18:3C:13:0C:37:78:90:D5:B2:15:23:B2:92:4A:72:8F:C8:B9:80:ED:46:BE:43:2D:2D:A6:63:E9:18:41"}}},"request":{"raw":"GET /5/9254409 HTTP/1.1\r\nHost: 68s8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:04 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 4d33f376a52ba5b656e6c1c3f186acf3\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=\"preconnect dns-prefetch\"\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\nset-cookie: OAID=0082309255784ea7f13b786f87bb2304; expires=Tue, 25 Aug 2026 22:31:04 GMT; path=/; secure; SameSite=None\noaidts=1756161064; expires=Tue, 25 Aug 2026 22:31:04 GMT; path=/; secure; SameSite=None\nsyncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108291,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"534d5052b15cceb855faf20e2b8f93ad","sha1":"1f66e98b9da1fca0437951372adac746b7ec40b3","sha256":"e651562703af5a97a21168001b2a9b0fc4ed98df4d02dd7f5b6b8fc2b8c29baf","sha512":"e3b25a38195e6cd404d09cbfdae4f63b2d1396094fd9abca9ce538f0f9c363cf7ccfe12894ea8dd4e5082ba0467e4f9d27f0edcf731fed369ef68409744e7854","ssdeep":"1536:T4jR7EZ28C3lW52ndsfSVz8ObHOwGquSLAryY1x0763:EjRYlAdsg8eOvfOY1xK63","tlshash":"a5b32c98626734b15d66803c345fc94dafe6af60044e48e4d0eaac737617074d3bbee9","first_seen":"2025-08-25T22:31:32.795385Z","last_seen":"2025-08-25T22:31:32.795385Z","times_seen":1,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":111,"dns":27,"connect":26,"send":0,"wait":56,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jodqvcjfsmnaiil.com/","fqdn":"jodqvcjfsmnaiil.com","domain":"jodqvcjfsmnaiil.com","tld":"com"},"ip":{"addr":"139.45.197.165","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:13.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"jodqvcjfsmnaiil.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 11:08:32 GMT","end":"Sat, 22 Nov 2025 11:08:31 GMT"},"fingerprint":{"sha1":"91:77:F6:06:8D:A3:DB:48:67:F1:38:CD:A2:0E:12:DA:58:61:12:F5","sha256":"72:10:5B:DC:43:57:03:FE:7C:17:02:59:8E:5D:18:E2:2E:36:02:6A:52:CD:70:EA:EC:2B:F1:2B:E8:81:0C:29"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: jodqvcjfsmnaiil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:13 GMT\r\ncontent-type: text/html\r\nx-t20r26a97c86e26-37i61d92: 00000000000000000000000000000000\r\nvary: Accept-Encoding, Origin\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname\r\naccess-control-allow-credentials: true\r\npragma: no-cache\r\ntiming-allow-origin: *\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nx-application-key: 5foiemiy2qM0c7Acwbyomkd568\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-25","alert":"Sinkholed","trigger":"jodqvcjfsmnaiil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/jquery.cookie.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Tue, 31 May 2011 12:53:56 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kd7uDSR9%2B3KrR9Bot69zEnIIqee1GfWWGrTVvvso%2F2i1X3JxHbW4m2423enqzxNXoqRpxwKb6Aj0VjrS%2BK%2FaQYEDZIzLUOM%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"4de4e4e4-10eb\"\r\ncf-ray: 974e8995995e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4331,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T14:58:36.908103Z","times_seen":4342,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"videothumbs.me/c5ketf6pqcgf.jpg","fqdn":"videothumbs.me","domain":"videothumbs.me","tld":"me"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videothumbs.me","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 10 Jul 2025 10:56:13 GMT","end":"Wed, 08 Oct 2025 11:53:46 GMT"},"fingerprint":{"sha1":"CD:93:8C:06:EC:14:46:94:EF:2C:2F:25:E0:51:FE:B4:21:22:67:73","sha256":"06:36:1F:78:0C:91:72:44:3B:48:10:13:BD:1B:A8:12:7B:6E:5D:3E:9E:BF:BE:45:47:19:F4:90:08:C1:B5:67"}}},"request":{"raw":"GET /c5ketf6pqcgf.jpg HTTP/1.1\r\nHost: videothumbs.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 Aug 2025 22:31:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20924\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 20 Aug 2025 14:38:39 GMT\r\netag: \"68a5ddef-51bc\"\r\nexpires: Mon, 08 Sep 2025 22:31:04 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QmmteLS%2B%2FMuU5ZFBIhKQ%2FEs2rlJRaWmrPc2iV2r3UMjWlitivVM9nHTUDq3ivcRh4uq4OW3FX9zcHXg2b%2ByZ%2BMtwGXAzdIVY%2Fc8uqQ%3D%3D\"}]}\r\ncf-ray: 974e8998abc156a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20924,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: \"Lavc59.32.100\", baseline, precision 8, 720x405, components 3","md5":"7e6160f8a5c712c8978e1971155f4366","sha1":"fb1dbe680bc520f9e2c8971324b751854897def1","sha256":"e0ae24dd6ce3a884f16b906c3edbb8eea416f808f13074bc608567529a6726cb","sha512":"2583c2573d5de34d0de64a4f831d2fb6e0a88ec8b472e463337ee527110252271475ae4ecd6c012603021563a77b9eb3e55d28be6f15b84188822293a696e78a","ssdeep":"384:3qGy+rdW+S324NfUHRLQtopL1mNT+QsXR7ueK9rdD/YTxx9Y:11rdmqHIopZmt+Qsh79K9rdTqxxG","tlshash":"4b92d08238af71f7ff54227aadc59d8270d6aae9790e49042fdf0b3d940063c3658758","first_seen":"2025-08-25T22:31:32.798761Z","last_seen":"2025-08-25T22:31:32.798761Z","times_seen":1,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":41,"dns":21,"connect":1,"send":0,"wait":264,"receive":30,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/css/main.css?v=4","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /css/main.css?v=4 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 26 Sep 2024 18:06:54 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YqrdOMXnJkUIlmwiieBiFTxXXNaP81YkfC5%2FfUbJrEZFD%2BHoivUT5hZvUhXtWv8LDqV4SvNORE2E5mvnt%2FqUs2fvFNAmnZ8%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"66f5a2be-c03c\"\r\ncf-ray: 974e8995995b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49212,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"5a72a30cb5e2721cf7e36ebd9846a4f6","sha1":"c03db81b75b19f829201db0d01d66ef189b8180a","sha256":"b0341644a22e09291520c4c51eac70ed71928ee3066f40fcff257c582afac3b1","sha512":"c14c1a55a29794083074096e789e74d3a3e875b03f6839258add2a90832077bd2cbf6e42f122658250c73865190d8bd6d16cd102699dba9624cf7288742d4ff8","ssdeep":"1536:AQV8FxnYgpAry26YsRwq9AOOGvC4DONcY63Rz:AQVMxnYxy26/AOOkHRz","tlshash":"6e239522a7812c0cf06bd1b67d6197d6233e4053d92b1f7c7ab93578c28e4e85173b9a","first_seen":"2024-09-28T17:15:41Z","last_seen":"2026-01-14T01:06:54.856866Z","times_seen":960,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/ls.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /js/ls.js HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Feb 2023 11:28:54 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yAuv5YzV5j2uCjEWhsrsx3B%2FRPsVpMR4mcP7jM58wCQ%2FVq6%2BrdEPHu46ez6raN4hrhDZNo5jjbzHeWmI1ufRENzga6PCP8w%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"63eb7076-80f\"\r\ncf-ray: 974e8995a95f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2063,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2063), with no line terminators","md5":"f6784d7271569579cbc7e508fddb3fbb","sha1":"61be0722316952e865893972791486e26961cdda","sha256":"96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01","sha512":"d42027f51f276430f53215a68100fea2106e2c4347a28ebf9fd6e11c7c42fff66c5638f8c5981a0f2a15c3ff8a17ee44c8cc5abfef0ebeeafd2f8d8662f41ce0","ssdeep":"","tlshash":"b841118275e1d9904be004e728b0c002e638992e705d62d0f7b7dd827c9909bcfb57fa","first_seen":"2023-03-07T12:42:21Z","last_seen":"2026-01-14T01:06:54.841625Z","times_seen":1446,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Jun 2025 12:11:05 GMT","end":"Sun, 28 Sep 2025 13:11:03 GMT"},"fingerprint":{"sha1":"89:E0:23:FC:5B:0F:07:0F:7E:EC:B8:4F:B5:1D:3B:1F:6B:5C:22:0B","sha256":"66:DE:FF:43:09:A3:D6:B0:70:4E:47:82:C8:66:35:42:25:2E:23:CA:5A:1A:CF:A3:1E:23:A0:0E:D3:E3:95:95"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 Aug 2025 22:31:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=080230b814224d2ff0ec87baad9ae153; expires=Tue, 25 Aug 2026 22:31:04 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 974e899db8e3568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"196f57fc78f47dddc6a9bf6cac4233f3","sha1":"6c2244ac7682adc143e5c7cb2fa007ccccbd9e48","sha256":"c2d8fb6b5e972edd60630e02eb3e755109778f95a480873b419e39102446e4d8","sha512":"ec60b1746c23bc7ed5413d41af49f7bf2c396510bc04872ea611615f8371c5be4a25a312861d0d072e07319eb708995b9b77e0d15b61971f9eed6e63d0cf4bf2","ssdeep":"","tlshash":"9fa002d009bc09874081e56a7f9fcb51924010526915b65ac9d7c1173286bdd9d85266","first_seen":"2025-08-25T22:31:32.803016Z","last_seen":"2025-08-25T22:31:32.803016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":41,"dns":20,"connect":1,"send":0,"wait":53,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"68s8.com/5/9254409/?abt_opts=1\u0026js_build=iclick-v1.1548.0\u0026userId=080230b814224d2ff0ec87baad9ae153\u0026dmn=68s8.com\u0026tt=2\u0026ix=0","fqdn":"68s8.com","domain":"68s8.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:05.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"68s8.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Mon, 07 Jul 2025 08:29:13 GMT","end":"Sun, 05 Oct 2025 08:29:12 GMT"},"fingerprint":{"sha1":"0E:7B:0D:CB:11:F3:2A:75:8A:30:D8:A9:A2:4D:DC:C7:35:3A:3D:2D","sha256":"1F:D3:18:3C:13:0C:37:78:90:D5:B2:15:23:B2:92:4A:72:8F:C8:B9:80:ED:46:BE:43:2D:2D:A6:63:E9:18:41"}}},"request":{"raw":"POST /5/9254409/?abt_opts=1\u0026js_build=iclick-v1.1548.0\u0026userId=080230b814224d2ff0ec87baad9ae153\u0026dmn=68s8.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: 68s8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2629\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nCookie: OAID=0082309255784ea7f13b786f87bb2304; oaidts=1756161064\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:05 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filemoon.to/assets/images/favicon/apple-touch-icon.png","fqdn":"filemoon.to","domain":"filemoon.to","tld":"to"},"ip":{"addr":"186.2.165.35","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mobile-detect-modernizr.filemoon.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:59:49 GMT","end":"Mon, 27 Oct 2025 02:59:48 GMT"},"fingerprint":{"sha1":"DF:D9:2D:8F:D9:5C:09:CF:58:97:C9:A8:65:7F:61:1E:65:0D:F9:1E","sha256":"77:2C:3D:04:C0:DF:50:0C:99:B0:1B:7C:1D:2D:C7:58:30:62:3F:8F:64:A7:E1:80:6A:0C:86:13:C2:08:04:03"}}},"request":{"raw":"GET /assets/images/favicon/apple-touch-icon.png HTTP/1.1\r\nHost: filemoon.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=EbEqoWPtQMkFZci9; Domain=.filemoon.to; Path=/; Expires=Mon, 25-Aug-2025 22:51:03 GMT\n__ddg10_=1756161063; Domain=.filemoon.to; Path=/; Expires=Mon, 25-Aug-2025 22:51:03 GMT\n__ddg9_=91.90.42.154; Domain=.filemoon.to; Path=/; Expires=Mon, 25-Aug-2025 22:51:03 GMT\n__ddg1_=aioAnDaM0zKYzMJVzMCn; Domain=.filemoon.to; HttpOnly; Path=/; Expires=Tue, 25-Aug-2026 22:31:03 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Wed, 20 Aug 2025 10:26:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 14840\r\nlast-modified: Thu, 07 Apr 2022 13:15:48 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"624ee404-39f8\"\r\nexpires: Sat, 23 Aug 2025 02:15:00 GMT\r\nage: 475448\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":14840,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 158, 8-bit/color RGBA, non-interlaced","md5":"89a3d82162fc1f11d1ffa5bd73ecff9a","sha1":"6765810ff0ee7f8c1c5d9b1f419616cc9ce500c8","sha256":"83e21507727c12df8021db54c02a2bdd8fcaf54409e9dfd575c955698bcecbd0","sha512":"53c92200497794173093726d51103622cb9fb6cb286a5aaf5febcc53cfd7831f9023d014f5b726177d6bcb27f90a0617695bb7ccf0694a0165c114506c53f4a6","ssdeep":"384:PrYzJvWo7f5CqFDAfCgZcYxp4Jm0KHSpVB0T:DWvzfTSZ4Jm0KMB0T","tlshash":"3262d0f22162369ecd22f789d98e47fba2d2c1183286de17d11fed053a28ca05700099","first_seen":"2023-10-17T10:03:58Z","last_seen":"2026-01-13T20:19:22.067406Z","times_seen":266,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":27,"connect":19,"send":0,"wait":38,"receive":3,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be7713.rcr82.waw05.i8yz83pn.com/hls2/03/09726/c5ketf6pqcgf_h/seg-1-v1-a1.ts?t=A3RqAH6QOQIdt-1Ncj0BRn5iZrmUCVRJdkDrTf3qbmc\u0026s=1756161062\u0026e=10800\u0026f=48631056\u0026srv=1060\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"be7713.rcr82.waw05.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.248.170.67","port":443,"asn":43668,"as":"as43668 LLC","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"be7713.rcr82.waw05.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 20:47:11 GMT","end":"Thu, 06 Nov 2025 20:47:10 GMT"},"fingerprint":{"sha1":"77:B6:E8:86:DA:28:B5:A8:B2:43:95:7A:86:CA:C9:1A:97:CC:84:5C","sha256":"C3:79:97:7B:81:4D:9D:2D:32:87:B6:40:EA:48:40:0E:4E:8A:0B:8A:AB:A8:E8:C2:FF:FB:53:C3:F0:FB:06:5A"}}},"request":{"raw":"GET /hls2/03/09726/c5ketf6pqcgf_h/seg-1-v1-a1.ts?t=A3RqAH6QOQIdt-1Ncj0BRn5iZrmUCVRJdkDrTf3qbmc\u0026s=1756161062\u0026e=10800\u0026f=48631056\u0026srv=1060\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: be7713.rcr82.waw05.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 25 Aug 2025 22:31:04 GMT\r\nContent-Type: video/MP2T\r\nContent-Length: 439544\r\nConnection: keep-alive\r\nLast-Modified: Sun, 19 Nov 2000 08:52:00 GMT\r\nExpires: Wed, 27 Aug 2025 19:13:14 GMT\r\nETag: \"5f693e80-6b4f8\"\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":439544,"size_decoded":0,"mime_type":"video/mp2t","magic":"MPEG transport stream data","md5":"3cbe8509ea0fc7e81140171e4e753791","sha1":"8e2cc06265249efbdd8e32a781f185ff9555e477","sha256":"ca199db14c8c777af09e7178d6d97dba204e35dd05069c2af6ca610ab42f60bb","sha512":"17dcd17ecef1ebf18daad9d7e26e930436e40281e21821c54b2df0f73c92d5471b8df8d18503b3bd967b975afcbcd8dd59100a8dfcd2af5d23a308c1f3c4fa5d","ssdeep":"6144:BO1en0dCEae8/WKZ/+0Kzk++VuP6n3mNr1qWviG1XkC5GTk637wTkNYHbt75XqIF:dwKeK9+k+762bziG1013sACHh5XHF","tlshash":"ce9402067be1f45bcd3341b10e4a8796a7250e22de485fdb21b83f9e74be248eda0157","first_seen":"2025-08-25T22:31:32.805901Z","last_seen":"2025-08-25T22:31:32.805901Z","times_seen":1,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shaglurdoa.net/","fqdn":"shaglurdoa.net","domain":"shaglurdoa.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:13.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"shaglurdoa.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 Aug 2025 06:08:13 GMT","end":"Sun, 23 Nov 2025 06:08:12 GMT"},"fingerprint":{"sha1":"DF:94:41:84:36:A6:51:A9:FF:8B:3D:C0:C5:DF:42:47:E0:B5:5A:DC","sha256":"EC:D1:C5:3E:8D:CC:97:36:02:32:79:52:48:5A:4A:58:41:DA:E3:E2:FC:16:E5:A8:F7:98:76:59:0D:EB:F2:E7"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: shaglurdoa.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: favicon\r\nReferer: https://0vg9r.com/\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:13 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, favicon\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"3bbbac058fc4ed9e8078f0318d31d9fa","sha1":"fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8","sha256":"3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4","sha512":"b69fbb06800c913e488aa496a397f6a1e1322441089b90c90798737782a71cfaa9b2f147c2f9b4bd14a45e05b3ace2fb1ed4f862693ba7134785f94417393078","ssdeep":"","tlshash":"4a500000000000000000cc0000000000003c0000c000000000000c000000000000c000","first_seen":"2023-03-07T01:40:33Z","last_seen":"2026-04-02T06:29:31.823933Z","times_seen":10341,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":99,"dns":13,"connect":26,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shaglurdoa.net/","fqdn":"shaglurdoa.net","domain":"shaglurdoa.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:13.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"shaglurdoa.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 Aug 2025 06:08:13 GMT","end":"Sun, 23 Nov 2025 06:08:12 GMT"},"fingerprint":{"sha1":"DF:94:41:84:36:A6:51:A9:FF:8B:3D:C0:C5:DF:42:47:E0:B5:5A:DC","sha256":"EC:D1:C5:3E:8D:CC:97:36:02:32:79:52:48:5A:4A:58:41:DA:E3:E2:FC:16:E5:A8:F7:98:76:59:0D:EB:F2:E7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: shaglurdoa.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nFavicon: 9254412\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:13 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: c93dffb408e7e72163fff57280412257\r\nlink: \u003chttps://my.rtmark.net\u003e; rel=\"preconnect dns-prefetch\"\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\nset-cookie: OAID=008230a42156455af7315ee41135681c; expires=Tue, 25 Aug 2026 22:31:13 GMT; path=/; secure; SameSite=None\noaidts=1756161073; expires=Tue, 25 Aug 2026 22:31:13 GMT; path=/; secure; SameSite=None\nsyncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"77263ed04564ca239f1a58c8725fada3","sha1":"f003bdad77c625a0bbe7abaf69548757876db172","sha256":"2469cea5a4ca45c738c2130f240070bbf3b50baa97f34b0dd569c58e06c81efa","sha512":"5144df37107947a3532a2369ef6d57e3db85a1c10d0c276891420e184065222f37c65e6299ca3321d9a18f3eb0bde05c9748fd0f4bccadc84405df1591118d67","ssdeep":"1536:T4jR7EZ28C3lW52ndsfSVz8ObHOwGquSLAryY1x076KD:EjRYlAdsg8eOvfOY1xK6KD","tlshash":"c3b32b9462a234b05d66813c385fc54dafe7afa0004e49e4d4eaac737617074d3bbee9","first_seen":"2025-08-25T22:31:32.809038Z","last_seen":"2025-08-25T22:31:32.809038Z","times_seen":1,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/bafsd.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /js/bafsd.js HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 04 Oct 2024 05:52:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MprK6NezEtT%2F6BZUuXgtFRMOSPtPDSbJKIzQnD4MX38Tu7D4AobBQWpKt%2Bp0yrNIlcY7NJI7sjAQDcBq3JkEQTzdu3ghEGg%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"66ff82ab-358a\"\r\ncf-ray: 974e8995a96056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13706,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"c2432aca90e92e0370d2ded2545eb1fa","sha1":"8f1ae40f7dc9c4ccfcb91d04530a1f072e9d06eb","sha256":"89c40275bddb7257d519bda010de1c4df70a30b5f84be325f2ae53168f276cb5","sha512":"7278ab65bac73bbba9750c49161c677ad6d98d8d16f5f692a3b19e99423c2b32a9785a1bd4045321f4ffd0cf3c6270e5fe4b4ab1cc7bbe4f7cdfc3c40bb3f373","ssdeep":"192:Tb2KC3RtGFnoYcAb/XkLM17rbN5rYrWcYYgC/55wJjJUjfQFU75+xCj+8NcC+5wK:WLsrqh56lUb4kochTK","tlshash":"a852428b738da2be86fa33e4c43f2494e97ed272c115c4fab5b58a801d90815c397d79","first_seen":"2024-10-04T15:55:15Z","last_seen":"2026-04-01T21:59:44.382066Z","times_seen":1309,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filemoon.to/assets/images/favicon/favicon-16x16.png","fqdn":"filemoon.to","domain":"filemoon.to","tld":"to"},"ip":{"addr":"186.2.165.35","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mobile-detect-modernizr.filemoon.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:59:49 GMT","end":"Mon, 27 Oct 2025 02:59:48 GMT"},"fingerprint":{"sha1":"DF:D9:2D:8F:D9:5C:09:CF:58:97:C9:A8:65:7F:61:1E:65:0D:F9:1E","sha256":"77:2C:3D:04:C0:DF:50:0C:99:B0:1B:7C:1D:2D:C7:58:30:62:3F:8F:64:A7:E1:80:6A:0C:86:13:C2:08:04:03"}}},"request":{"raw":"GET /assets/images/favicon/favicon-16x16.png HTTP/1.1\r\nHost: filemoon.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Fz6V7rsDinVkglTA; Domain=.filemoon.to; Path=/; Expires=Mon, 25-Aug-2025 22:51:03 GMT\n__ddg10_=1756161063; Domain=.filemoon.to; Path=/; Expires=Mon, 25-Aug-2025 22:51:03 GMT\n__ddg9_=91.90.42.154; Domain=.filemoon.to; Path=/; Expires=Mon, 25-Aug-2025 22:51:03 GMT\n__ddg1_=9E9WtFxfUy6G0h4lWlSG; Domain=.filemoon.to; HttpOnly; Path=/; Expires=Tue, 25-Aug-2026 22:31:03 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Fri, 22 Aug 2025 15:13:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 370\r\nlast-modified: Tue, 10 May 2022 16:16:39 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"627a8fe7-172\"\r\nexpires: Fri, 29 Aug 2025 04:19:24 GMT\r\nage: 285468\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"1890e941734d87980f46cd0d6b83c3f6","sha1":"999a3546ab4605a3988801f45b77df2df0773e51","sha256":"fa5d0d05df5fde625a3d244297de45ca7d82efd60e89646730e8cffaafac7049","sha512":"7b262771b611e17586ed3aa39034a72a6bd2c12ce2672556c075a15a1351b47b0deb69b971819a72e7bee0d90b62db04ccfdd2f4ea72fbb57fbb1ba40ebe234f","ssdeep":"","tlshash":"42e0f8c093c7383dc00dc9aba3867620883f6f8c8122a67ca11860a7216a8a81112a88","first_seen":"2023-06-02T21:55:34Z","last_seen":"2026-03-31T11:51:25.208093Z","times_seen":322,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":26,"connect":22,"send":0,"wait":44,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/dnsads.js?dfp=1\u0026ad_code=2\u0026adsrc=3","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /js/dnsads.js?dfp=1\u0026ad_code=2\u0026adsrc=3 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Mon, 13 Sep 2021 15:50:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fXpgq6QKiJlBPLj1cAfsuFME7gSN%2Bos6gC8QI6lGcgj6aIF%2BWQ2%2FXrxlF9l1R%2BFf38Kf5lbgJ6Ttn3%2FPLN4DUFWIUhuk1wE%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"613f7336-26\"\r\ncf-ray: 974e8995a96256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"99eccae6afa72c589ae54b5c3890282a","sha1":"0f102f8f5b556635de65d16cf70fa8269c6761b4","sha256":"b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3","sha512":"01bc413c1695c125b8ab111c60974da99989b618fb674631d998db519996966c569503efb97a3c760b50069e87b6b42891985b00c64810a43935ada075a19d24","ssdeep":"","tlshash":"eb8000ee08e2bcbec02c0000000e02a802b00c00a023ac20a00e8e0233e2e20c228c3a","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-01T22:14:46.458669Z","times_seen":2580,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8_26/jwplayer.core.controls.js?v=2","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /player/jw8_26/jwplayer.core.controls.js?v=2 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Wed, 03 Apr 2024 09:09:34 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kYdcVDLr43zs2%2B%2BF34m4rlm49jEekkRMLtvMQdCyqVYsOjg0x7CWcmBnfyw4JjzWEjMjEOZaFbzLNo3O5G%2Fpiq2tcD2QFqc%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:15 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152567\r\ncf-cache-status: HIT\r\netag: W/\"660d1cce-4fcf7\"\r\ncf-ray: 974e8997397256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":326903,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"fee77850b6b254569cf03f43a4dfdde4","sha1":"35841d306d3404fbef6825371ffdbcd992ade913","sha256":"50b22ddf7e9cf49716e33660cc9de3c2bbf3cb90f203d8af93810f8f97bdee3f","sha512":"84d9c23a355b9aa6e6d37f4e4090a41a250499a6c3bb8d5808fa2851a376edfe71d7f1d3d35f658266299339ae88c85fc478a820014c19eeed4e026b4cdab683","ssdeep":"3072:wKH7nFuhglX/qZ3ux2wI9Y7J+3qbOXUvDY6MnJMyXR286CcYZ6mfjq:vHxA4/qZ3V3Y7J+30Y6MnJt2lSZ6mfjq","tlshash":"7d641832214256359aea82da76514604b3398085f516cfacff2ceddd4c6e8cb31f6bb4","first_seen":"2024-03-12T19:48:43Z","last_seen":"2026-04-01T21:59:44.373638Z","times_seen":1791,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shaglurdoa.net/wrr?z=9254412\u0026p_rid=70500dad-d018-4be6-aa02-184769dd9312\u0026rb=WDZrdr1pZ9Eq29T5dynF1JC084POQOpG6ga5vMea5vJ6SeGQnjXy6wylmk2wfShIhJJw4LwYikxm-t9IP1NGZiWK26x8dEpZm3a7fBsROblJBu7Ixuxqb9A5idDGz3RHD82qiS7hOFDoMX289cEtZpMzcOPWYAapzarZgcLcfk4pmhzkIMNv8h5GVc9_41ya11sREXz5RlNuSBttZGjr4i3JwTeyey-UHbeZTLaDhj0KNngnQyanvspyw9h_XV3FWpldMmkY36RBn1qhlAJm1Bvzj4MG88YLfVO4dwMMNyk=\u0026dmn=\u0026userId=080230b814224d2ff0ec87baad9ae153","fqdn":"shaglurdoa.net","domain":"shaglurdoa.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:14.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"shaglurdoa.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 Aug 2025 06:08:13 GMT","end":"Sun, 23 Nov 2025 06:08:12 GMT"},"fingerprint":{"sha1":"DF:94:41:84:36:A6:51:A9:FF:8B:3D:C0:C5:DF:42:47:E0:B5:5A:DC","sha256":"EC:D1:C5:3E:8D:CC:97:36:02:32:79:52:48:5A:4A:58:41:DA:E3:E2:FC:16:E5:A8:F7:98:76:59:0D:EB:F2:E7"}}},"request":{"raw":"POST /wrr?z=9254412\u0026p_rid=70500dad-d018-4be6-aa02-184769dd9312\u0026rb=WDZrdr1pZ9Eq29T5dynF1JC084POQOpG6ga5vMea5vJ6SeGQnjXy6wylmk2wfShIhJJw4LwYikxm-t9IP1NGZiWK26x8dEpZm3a7fBsROblJBu7Ixuxqb9A5idDGz3RHD82qiS7hOFDoMX289cEtZpMzcOPWYAapzarZgcLcfk4pmhzkIMNv8h5GVc9_41ya11sREXz5RlNuSBttZGjr4i3JwTeyey-UHbeZTLaDhj0KNngnQyanvspyw9h_XV3FWpldMmkY36RBn1qhlAJm1Bvzj4MG88YLfVO4dwMMNyk=\u0026dmn=\u0026userId=080230b814224d2ff0ec87baad9ae153 HTTP/1.1\r\nHost: shaglurdoa.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://0vg9r.com/\r\ncontent-type: application/json\r\nContent-Length: 2629\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:14 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/js/jquery.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Tue, 02 Mar 2021 18:58:36 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tw%2FdEKZkL0HKHpetv2q0fO2OVFse8qcH9YK2nvevCW3fveysj%2BHrSCpLFD8m4Fyfso1g1y48ubFq5merT94EjmwyENSaG44%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"603e8adc-15d9d\"\r\ncf-ray: 974e8995995c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-03T19:30:55.929495Z","times_seen":444585,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8_26/jwplayer.js?v=5.0.2","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /player/jw8_26/jwplayer.js?v=5.0.2 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 05 Apr 2024 14:58:43 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jt3yl%2BdT9B5nxpIXtUKwFaPG%2FEaVX5wlbyXBkK0vg2ny%2FR%2BrcZLpV2q66dfKAi3WURn1e9Nln%2FEKKQeHy1aFGXnUc8qYgFw%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:14 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152568\r\ncf-cache-status: HIT\r\netag: W/\"661011a3-1b351\"\r\ncf-ray: 974e8995a96156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111441,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65511)","md5":"f91de142eed44442bad231961488c5d0","sha1":"ea6c79968011a5b59e444d792f7ab048a1f7e31d","sha256":"b3031ee0f2674c203fe1400df12a96148c4bed344553fc9063c3846ba8466295","sha512":"9870ce81ead889f1a2f26abb9bc4cf17d69abba0eadec70d74e299d52791c66ab4b4669f747ef35e429928ed718d09b31ecdefee26fbb7498f694b56fd8ae370","ssdeep":"1536:lrGRl1EevCcKntukU2YYKDjAPkotbKSrvodmBiScMsz1x5rjk0ECjIUMj7DEYR/H:DeQtqR/wooiAUMj7DT9","tlshash":"5fb31ae631c2b4e643e628daa07a4041f23a0545380dc5a4fa6cede63d67947b177fbc","first_seen":"2024-04-13T15:29:14Z","last_seen":"2026-04-01T21:59:44.486437Z","times_seen":1517,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/assets/css/jw8-theme.css?v=3.0.6","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /assets/css/jw8-theme.css?v=3.0.6 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Wed, 03 Apr 2024 15:50:39 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9d1FAfT0h5c0U38fOlW%2Bn3xKy2GaW%2BVYFIdr8r15FfA%2F1lExSOdLLKJWAFX1a9n2fgMlaOGxQhG66ljhqz%2F8Qox8hP3WR5o%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:15 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152567\r\ncf-cache-status: HIT\r\netag: W/\"660d7acf-62a2\"\r\ncf-ray: 974e8997397356b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25250,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (938), with CRLF line terminators","md5":"218f1af32c959506efe281f39309d9a5","sha1":"948fbcdba4275e13fc3e469a04df2d727aabdf4a","sha256":"5425c5e4dfa36e386ee465a9fe20f61290bcd377fe3fd950164c5c6e16301593","sha512":"dade7d9e4bbc40ed8ef3efe25f783875913bc0d32f143de2a68e434ca15515ef7a01c788b58b1949eaf1af95e8e31d70ce2a1f16aca4b0591d9ea2d94eb05f14","ssdeep":"768:jyHyHyoywyfyCy5yAyMyPyby4y/yJyOyDyDyDyRyOyJyTyJyDyGywy8ymyCyUyhv:Smhen8Qn","tlshash":"afb26355c142422d6d3b9678fa337e04ebab258bc746a3f4febc211c8f34186b4e5a54","first_seen":"2024-04-18T11:42:39Z","last_seen":"2026-01-14T01:06:54.87613Z","times_seen":1260,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jodqvcjfsmnaiil.com/","fqdn":"jodqvcjfsmnaiil.com","domain":"jodqvcjfsmnaiil.com","tld":"com"},"ip":{"addr":"139.45.197.165","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:04.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"jodqvcjfsmnaiil.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 11:08:32 GMT","end":"Sat, 22 Nov 2025 11:08:31 GMT"},"fingerprint":{"sha1":"91:77:F6:06:8D:A3:DB:48:67:F1:38:CD:A2:0E:12:DA:58:61:12:F5","sha256":"72:10:5B:DC:43:57:03:FE:7C:17:02:59:8E:5D:18:E2:2E:36:02:6A:52:CD:70:EA:EC:2B:F1:2B:E8:81:0C:29"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: jodqvcjfsmnaiil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: HEAD\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://0vg9r.com/\r\nOrigin: https://0vg9r.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 25 Aug 2025 22:31:04 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\naccess-control-allow-origin: https://0vg9r.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":237,"timings":{"blocked":97,"dns":27,"connect":26,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-25","alert":"Sinkholed","trigger":"jodqvcjfsmnaiil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"HEAD /bkg/c5ketf6pqcgf?ref=freudx.xyz HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: file_id=48631056; aff=40537; ref_url=freudx.xyz; lang=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nexpires: Sun, 24 Aug 2025 22:31:03 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3KNQDEpq0OnaonmFgAcGhHmcQkOnDPdvvBXbStSjoje2QQFo%2Fq6lFYt7TGHJyS%2FrjBn0TEwa3AKUIoiUsYkqqugKGGEJrYI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 974e8996796d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8/vast.js","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /player/jw8/vast.js HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 08 Sep 2022 10:34:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=elP1W3IV2jeCa6pfm9yDvdhPgEIFqDhv0tqkglBZ58j0P6WvrP6gQNGdWdv4bp7G%2B8M48DZqZRfBOAOcVcXbVxjGkygh6K0%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:15 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152567\r\ncf-cache-status: HIT\r\netag: W/\"6319c542-1a26a\"\r\ncf-ray: 974e8996c96f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107114,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3cd85ca1814c3fd976764bf6b83b989d","sha1":"90e931622205c6adfbc75cfe681563a127580f05","sha256":"2e4fe3d8b3565a3f8b5ec0ecfe0e5f26a756401b6847dd475327793da41897f5","sha512":"79ef69e9df2dc8184962724bf27bffca5a509c89d5e9a9ae8f350b1f2291a4851b7ce31b2649f2678097e92559cd4f31344b4996f7abf1c0fcd7af71a0a3cc7b","ssdeep":"1536:clcxhF+/+IrkRT+N+uD9CwS65+sDS0VjE3vuV1WuSpimRmmy/k0xeo+egJvLc9gD:cSpuD9CG05Vh6gV5hQfs","tlshash":"8da3a78e7395b52146d2a0b8603f01067337160f680e826cf56aedea5c7da4e727bf74","first_seen":"2023-09-18T06:50:32Z","last_seen":"2026-01-17T22:53:50.787658Z","times_seen":1185,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0vg9r.com/player/jw8_26/provider.hlsjs.js?v=2","fqdn":"0vg9r.com","domain":"0vg9r.com","tld":"com"},"ip":{"addr":"104.21.4.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz","date":"2025-08-25T22:31:03.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0vg9r.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:02:48 GMT","end":"Sat, 22 Nov 2025 04:01:38 GMT"},"fingerprint":{"sha1":"CB:25:04:51:3D:21:40:B4:C2:86:DA:D4:CD:58:5E:03:91:E7:84:85","sha256":"58:C5:14:C4:F1:A1:FE:F1:86:BA:B3:6A:22:AC:26:DB:64:04:E7:CC:1B:69:EB:C4:6A:AF:28:70:84:83:35:3E"}}},"request":{"raw":"GET /player/jw8_26/provider.hlsjs.js?v=2 HTTP/1.1\r\nHost: 0vg9r.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0vg9r.com/bkg/c5ketf6pqcgf?ref=freudx.xyz\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 25 Aug 2025 22:31:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 05 Apr 2024 14:57:50 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6U9ys7Wam0r%2Fsn%2FDgB8kjqjg2fATCn7ZrvlvdUOAbLQZn19fXKxXe%2BU2RKW%2FMQrvAt9tpCNrLAZVxTYt1ZpW0PXbCKJbO14%3D\"}]}\r\nexpires: Sun, 31 Aug 2025 04:08:15 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 152567\r\ncf-cache-status: HIT\r\netag: W/\"6610116e-6742f\"\r\ncf-ray: 974e8997397456b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":422959,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"0f95e38aa7bb0943693b51bd6a7deed0","sha1":"26c89f76894108f76ad23af32ecc6b1e708993ba","sha256":"1b1263b7061aaca7fe0b69168b16cb2401a7fe2ada08ccfdd373ee06c7d125b1","sha512":"664696a45bacbf3ee40fe544f92104f568b10a6cffb6a3fffa9afe351294d00dc0a1883d50cc799a1b1dba0fd00797047729670ee72c19cf0e302539fe63b075","ssdeep":"6144:GCXemC8LqtXLauG9L2aEyflDc2iGLY6I2KlqJxRC9i5q9GYqT:1MXxG9L2By5cbOYRqJxRCG","tlshash":"36943bed7795a02642c2a1a5903f4617633b7d0a3409c1bcfa2be9d75db8849b03bf74","first_seen":"2024-04-13T15:29:15Z","last_seen":"2026-04-01T21:59:44.278304Z","times_seen":1504,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}