{"report_id":"13dd219f-ecf8-48e8-873c-0acd389f40d2","version":6,"status":"done","tags":[],"date":"2025-11-15T07:34:53Z","url":{"schema":"http","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"104.21.89.161","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"title":"flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"104.21.89.161","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-20T07:34:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":15}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"d92fde5bc9.21a3ff363a.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ur.foretopheaved.com","ip":{"addr":"188.42.241.189","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-07-10","domain_rank":0,"first_seen":"2025-08-13T14:30:31.596497Z","last_seen":"2025-11-11T03:40:29.873803Z","alert_count":3,"request_count":1,"received_data":1425,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sm.videqqwuieyui.com","ip":{"addr":"34.126.238.65","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2025-08-11","domain_rank":0,"first_seen":"2025-10-25T09:37:06.805519Z","last_seen":"2025-11-09T09:16:42.825713Z","alert_count":0,"request_count":1,"received_data":99580,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-11-10T08:13:02.382113Z","alert_count":2,"request_count":2,"received_data":827,"sent_data":1076,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ntvpforever.com","ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-18","domain_rank":18811,"first_seen":"2021-11-19T01:49:18Z","last_seen":"2025-11-10T13:42:46.476883Z","alert_count":0,"request_count":2,"received_data":681,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"29386534-36946-ex.uncocleypercha.com","ip":{"addr":"88.208.22.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-08-28","domain_rank":0,"first_seen":"2025-11-15T07:34:56.661139Z","last_seen":"2025-11-15T07:34:56.661139Z","alert_count":0,"request_count":1,"received_data":2500,"sent_data":1412,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"nereserv.com","ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-12-21","domain_rank":17097,"first_seen":"2020-12-21T11:07:56Z","last_seen":"2025-11-10T18:08:20.835249Z","alert_count":4,"request_count":2,"received_data":644,"sent_data":1136,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js.wpadmngr.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-06-02","domain_rank":77954,"first_seen":"2021-06-02T14:43:46Z","last_seen":"2025-11-10T23:36:10.670505Z","alert_count":1,"request_count":1,"received_data":146781,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"na.nawpush.com","ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-12-21","domain_rank":175362,"first_seen":"2020-12-23T08:18:12Z","last_seen":"2025-11-10T18:08:20.421086Z","alert_count":1,"request_count":1,"received_data":1616,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"p2yn.com","ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-03-18","domain_rank":40878,"first_seen":"2025-04-23T09:18:49.672335Z","last_seen":"2025-11-09T15:29:38.003583Z","alert_count":6,"request_count":2,"received_data":1668,"sent_data":1206,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"36946.phidonatome.com","ip":{"addr":"88.208.22.3","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-10-25T22:33:45.251193Z","last_seen":"2025-11-10T18:08:21.061275Z","alert_count":0,"request_count":1,"received_data":32115,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-11-10T01:38:56.234977Z","alert_count":0,"request_count":1,"received_data":842,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.tapioni.com","ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-05-27","domain_rank":177570,"first_seen":"2021-07-01T10:46:55Z","last_seen":"2025-11-10T10:16:06.538577Z","alert_count":5,"request_count":5,"received_data":942893,"sent_data":2092,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-09T22:15:57.703898Z","alert_count":0,"request_count":1,"received_data":18920,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"enrtx.com","ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-10-07","domain_rank":18023,"first_seen":"2024-11-04T09:19:58Z","last_seen":"2025-11-10T18:08:20.287194Z","alert_count":0,"request_count":1,"received_data":9869,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-11-12T04:22:12.576178Z","alert_count":0,"request_count":2,"received_data":222633,"sent_data":824,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ads.google.com","ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":2062,"first_seen":"2013-08-25T13:03:13Z","last_seen":"2025-11-12T04:38:23.382162Z","alert_count":0,"request_count":1,"received_data":208,"sent_data":407,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"142.251.9.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-11-09T22:37:48.153273Z","alert_count":0,"request_count":3,"received_data":6893,"sent_data":1786,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"api.lixstreamingcaio.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492115,"first_seen":"2025-06-01T10:17:55.903035Z","last_seen":"2025-11-14T21:25:48.655853Z","alert_count":0,"request_count":6,"received_data":6013,"sent_data":3423,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"js.capndr.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-08-30","domain_rank":156902,"first_seen":"2021-08-30T12:51:01Z","last_seen":"2025-11-11T02:47:59.061319Z","alert_count":2,"request_count":2,"received_data":96144,"sent_data":855,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"accuratephrase.com","ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-08-07","domain_rank":440697,"first_seen":"2024-08-17T02:04:15Z","last_seen":"2025-11-14T06:59:30.324913Z","alert_count":0,"request_count":2,"received_data":39324,"sent_data":1077,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bereave.onelinevideo.com","ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"2025-04-21","domain_rank":486265,"first_seen":"2025-06-06T00:49:08.421363Z","last_seen":"2025-11-14T21:25:48.596467Z","alert_count":0,"request_count":3,"received_data":738,"sent_data":1600,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-09T22:13:41.73664Z","alert_count":0,"request_count":1,"received_data":432828,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"a.labadena.com","ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-01-21","domain_rank":266368,"first_seen":"2020-05-24T00:28:49Z","last_seen":"2025-11-12T22:42:08.99802Z","alert_count":5,"request_count":5,"received_data":5602,"sent_data":3109,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.meagersex.pro","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-14T10:43:31.093218Z","last_seen":"2025-11-14T10:43:31.093218Z","alert_count":0,"request_count":2,"received_data":208210,"sent_data":923,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"lz.faenasturbit.com","ip":{"addr":"23.109.253.230","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-09-26T02:41:00.932867Z","last_seen":"2025-11-14T13:26:14.967256Z","alert_count":0,"request_count":1,"received_data":1517,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"driverhugoverblown.com","ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":75021,"first_seen":"2025-03-30T06:27:07.780857Z","last_seen":"2025-11-09T15:26:26.516171Z","alert_count":0,"request_count":4,"received_data":162421,"sent_data":3041,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.flowdoodcbk.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-26","domain_rank":0,"first_seen":"2025-11-09T10:12:57.942928Z","last_seen":"2025-11-09T10:12:57.942928Z","alert_count":0,"request_count":9,"received_data":2908481,"sent_data":4690,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"d92fde5bc9.21a3ff363a.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-10-16","domain_rank":0,"first_seen":"2025-11-15T00:27:33.654218Z","last_seen":"2025-11-15T00:27:33.654218Z","alert_count":1,"request_count":1,"received_data":345,"sent_data":849,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4b39905819a02943aab42aaa3ace049","sha1":"397c25ba91f8946c07fcd15b85dde33073d13cc0","sha256":"56b98849a8c00948afc8281671da6d0955145a28b9cab57cb3f3cb67803dc520","sha512":"45185272dd93386022e633bba5581ebd898db3eae1dac640eaab69d546c0f1037b10c423e2b94e8383cf196255c6fa96b4374e9ecad48cd30475491950b1e7c9","ssdeep":"","tlshash":"10c08ca82aab4c7110f73a428fbf21057016a3132090cd313e0eb6848f34e2bda94808","size":190,"data":"","first_seen":"2025-08-29T08:56:06.9123Z","last_seen":"2026-02-02T17:50:52.010918Z","times_seen":319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20c32381f2958704dbda31cb9899e749","sha1":"0d1f76bf765e0b54db0c3b4c5e52a593c00122d2","sha256":"289167e4f6166260213381fc3fcdabb568382bd426fb4774a2bd57fc4469cbef","sha512":"a0f4ae95a388456981c5f0b99af0f6fea7f1bd845a413b3ab910ba2c7dac1e9f4d3eec0f542a28a8034ea6bb849a466ad2d22beb0abdf5f0955400a37d99e7dc","ssdeep":"","tlshash":"b4c022b465a89030001800a9307bc6ad3830300865927084889d781c9a70ed30452c64","size":188,"data":"","first_seen":"2025-10-30T14:32:25.979508Z","last_seen":"2025-11-19T23:14:59.414178Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b4d2cef2d654ba5b8451f3274d2eec2","sha1":"bc0ccbcae68a88da5dbf353cd189aead463ddb9d","sha256":"8702933a72df2217e6c61d654f4494fe0b7814c4eed13205b52e6d024559e93d","sha512":"e64660c80c8580f2302fc44f2ee4162682f4ba80896fd60b1d03b2cc67d0c11d0e7bba180d2034baa52cbcd02ae9330e68f021f8fbeb0eaad970ae2e9fc5dafe","ssdeep":"1536:gmQEWeFL35kTTLy8UFV5tl2NuZ8UnbyVqb0IjzYrOpwQ4:XQEWeFWTTLy8mJHZ8mq","tlshash":"efd3628dbbc1b5a106a37064023f540af2b73a54b48fc8c0f669d5e06e7e94f6167e2d","size":134332,"data":"","first_seen":"2025-11-10T18:08:30.266138Z","last_seen":"2025-11-25T01:12:43.431593Z","times_seen":87,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20c32381f2958704dbda31cb9899e749","sha1":"0d1f76bf765e0b54db0c3b4c5e52a593c00122d2","sha256":"289167e4f6166260213381fc3fcdabb568382bd426fb4774a2bd57fc4469cbef","sha512":"a0f4ae95a388456981c5f0b99af0f6fea7f1bd845a413b3ab910ba2c7dac1e9f4d3eec0f542a28a8034ea6bb849a466ad2d22beb0abdf5f0955400a37d99e7dc","ssdeep":"","tlshash":"b4c022b465a89030001800a9307bc6ad3830300865927084889d781c9a70ed30452c64","size":188,"data":"","first_seen":"2025-10-30T14:32:25.979508Z","last_seen":"2025-11-19T23:14:59.414178Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-31T18:32:21.60782Z","times_seen":75081,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d409bb8252946da915249ad352db9f6","sha1":"0c0f558a0a0cf38af00c0eaf7fe5bc3144d62df6","sha256":"ff07cde64d33de8f91499307fd7aabad820a752eadc98d60d07485d09d554ff1","sha512":"b762bd08a1392d17ad4b80388f8a66bb0fdfd05e14cffd85503022b42c846788f84dc0e695c2759e9f76805003623ca32a30b85c84e343f0c9f6362f717bd3d5","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33B1HxB+E8v:3+DdXvWwmUiYS0C3x1HGZ","tlshash":"48b319da22666459126f402405abec0d75ae8c81048dcd78e0e5fc762d78f26e3f7be9","size":110117,"data":"","first_seen":"2025-11-14T11:39:37.377497Z","last_seen":"2025-11-17T08:56:43.657932Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2f0972afc8bc1fe3b080eb543a86b47","sha1":"ab71ef7d872e2a44f4aef851853fdf259f2fd746","sha256":"8c001a2bddac6af4af1e5aedba188d8fd9fd355208562fea36994d1418aadc68","sha512":"449884607fa6eb4ce120b484a0f3da066fa83bdc5f3bc14eb656d96606b9b47733d67876887b9218582b71d6b7445d8e55eab7adec3fc2463f2d6cce97eb22bf","ssdeep":"1536:ZaN12toXV0jtQyFem169zKKpKf7xbAQ9c+ts4aAUOPEH9ZoxlB5RnWM8k8MdnCjH:5Pemo9GqK9coDts0KnoxlTA7+da","tlshash":"78e34acdb2d2b07407e75059d83f1207b73a1a16b80c9058f6a6e9c17878dda9237f7a","size":146393,"data":"","first_seen":"2025-11-06T14:45:06.101541Z","last_seen":"2025-11-27T11:34:20.174539Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b545479ce261f8f128bca42b01f2b48","sha1":"24a48b2711e0bdc8b80c1037760a9d6106a812c3","sha256":"8bc734c4ee2f7f3f39b1a1e7b57f483f31b108c553af0fe16bd17c7b2abe8a38","sha512":"0a1b3d7e3f89748fc6fc016db882aa8cc5b55e7576ef84f23f93409796d67900b1926385bfcec76ff2460135a2c511f1429e28c8a143af8eb6873e34afae8905","ssdeep":"","tlshash":"162165da31e0f8d213cb6956113f4009f2aa6c65157fa0d0c358cd75bcf8889a1a2faa","size":1285,"data":"","first_seen":"2025-11-10T10:16:11.78532Z","last_seen":"2025-11-25T02:54:33.370695Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"36946.phidonatome.com/4/js/260941","fqdn":"36946.phidonatome.com","domain":"phidonatome.com","tld":"com"},"ip":{"addr":"88.208.22.3","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fcb14c102bf75793ec96145730be87f","sha1":"326e58302ef1c88d2615ee860efda33c4a3906ea","sha256":"f7bb1d5f4aa628605f08ae659ad31693344940c28adc56c6610754a66bc2184a","sha512":"8fd9c6cb31a8892b0cb00adcc2ce342c1df70d87f8c21870dd77f18871cd08a23374f6a1ecd5c52f6ad076a530ec7dc04267bbbdc879360b271756ff2c717b83","ssdeep":"768:H+mbr/4nqZVnyTPxVC2/R3hMwsZwJmvnDY87bBZzBPZvzXRb7iGqj:HyxnufF3qj","tlshash":"c2e22a95f996703043f7187a403f511af3361a94789e8460da2b99822c66fcb837bf7d","size":31412,"data":"","first_seen":"2025-11-15T07:35:02.150249Z","last_seen":"2025-11-15T07:35:02.150249Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21c18bdf0b85cac648181b0fda8c2f35","sha1":"ac5e740cd3011e645d4d92f117699d743b819acb","sha256":"264638badeb5ca45bdabf7ea2e8407322bd8e210d07745d0fcee6b3a5aff3b69","sha512":"7ed4d29f1178a5f105a4ebd39f646fdbe9cfb5e467c6e271661e2b8a8d3a1bb97afaaf988136ec3531a181b422271ae43b0c99178447974fb9c4d602b153d143","ssdeep":"","tlshash":"33e06f9a0c025060865b607b833d8b0cb022a1038435d040b4ace04f3f20fca9c2ff78","size":383,"data":"","first_seen":"2025-10-30T14:32:25.97671Z","last_seen":"2025-11-16T06:53:30.779829Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb746d8526a1bc530d776cd488ec6096","sha1":"79dffe493f7c2d3b9ff7d1e30d6febcba4f8e9d2","sha256":"056224b015736338c7a89c6932bbeb4f41c3ab304bdfc97424fd0baf7c0fe3dc","sha512":"cbd56d02758b8c767b09f713aea08ffaa3fa4a1c9b1b2c88e0672e07a8ad912b22cd72c0c0f2578390cf51e9aba61d28e9db9b9330d692fa60d823e1f5a2d42c","ssdeep":"768:QZhdZg7J0OMLfTF9dFaQNp8JY29c6SboEBkleZ2YoOcLhlPPTgLgooDMiG82IGEj:QZ1g7JQLqQNp8Jr9c6SboEBkleZ2qcLv","tlshash":"5003b6d871c3642642eb107d713b7208b23a54655429b028bc79c8e4fcb9e9f8677bbd","size":38020,"data":"","first_seen":"2025-11-15T07:35:02.155229Z","last_seen":"2025-11-15T07:35:02.155229Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ur.foretopheaved.com/r4xjjmZUr51mvyQ/RNklR","fqdn":"ur.foretopheaved.com","domain":"foretopheaved.com","tld":"com"},"ip":{"addr":"188.42.241.189","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-05-31T17:37:49.790979Z","times_seen":17242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","size":17908,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-05-31T12:28:59.273694Z","times_seen":7462,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/vendor-chunks-DH--4bEh-1763100366801.js","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"50d712bd0033f3622be3eb62bdf0ee37","sha1":"7e591c03cc188d65f46a25ff5547db7bb0d09633","sha256":"ac0d86604f2c0c30aa4a18d5e06d2d3971a3d22720676e860cdcb7775b0c7ead","sha512":"d075c1f6396bf475ae51a6ac8a3cf243b01f5f524a0e0b768d2a733ccb8c6a80191abba6e7cda7975ff5335eb0536f67f530b11eb6bed8a0e1173ca8c83e4618","ssdeep":"24576:TLgcTD3IaDerXpsBbIw98z6CS2dSG6MIIsPGiUcWFYMKduqC6:TscTD3IaDerXpsBbIw98z6Cz6MIIsPGK","tlshash":"b7454cd972a67062879361a4503f1207723a7d16248cc05cf63bf9ea2eb8d09647bf7d","size":1270326,"data":"","first_seen":"2025-11-03T21:11:09.356347Z","last_seen":"2025-11-19T23:14:59.417113Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d409bb8252946da915249ad352db9f6","sha1":"0c0f558a0a0cf38af00c0eaf7fe5bc3144d62df6","sha256":"ff07cde64d33de8f91499307fd7aabad820a752eadc98d60d07485d09d554ff1","sha512":"b762bd08a1392d17ad4b80388f8a66bb0fdfd05e14cffd85503022b42c846788f84dc0e695c2759e9f76805003623ca32a30b85c84e343f0c9f6362f717bd3d5","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33B1HxB+E8v:3+DdXvWwmUiYS0C3x1HGZ","tlshash":"48b319da22666459126f402405abec0d75ae8c81048dcd78e0e5fc762d78f26e3f7be9","size":110117,"data":"","first_seen":"2025-11-14T11:39:37.377497Z","last_seen":"2025-11-17T08:56:43.657932Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"8f2e0cd22b41fa7c9212af0b11f449d3","sha1":"6c552632a2eeaa712496444594c3e8c68eadbbb0","sha256":"d7ca5af269e02e5109a61ef55df0196e2206204d6c742daba5a153defc097fda","sha512":"c90bb9984fc0b2a5374129cb10fc509e937ba565063e2530578430fb0329f8058c145c914de139fa166d8530cfff9799a8c78aa1ad2752d9ec72e24c0fed477c","ssdeep":"","tlshash":"d201685934f5684d5127b630255b22182d32a40325cbd94efb2cdb301f825a7eca8aef","size":762,"data":"","first_seen":"2025-03-07T08:34:13.499254Z","last_seen":"2026-03-04T07:06:03.173543Z","times_seen":7245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"c542a30f3c9abdcb04df7d453cc28759","sha1":"96ef8c786835d8ef3591b6e2f26910a09abe055b","sha256":"b27101b1501c12a1f3e1b8a62547dd72a8300cc5756ce04c29538f41d2e065f8","sha512":"d753c6e935c002a0f69804c0ded754de0fca3c5c3ffd078c8b2c89b3e33a2dca93656b82445f6a67dc763d033c6a2d8a6744b64d79fffb4102b5f444cbec9654","ssdeep":"1536:9xjDE39ya1BNBWl45iw8OVxFWXzStBE8CRxxXp044xQ4ulkKtaz5rtODDduPCLKu:9xG971B/WlMBVKqaxXpZDDQPm","tlshash":"aee366cdf385a8360153b03b043b1f27e6f558e3b64d44c4a1abd1e92ea550ad335eba","size":154661,"data":"","first_seen":"2025-11-14T16:45:20.553969Z","last_seen":"2025-11-17T14:30:30.873926Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2081141?id=2081141\u0026jp=_clyavgfjzwojgpbphxvbxh\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.636-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=Jf0H2hoaHR0cHM6Ly93d3cuZmxvd2Rvb2RjYmsuY29tL2UvNkxrbExnWEI%2FbHYxPWFzZXNlLnNpdGU\u0026afid=4337677206328832\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pload=1392\u0026rlp=%5B0%2C76%2C213%2C151%2C23666%2C3389%2C723%2C3024%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"10f8b033a89502b77e4820e8e26c27c9","sha1":"e00945921e260ec8ae576e77ed66bbccb0ba1282","sha256":"0415a978224660918adc147f6f1d0a5ca095927f046b6fce67cb6c7455a34fb4","sha512":"6ee6e7ad215e3e2dc7558250d98cfb0be1f6608cd6a41a1cfa0e3dc16596381b7c306aa0a092d5e71a3dd9ff4a207dcbee4a3d11fa1387d019901e100dec4afa","ssdeep":"","tlshash":"1a6183e6c0ead5ca6bc3d65c4b375ed2cc82086160bfa9d350087743ef8817d6a31d16","size":3287,"data":"","first_seen":"2025-11-15T07:35:02.135535Z","last_seen":"2025-11-15T07:35:02.135535Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.flowdoodcbk.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58\u0026ab=1\u0026i=1\u0026s1=1926436872029081602\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"000149a55f31a4285f9778cac6a69078","sha1":"b092faf8d68a80dbd9fcf4ff84061eb0ea9f214e","sha256":"0bf5b037478298d114d8b1a5a9a5b7803c3a9a6c7e4c5e50782b3b33154463e3","sha512":"6c4e2a6af6b7052db973cfb9d400c79ef3876a6a0e08a4f0383c2745076d37543c115f69445c641fdd4363acd9cf0d88cc06e096ad7ca7c298354b71d42560c7","ssdeep":"","tlshash":"5b0102c2535da9ff9b4850b3dd7d4fb28e4e89b837159007fb79931a98ca183036018b","size":672,"data":"","first_seen":"2025-11-15T07:35:02.124231Z","last_seen":"2025-11-15T07:35:02.124231Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1926436872029081602\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"a21b95015e9cb63efd8511eaf2894836","sha1":"286c099346bef15329fffacd4e11b26894d75403","sha256":"735b0e567386fc0d49134429a6069669214877e375f3b48d101ba96d4f2e7192","sha512":"c3a9db412021c1ee073333f0a66e00da61ac5df59d3090533e1a74e1dd059bf4d1f754adb027e59d320d38a5902237984883699124d7b7b1d97c7f1e3360fcb0","ssdeep":"","tlshash":"ef518684d6fc6316f62b1070dd7acb9f551ee14192198075effb26aac3cc64c06712ca","size":2573,"data":"","first_seen":"2025-11-15T07:35:02.146618Z","last_seen":"2025-11-15T07:35:02.146618Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","size":244907,"data":"","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lz.faenasturbit.com/sSB8ld39qI9j8pgT/130607","fqdn":"lz.faenasturbit.com","domain":"faenasturbit.com","tld":"com"},"ip":{"addr":"23.109.253.230","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","size":5,"data":"","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-31T17:21:59.96917Z","times_seen":14806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.meagersex.pro/ecc874/e5f3045861a4.js","fqdn":"www.meagersex.pro","domain":"meagersex.pro","tld":"pro"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"192f9524e295a0137b3463b1f2074895","sha1":"6132ac360fea93d3b48838693cad26491fea5e3e","sha256":"ea60d2aabd4eef1f17b31f52ccce738a8b5d0bf85c62e36c89f58045fb0e847a","sha512":"3987e2fbe24b71b25250802fa678a2ee87b9f43f9cb17293eca3160e12fffc8fe98141c2fd7414dd8ccb2c09a57ccb84ec6a4f2bb86b0887839798647245dd02","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPv6:OijxEQq3P5Enne9zkWHLA","tlshash":"efa33461350b64fd2ad0c1e7eb6720886c295810e469cca1ecd1e7c7d6eb8e3429b5f7","size":103674,"data":"","first_seen":"2025-11-14T10:43:36.708338Z","last_seen":"2025-11-17T06:41:31.19719Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/main-pt9vCjmE-1763100366801.js","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f1c0f8653373747982bcdd31c3d11ea","sha1":"b5b64b38a17f2aceedc3c5e59e57efe4f3aa205a","sha256":"a0921cb681aec34093868b60a94a417b08fc36c77a3092fd29c2f364799e5be5","sha512":"fbc7c510bbce412ccc9bcbfb715df7d069cc426e67e406284611ead89eec4a33b0a7dafd5bf7b92d29f6eadaf2a7a10b45a0a9c62c25399207ce66626c1cefa4","ssdeep":"1536:0pR1KKXrr1FfGYkBvaW/q37RHHq4Ff2TF7rThZ+nxGxevcVzqr/nmoKFCFRV4NQz:0pTZtFfGYgHeHu1lZsmoMoKGef+","tlshash":"5ea38eed612d8e38fc5609c5787a9534b828366bf928c8c1f0fd3c025b94d8459ab7de","size":104126,"data":"","first_seen":"2025-11-14T06:59:41.124238Z","last_seen":"2025-11-17T01:28:17.506251Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a4fad3c91f5530a26cb72878af88643","sha1":"53fd1c16c643a475bec3e352a2a61eb0b0061f05","sha256":"4f0ff4db10d39492aa1689b232c185e22d5711a16a6166f6fa2bb0ec8917e690","sha512":"1b0d3be506ab739981a8dd73e0fc8fe4c98c997cd6cd09eb2402052af557f5acdbcccea14ba37d9f82409fe1a6a6f15a8f794e6c2c6572ca5996ec48d5446612","ssdeep":"6144:X4Jxo7CyxOsjtxj31bC2sUOJdR+rVmIQZOBZDTQ3kLQz:XOm7ZxOytV1bjsmQZOH8","tlshash":"ee9418de73d674265396f078502f018ba57b28a2b44cc896f1c9cde02e74a9a4277f7c","size":432224,"data":"","first_seen":"2025-11-15T07:35:02.157512Z","last_seen":"2025-11-15T07:35:02.157512Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef71e3a5fcdca2418129fff7f4e54e50","sha1":"10aee0abfddbfb0a11737088d393d5fe88ba24c0","sha256":"d685cc4df641365217ddcc69a3efcf9a6ad8b1535125dffd0a9df95bc0f46882","sha512":"a4951a72b5fef052521f78900f47c405563dfcb8c729a66c638eefb675dc50f2175433308dd2228118ff250944954d65abbc5a8b7f067937d922be440aa3007f","ssdeep":"3072:StY4dFHJC/KyWM8exrt9pGW18MHy3rxXqkPj92La7/rK/cJs83h3f2g:IdFg/KBeNt9j6JEkPj9iB/cy83h3fP","tlshash":"3a64a3c9b6c6b0a543e7b0b8403f520ef276a955b44ac9c0e266e9d1ac7c94e5037f7c","size":315377,"data":"","first_seen":"2025-11-10T18:08:30.221651Z","last_seen":"2025-11-25T08:32:30.006114Z","times_seen":106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","size":244907,"data":"","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494246?host=www.flowdoodcbk.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58\u0026i=1\u0026s1=1926436872029081602\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ab0cdd0d5ad75af605e4d61ece10bba","sha1":"29321ff743189cf2cb4268b0553ad51d74ad8521","sha256":"6ed9d1e6745f5541cb874198e8d6b125bc96f8317aaed1e02aba1ec8735a16b1","sha512":"055ae074cade84545328b5a2fd62fcc3e1860bafbcdb09dd9375a03aef764cf63e5a146dc0569bcd96d7f5d5de18dddac5544d86743aac7c076d409aa1b590b3","ssdeep":"","tlshash":"790102c2535c66ff874850a3c83d4eb65b4e89b86712500afb38930f98ca181436019b","size":661,"data":"","first_seen":"2025-11-15T07:35:02.136505Z","last_seen":"2025-11-15T07:35:02.136505Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fcd0ce6da93385c2aae7faae9ee533d","sha1":"4e81cc0eb5a5e4a80ac043722254a206a2467d21","sha256":"044cbb4a44b387749d187da88b0888e8ff2da383ca1bf3bf8390752a90aa322d","sha512":"877349afc430e39cd8267d0f2c544022abd64568136237d5f8ba8aa0bf90138755fad1b45c30e34e530f757291b27924da67f4f040146f5c75b06aa012ff52b8","ssdeep":"768:ubVWcprcLsdOKo/+PDPfVal3ATlP8JnU2qbJ/XSURcq3TG9sh8sf2x22Zf4dsU9w:WkmOK1Nh8J0/tddEf","tlshash":"899318cdb7d2b07043b765ba902f151ab33f2a09b809441cf969d9d138ad84e9327f79","size":95357,"data":"","first_seen":"2025-11-10T18:08:30.272513Z","last_seen":"2026-04-10T08:08:30.486685Z","times_seen":309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 20:07:09 GMT","end":"Thu, 05 Feb 2026 21:05:30 GMT"},"fingerprint":{"sha1":"D2:20:C9:EE:4B:2D:3A:82:43:E2:14:9E:C3:25:30:01:9F:8F:BB:C3","sha256":"D2:57:0B:6C:75:32:2D:6D:C0:F7:1B:32:FC:56:BA:06:7F:64:4B:FC:95:E2:29:A1:4F:59:5C:DD:D3:8D:37:7B"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: 953f260235a645046299c02b80841e1e\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 115\r\ncf-cache-status: HIT\r\nlast-modified: Sat, 15 Nov 2025 07:32:35 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gD8WXsjTDwhF2hv%2FtDki6l4PH6mv0fcpn6lnKPHWSuf6flfrIO4kXUUTZKLTKWWXAmYzIXtM1pG5cHzVxCIfHly9Op6nuNnalw%3D%3D\"}]}\r\ncf-ray: 99ed110dabc5b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8d409bb8252946da915249ad352db9f6","sha1":"0c0f558a0a0cf38af00c0eaf7fe5bc3144d62df6","sha256":"ff07cde64d33de8f91499307fd7aabad820a752eadc98d60d07485d09d554ff1","sha512":"b762bd08a1392d17ad4b80388f8a66bb0fdfd05e14cffd85503022b42c846788f84dc0e695c2759e9f76805003623ca32a30b85c84e343f0c9f6362f717bd3d5","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33B1HxB+E8v:3+DdXvWwmUiYS0C3x1HGZ","tlshash":"48b319da22666459126f402405abec0d75ae8c81048dcd78e0e5fc762d78f26e3f7be9","first_seen":"2025-11-14T11:39:37.377497Z","last_seen":"2025-11-17T08:56:43.657932Z","times_seen":63,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":39,"dns":21,"connect":1,"send":0,"wait":9,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.flowdoodcbk.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58\u0026ab=1\u0026i=1\u0026s1=1926436872029081602\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/users/494333?host=www.flowdoodcbk.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58\u0026ab=1\u0026i=1\u0026s1=1926436872029081602\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nCookie: nauid=CSviy8GthYZKTutFQRZl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":672,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (362)","md5":"000149a55f31a4285f9778cac6a69078","sha1":"b092faf8d68a80dbd9fcf4ff84061eb0ea9f214e","sha256":"0bf5b037478298d114d8b1a5a9a5b7803c3a9a6c7e4c5e50782b3b33154463e3","sha512":"6c4e2a6af6b7052db973cfb9d400c79ef3876a6a0e08a4f0383c2745076d37543c115f69445c641fdd4363acd9cf0d88cc06e096ad7ca7c298354b71d42560c7","ssdeep":"","tlshash":"5b0102c2535da9ff9b4850b3dd7d4fb28e4e89b837159007fb79931a98ca183036018b","first_seen":"2025-11-15T07:35:02.124231Z","last_seen":"2025-11-15T07:35:02.124231Z","times_seen":1,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.meagersex.pro/ecc874/e5f3045861a4.js","fqdn":"www.meagersex.pro","domain":"meagersex.pro","tld":"pro"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.meagersex.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 14 Nov 2025 07:03:09 GMT","end":"Thu, 12 Feb 2026 07:03:08 GMT"},"fingerprint":{"sha1":"D3:5F:71:CD:1E:F3:08:FA:9D:D3:1D:37:5D:E8:97:30:4F:C2:DE:4E","sha256":"F9:3C:FA:E7:73:E1:55:9F:FF:BF:F2:D7:9C:EB:72:5E:8E:04:E2:5D:D4:BD:1D:2E:FF:08:F2:05:11:31:D2:D1"}}},"request":{"raw":"GET /ecc874/e5f3045861a4.js HTTP/1.1\r\nHost: www.meagersex.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Mon, 17 Nov 2025 07:34:32 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"192f9524e295a0137b3463b1f2074895","sha1":"6132ac360fea93d3b48838693cad26491fea5e3e","sha256":"ea60d2aabd4eef1f17b31f52ccce738a8b5d0bf85c62e36c89f58045fb0e847a","sha512":"3987e2fbe24b71b25250802fa678a2ee87b9f43f9cb17293eca3160e12fffc8fe98141c2fd7414dd8ccb2c09a57ccb84ec6a4f2bb86b0887839798647245dd02","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPv6:OijxEQq3P5Enne9zkWHLA","tlshash":"efa33461350b64fd2ad0c1e7eb6720886c295810e469cca1ecd1e7c7d6eb8e3429b5f7","first_seen":"2025-11-14T10:43:36.708338Z","last_seen":"2025-11-17T06:41:31.19719Z","times_seen":41,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":72,"dns":24,"connect":22,"send":0,"wait":20,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.google.com/","fqdn":"ads.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adwords.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:53 GMT","end":"Mon, 19 Jan 2026 08:34:52 GMT"},"fingerprint":{"sha1":"18:12:87:2F:99:A4:11:BF:67:C5:75:13:D1:57:4F:07:B4:7D:94:F9","sha256":"1D:BE:1D:48:B0:C4:15:87:B7:22:B0:A0:C6:44:D0:7D:17:2D:C0:FE:0A:FA:A3:50:ED:72:58:40:FD:96:02:56"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: ads.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ncontent-length: 1103\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":641,"timings":{"blocked":67,"dns":0,"connect":9,"send":0,"wait":503,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"OPTIONS /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Sat, 15 Nov 2025 07:34:33 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://www.flowdoodcbk.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":134,"dns":22,"connect":48,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 83\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: application/json\r\ncontent-length: 15\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"32323194b8b07fd0aa9b6f7fc79a7b30","sha1":"ea248c45722bff267b55a453dc794bc42171cef6","sha256":"080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8","sha512":"e6b7cefe758be1e47a28ed8fc319cd61814e942838f0f65a26e629f0af39fae2547bece75c020c0cad5294b741a20911757b43b493dea2d3b109e4cf3ae3e9a3","ssdeep":"","tlshash":"9d600008200a08020880a000a20082002000a002002008282880008083002000888800","first_seen":"2023-09-22T06:12:14Z","last_seen":"2026-05-31T15:15:35.103306Z","times_seen":2580,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lz.faenasturbit.com/sSB8ld39qI9j8pgT/130607","fqdn":"lz.faenasturbit.com","domain":"faenasturbit.com","tld":"com"},"ip":{"addr":"23.109.253.230","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lz.faenasturbit.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 21:32:56 GMT","end":"Wed, 28 Jan 2026 21:32:55 GMT"},"fingerprint":{"sha1":"D6:1B:84:26:55:A1:83:01:23:8C:CD:42:C8:38:30:73:F4:D6:EF:57","sha256":"53:E3:FE:81:08:0E:DC:4F:44:48:DE:93:85:98:37:CB:86:0A:DE:F4:21:AF:D8:5D:C9:7D:40:12:D9:C0:72:E7"}}},"request":{"raw":"GET /sSB8ld39qI9j8pgT/130607 HTTP/1.1\r\nHost: lz.faenasturbit.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5\r\nvary: Origin\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, GYFR29QT4J80VDR0ZHSJ, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires, Credentials\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nset-cookie: GGI10=GxcBAMTXn0vZ5emOqPLiOX4M/Qe03l4favwDG9JHI6TbBJKnolVVaOxczMvXxMpVz1S+iP8HW4RuBSO2jdgyPMewfQ+EplrAOJ7YtwyP751awABhjgGG5aoL0ZOMi3Yywju/deo9QHIdMwX2YyO2/ICey9yAbcsIvdgjdLKU/TB2L+22jPfLZgSEuVIJDicYfc2BU0yy7svrDX4pIoS6GOmUAFXBtl8T1VW7dFmzKfl9YeIvpJb6s7Qm3uX/Bw==; max-age=3600000; path=/; secure; SameSite=None\nGUI42=G1EDAGRzTeWjR7p6Qu3mU4YH9Pm/d8f/s18Bwh2ttYAWSICBJJLv1p7hISgwsLmvbx6l1gny/4B8HjAzIAA9j+CKoejWQE7Q1BwPyagP3EDzrQkKAFxCMsFpubg+UtqnIlX8zN9T+7IO1X2MMktWiYNbyuVNiRJnf7wfUIbm+H7AEgzQyUwzPGiPsMTAVKsDJfFwD4xfforJPYXioCIf2lWxUYhhKoQ7HRcZYY50oYzyqxv9qsGaDbWD1wCyt75hKpW3uB8gHqUhyEoTSk1RxkUr1lwWVmkJtMRDLDKRhK6JKZeSpVJNYZhr9NBIY1zkqp1pIcXRmpOuXZbnZmrK1GQprh3FhAWw37LLQmbTCH66VE33X9bD3yqgSeP7AeXr1OsuO6qcJayqp9VMtT1A/4JTwT1AkJZzjPhTkAfWGyG/j8JzziRG0P/cNw==; max-age=3600000; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-31T17:21:59.96917Z","times_seen":14806,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":97,"dns":75,"connect":18,"send":0,"wait":20,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.24.0\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":95,"dns":23,"connect":25,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.9.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:34.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:46 GMT","end":"Mon, 19 Jan 2026 08:35:45 GMT"},"fingerprint":{"sha1":"24:7C:52:9A:14:62:BE:F8:93:1F:AE:0D:94:C9:F5:D1:B7:6C:B1:16","sha256":"4E:59:5E:29:62:6C:9E:E6:D9:2F:72:AA:20:76:DD:CF:73:BC:E3:95:17:09:AD:C0:7B:3F:55:8E:44:6F:E9:58"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:KU0nSWvb3cTCi8tmGT1x1-srxnqkow:7SZhMjVvKe5yKEZz; Expires=Mon, 15-Nov-2027 07:34:34 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 15 Nov 2025 07:34:34 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S-903548828:1763192074299516\u0026ifkv=ARESoU3HIVvAKxSlC5ENOFuICqQuX9O-cCEHPS2gaNCKoQfVeWhQBqX0g_SWl-MaXvn_LWuFlbUv_Q\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-3IuEaE1WHg8G1eIvdwpn5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":106,"dns":0,"connect":38,"send":0,"wait":41,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"29386534-36946-ex.uncocleypercha.com/iyxGCoUyOAfjZtczvVjDLi9Mktk7qIvcL_RWOMOZHZwXMJmco91V8cKOVtZjf8Le0tRSLvgk1f6-EbyzSOW6YhzBz6_A77iAJgkUTu92Li9lsc5I_rerQAdBza8skueW59Y00Z4tPZodTJv3YUJCMQw-crpSV0ZBZA?kws=\u0026pageUri=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026referer=\u0026bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Win32%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20Nov%2015%202025%2007%3A34%3A32%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D\u0026btdb=0\u0026prsl=1","fqdn":"29386534-36946-ex.uncocleypercha.com","domain":"uncocleypercha.com","tld":"com"},"ip":{"addr":"88.208.22.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:35.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.uncocleypercha.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 13:26:29 GMT","end":"Tue, 10 Feb 2026 13:26:28 GMT"},"fingerprint":{"sha1":"00:7F:AF:A9:B7:B5:0B:F0:6B:0E:9E:34:52:60:D8:DA:BB:DB:F8:F4","sha256":"AC:55:BC:C0:B6:99:D6:FF:6B:D8:52:C8:8A:DD:6C:DF:C1:0B:6D:31:3A:2E:BD:98:7D:8D:F4:13:C5:8B:1A:96"}}},"request":{"raw":"GET /iyxGCoUyOAfjZtczvVjDLi9Mktk7qIvcL_RWOMOZHZwXMJmco91V8cKOVtZjf8Le0tRSLvgk1f6-EbyzSOW6YhzBz6_A77iAJgkUTu92Li9lsc5I_rerQAdBza8skueW59Y00Z4tPZodTJv3YUJCMQw-crpSV0ZBZA?kws=\u0026pageUri=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026referer=\u0026bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Win32%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Sat%20Nov%2015%202025%2007%3A34%3A32%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D\u0026btdb=0\u0026prsl=1 HTTP/1.1\r\nHost: 29386534-36946-ex.uncocleypercha.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:36 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nreferrer-policy: unsafe-url\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory\r\naccept-ch-lifetime: 31536000\r\np3p: CP=\"NOI DEVa TAIa OUR BUS UNI STA\"\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nlast-modified: Sat, 15 Nov 2025 07:34:36 UTC\r\nexpires: Sat, 15 Nov 2025 07:34:36 UTC\r\nset-cookie: _ccid=13957626580344814004; expires=Wed, 15 Nov 2028 07:34:35 GMT; domain=uncocleypercha.com; path=/; HttpOnly; secure; SameSite=None\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1563,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (1563), with no line terminators","md5":"14dbd878b5a4a0ca79beb61dc9e039a5","sha1":"c6d54a7e4df3f4b72e3ed5a4b14922f13ae6e03e","sha256":"ee88ddc6bc8b0c3ec5364b066a4744ec2e77764abcb5b5f409111ecb4bc183d3","sha512":"3f32cfd96af77b59de1b921ea548e8d48ed8b46350193710bfe73151e099e9ed36ddd911969e0d73983757770cc3041e994bad9b018591426740868ff092a023","ssdeep":"","tlshash":"ca31e8e372b092d21a9030a75209b8bfc14aa00054976109a17d81c6dfa5211a022f7a","first_seen":"2025-11-15T07:35:02.129017Z","last_seen":"2025-11-15T07:35:02.129017Z","times_seen":1,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":94,"dns":34,"connect":17,"send":0,"wait":108,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /check.html HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Thu, 23 Oct 2025 10:52:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68fa08f5-39e\"\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":926,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"088dba8e97eede53134c93219f7ebbae","sha1":"adb707654d1fe0af7d0d7a9f55660d22bd3625e4","sha256":"6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff","sha512":"23a1f87731e8aee4658993cd1ce35ec179fea80b89bf52aca7634488f1bdfcf88b9cabca4859481357a9fee06cbb49df64bbe0878b1dae0e5df4fa34003c6d80","ssdeep":"","tlshash":"6211d04934e1684c1127a6301597a2183c32a40315cbd949fb9cd7301f815a7dc596df","first_seen":"2024-11-22T16:59:41.974716Z","last_seen":"2026-03-04T10:11:28.020186Z","times_seen":13721,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=3e6240ae-7913-480e-b43d-bdaa3c826786\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-15\u0026timezone=0\u0026ver=1.170.1","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"GET /in/dip?event_id=3e6240ae-7913-480e-b43d-bdaa3c826786\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-15\u0026timezone=0\u0026ver=1.170.1 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S-903548828:1763192074299516\u0026ifkv=ARESoU3HIVvAKxSlC5ENOFuICqQuX9O-cCEHPS2gaNCKoQfVeWhQBqX0g_SWl-MaXvn_LWuFlbUv_Q","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.9.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:34.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"BD:40:9A:DB:26:FC:C1:FF:4D:85:05:A9:F0:E9:24:BD:05:29:25:7B","sha256":"C7:A3:E4:68:D6:D8:86:E7:C6:E2:D6:E3:1D:DA:60:9A:35:7E:71:9E:F1:91:26:57:47:43:91:7C:CE:BB:07:17"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S-903548828:1763192074299516\u0026ifkv=ARESoU3HIVvAKxSlC5ENOFuICqQuX9O-cCEHPS2gaNCKoQfVeWhQBqX0g_SWl-MaXvn_LWuFlbUv_Q HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:-z_dxNMsVaf1d9uicf_uM1h0iUh-Pw:yPL1hJhhLJYwAshw;Path=/;Expires=Mon, 15-Nov-2027 07:34:34 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 15 Nov 2025 07:34:34 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S-903548828%3A1763192074299516\u0026hl=en\u0026ifkv=ARESoU1g12Km-id6DbhvQU3fR4gZQgzbNTVThJuquJ1QgLABUCPbze7zlCnla2Rhh3HN7kDfpZb8dA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-4D2h-b5dOp6pEn4QsziLSw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 417\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/main-N0eyzR4p-1763100366801.css","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:30.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/main-N0eyzR4p-1763100366801.css HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:30 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F96285B199E08572EEFEE8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2503604\r\nvia: EA-IDN-kabbekasi-EDGE4-CACHE6[3],EA-IDN-kabbekasi-EDGE4-CACHE24[0,TCP_HIT,2],EA-SGP-GLOBAL1-CACHE17[3],EA-SGP-GLOBAL1-CACHE16[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 504facf748a419b6589517771082eab8\r\nnginx-hit: 1\r\nage: 2091\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cxe8fU%2FixZ%2BW%2FLOltg%2B4jn7a3DDniUSaTKoVsOWQymh5hOwQgwOPxiVjV%2BemnWLgQWm5gZofUyRQny%2BnsxXKu1zrHRQLNFaf%2F3EL%2BL1a1uhe\"}]}\r\netag: W/\"72d952444936e37a0faf16c61aac220b\"\r\ncontent-encoding: br\r\ncf-ray: 99ed110ad8725690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":65094,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65093)","md5":"72d952444936e37a0faf16c61aac220b","sha1":"31fb42f4ad17d9f797e8807719d5f65795937d92","sha256":"5446b863e422ff710541dfa87352a13b5f887d4de4fcef21a76c1e33dab68abe","sha512":"8a31abfa81660b097cc2e95b21f865b10edc9c167018f11882d065fc0617392e4c39a1c99cd24e652341f8ab48f3d7a5ba2dcad96af80b0fb9d5e3054dfb5e5f","ssdeep":"1536:zSMWKbZ2v1/YVP5cgQ5qNsmbHDXEfSCZDfhTwDzfTK2HnO0iyAoP7GitdtmnyWlM:MKbZ2vmVh7Q5qNsmbHDXEfpDfhTwDzf3","tlshash":"51538421b6174129b833b9e6e5d4ab5e31349d0ec922c7ddf601b52dcece3a5243722e","first_seen":"2025-11-14T06:59:41.105433Z","last_seen":"2025-11-17T01:28:17.497424Z","times_seen":10,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0802828767e0431bff8dde4aa37e7d06; expires=Sun, 15 Nov 2026 07:34:31 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 99ed110f3c0556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"dc7e0484abbcb3e6f8e1b9c133a69472","sha1":"8134545538d87fbff8293e40a1b90dbcc14824fd","sha256":"da874dd6387b1be1e7b037303ad6b0a9561868abb169e7ed95ebabca0b4f8350","sha512":"7baa8253f28579c3c5c71221bb464dc62102ab06f88629bd42f91c54a396da54ea2059e83ae34a9107120bc8d3102b11a506713cd7a10e5abe94b16ea862e3e0","ssdeep":"","tlshash":"f9a0220808082288c00308022bc38a02020080e2cb02332883f888023082a0c808c220","first_seen":"2025-11-15T07:35:02.131367Z","last_seen":"2025-11-15T07:35:02.131367Z","times_seen":1,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":57,"dns":20,"connect":1,"send":0,"wait":34,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/6LklLgXB","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"POST /v2/s/home/resources/6LklLgXB HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nContent-Type: application/json\r\nX-Stream-L1: asese.site\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KuXczK81hBilYT4B%2FxDNmLZ%2BmntiRO8RY7Ycs5TXE99Sd1%2BCjrL0uxoZKZHujI7oLtqz0LcHBpxMRno2wcJDVWyN901YpBOcd4T0OAXbmFE9q%2BcH9CSHdA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99ed110f183823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":608,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d92494570f9c70085342108b83b0c96","sha1":"66dc52d8678d1223a051700688e3af9b24a866ef","sha256":"14f81125805f23e831545ba7cd0504b50534df3db98ccc0eabe0ae907b491078","sha512":"07f8dd10575ccff64c4161d04a0375fe04171bc2dfc9a13c785692e020f8e9060a649d6b2111a1f58d0b4ac1ea918f22ccc578bf44ebf68f14abd5bf76d0b347","ssdeep":"","tlshash":"13f0acd2513c8a0d66d464cab8961a2c8536d09e84bb244fdcdbcb4cc088070ab4c36c","first_seen":"2025-11-15T07:35:02.132451Z","last_seen":"2025-11-15T07:35:02.132451Z","times_seen":1,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=4b2b311e-9042-4b0d-a15d-9357f87b2463\u0026uid=1926436872029081602","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v2/s/assets/f?id=4b2b311e-9042-4b0d-a15d-9357f87b2463\u0026uid=1926436872029081602 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wXzRCW8EweXqE4AAHH2ZK0ArN7Bm7MHcUhkNkv%2Fg3j%2FE82CoBzMmY61Kpb7UJjiTGMsXk8XOHyAmPniDSSJDide6Ml9yh8LqttXUJ6qL3pJtLMvyYPHg6w%3D%3D\"}]}\r\ncf-ray: 99ed11114c9c23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":194,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /vast-im.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 88978\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-15b92\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 78379\r\ncf-cache-status: HIT\r\ncf-ray: 99ed11120aecb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":315377,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"ef71e3a5fcdca2418129fff7f4e54e50","sha1":"10aee0abfddbfb0a11737088d393d5fe88ba24c0","sha256":"d685cc4df641365217ddcc69a3efcf9a6ad8b1535125dffd0a9df95bc0f46882","sha512":"a4951a72b5fef052521f78900f47c405563dfcb8c729a66c638eefb675dc50f2175433308dd2228118ff250944954d65abbc5a8b7f067937d922be440aa3007f","ssdeep":"3072:StY4dFHJC/KyWM8exrt9pGW18MHy3rxXqkPj92La7/rK/cJs83h3f2g:IdFg/KBeNt9j6JEkPj9iB/cy83h3fP","tlshash":"3a64a3c9b6c6b0a543e7b0b8403f520ef276a955b44ac9c0e266e9d1ac7c94e5037f7c","first_seen":"2025-11-10T18:08:30.221651Z","last_seen":"2025-11-25T08:32:30.006114Z","times_seen":106,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":100,"dns":75,"connect":1,"send":0,"wait":5,"receive":10,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qzP96O1njOczW5eUKwFRTx%2BfWXz8FaK51VUkGUk27e6UoRVBjTMQICY4lHA6d9CYbaxomhyBLJYrtrHvMzrSCwZ1v%2F1KeTnsqEHY6%2FhHrtO%2B6MXxJDM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99ed11117e025684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpadmngr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 01 Nov 2025 03:32:41 GMT","end":"Fri, 30 Jan 2026 03:32:40 GMT"},"fingerprint":{"sha1":"E3:9D:D3:89:FB:90:7B:AA:8C:19:20:0E:65:8F:8A:B8:25:1C:19:1C","sha256":"DA:2F:33:FE:DB:D4:DD:3C:4D:80:E7:DE:2D:70:4B:D7:61:B4:0C:64:DA:A2:78:BB:8F:0B:66:29:AA:A3:2F:37"}}},"request":{"raw":"GET /static/adManager.js HTTP/1.1\r\nHost: js.wpadmngr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Thu, 06 Nov 2025 14:16:07 GMT\r\netag: W/\"690cada7-23bd9\"\r\ncontent-encoding: gzip\r\nexpires: Sat, 15 Nov 2025 07:39:32 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146393,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b2f0972afc8bc1fe3b080eb543a86b47","sha1":"ab71ef7d872e2a44f4aef851853fdf259f2fd746","sha256":"8c001a2bddac6af4af1e5aedba188d8fd9fd355208562fea36994d1418aadc68","sha512":"449884607fa6eb4ce120b484a0f3da066fa83bdc5f3bc14eb656d96606b9b47733d67876887b9218582b71d6b7445d8e55eab7adec3fc2463f2d6cce97eb22bf","ssdeep":"1536:ZaN12toXV0jtQyFem169zKKpKf7xbAQ9c+ts4aAUOPEH9ZoxlB5RnWM8k8MdnCjH:5Pemo9GqK9coDts0KnoxlTA7+da","tlshash":"78e34acdb2d2b07407e75059d83f1207b73a1a16b80c9058f6a6e9c17878dda9237f7a","first_seen":"2025-11-06T14:45:06.101541Z","last_seen":"2025-11-27T11:34:20.174539Z","times_seen":466,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":64,"dns":39,"connect":22,"send":0,"wait":48,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /on.js HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 14 Nov 2025 16:21:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69175727-25c25\"\r\nexpires: Sat, 22 Nov 2025 07:34:32 GMT\r\ncache-control: max-age=604800\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154661,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c542a30f3c9abdcb04df7d453cc28759","sha1":"96ef8c786835d8ef3591b6e2f26910a09abe055b","sha256":"b27101b1501c12a1f3e1b8a62547dd72a8300cc5756ce04c29538f41d2e065f8","sha512":"d753c6e935c002a0f69804c0ded754de0fca3c5c3ffd078c8b2c89b3e33a2dca93656b82445f6a67dc763d033c6a2d8a6744b64d79fffb4102b5f444cbec9654","ssdeep":"1536:9xjDE39ya1BNBWl45iw8OVxFWXzStBE8CRxxXp044xQ4ulkKtaz5rtODDduPCLKu:9xG971B/WlMBVKqaxXpZDDQPm","tlshash":"aee366cdf385a8360153b03b043b1f27e6f558e3b64d44c4a1abd1e92ea550ad335eba","first_seen":"2025-11-14T16:45:20.553969Z","last_seen":"2025-11-17T14:30:30.873926Z","times_seen":42,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":28,"dns":2,"connect":19,"send":0,"wait":19,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/favicon.ico","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\ncontent-type: text/html\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F97A04B1584858E341C4D9\r\nlast-modified: Fri, 14 Nov 2025 06:06:18 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2500714\r\nvia: EU-ESP-madrid-AREA1-CACHE4[2],EU-ESP-madrid-AREA1-CACHE5[0,TCP_HIT,2],EU-IRL-dublin-GLOBAL1-CACHE17[3],EU-IRL-dublin-GLOBAL1-CACHE9[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 5348a73c5f9b3fe8769240a86301f759\r\nnginx-hit: 1\r\nage: 91286\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wgvPkqvEqulOhaBsQa6cXdnRb9nTNeMEN8rHPiQZ58OhH1Wm40YxAOadpDAFXiOzGsedW5Opam4T3rES885ZICpv7dZ8mjc7xs7McxrXYKK2\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99ed110d5a305690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2018,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3efe9199a2447467c4583f77d54bccbd","sha1":"6ec029855be31c29f5631e4d5068fb91ea1b94ee","sha256":"b254b0a06044a38f8300dfde0c4c0164afcbaf1d1962e65dbe5618f12ac44b35","sha512":"a96b436e021842e2dbfc08c486affbcdfe75c8c2aba8d49aa2e5963c1560d1bffe89da44c050c597e157b962a70a7b701fbed9a51ad3737a5122a2fe5814ed4b","ssdeep":"","tlshash":"fd4113432de3484824215a656fd3f118ad56b2439b46ed9475ee717ccf85b83cdc38a4","first_seen":"2025-11-14T06:59:41.093092Z","last_seen":"2025-11-17T01:28:17.478499Z","times_seen":10,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2081141?id=2081141\u0026jp=_clyavgfjzwojgpbphxvbxh\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.636-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=Jf0H2hoaHR0cHM6Ly93d3cuZmxvd2Rvb2RjYmsuY29tL2UvNkxrbExnWEI%2FbHYxPWFzZXNlLnNpdGU\u0026afid=4337677206328832\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pload=1392\u0026rlp=%5B0%2C76%2C213%2C151%2C23666%2C3389%2C723%2C3024%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /get/2081141?id=2081141\u0026jp=_clyavgfjzwojgpbphxvbxh\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.636-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=Jf0H2hoaHR0cHM6Ly93d3cuZmxvd2Rvb2RjYmsuY29tL2UvNkxrbExnWEI%2FbHYxPWFzZXNlLnNpdGU\u0026afid=4337677206328832\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pload=1392\u0026rlp=%5B0%2C76%2C213%2C151%2C23666%2C3389%2C723%2C3024%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: PTS=; Path=/; Expires=Sat, 19 Dec 2026 07:34:32 GMT; Secure; SameSite=None\nUID=2511150234ab282429ca3c4564b863b7e338; Path=/; Expires=Sat, 19 Dec 2026 07:34:32 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Sat, 19 Dec 2026 07:34:32 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3287,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (3287), with no line terminators","md5":"10f8b033a89502b77e4820e8e26c27c9","sha1":"e00945921e260ec8ae576e77ed66bbccb0ba1282","sha256":"0415a978224660918adc147f6f1d0a5ca095927f046b6fce67cb6c7455a34fb4","sha512":"6ee6e7ad215e3e2dc7558250d98cfb0be1f6608cd6a41a1cfa0e3dc16596381b7c306aa0a092d5e71a3dd9ff4a207dcbee4a3d11fa1387d019901e100dec4afa","ssdeep":"","tlshash":"1a6183e6c0ead5ca6bc3d65c4b375ed2cc82086160bfa9d350087743ef8817d6a31d16","first_seen":"2025-11-15T07:35:02.135535Z","last_seen":"2025-11-15T07:35:02.135535Z","times_seen":1,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494246?host=www.flowdoodcbk.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58\u0026i=1\u0026s1=1926436872029081602\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/users/494246?host=www.flowdoodcbk.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58\u0026i=1\u0026s1=1926436872029081602\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nCookie: nauid=CSviy8GthYZKTutFQRZl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":661,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (351)","md5":"3ab0cdd0d5ad75af605e4d61ece10bba","sha1":"29321ff743189cf2cb4268b0553ad51d74ad8521","sha256":"6ed9d1e6745f5541cb874198e8d6b125bc96f8317aaed1e02aba1ec8735a16b1","sha512":"055ae074cade84545328b5a2fd62fcc3e1860bafbcdb09dd9375a03aef764cf63e5a146dc0569bcd96d7f5d5de18dddac5544d86743aac7c076d409aa1b590b3","ssdeep":"","tlshash":"790102c2535c66ff874850a3c83d4eb65b4e89b86712500afb38930f98ca181436019b","first_seen":"2025-11-15T07:35:02.136505Z","last_seen":"2025-11-15T07:35:02.136505Z","times_seen":1,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d92fde5bc9.21a3ff363a.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2OTg3OTM3NDg3MzIwMzQ3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMzguOCIsInRhZ19pZCI6MzQ5OTE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuODIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=","fqdn":"d92fde5bc9.21a3ff363a.com","domain":"21a3ff363a.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"d92fde5bc9.21a3ff363a.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 02:47:54 GMT","end":"Tue, 10 Feb 2026 02:47:53 GMT"},"fingerprint":{"sha1":"30:3C:E2:F9:54:25:14:1D:F7:B6:2A:D4:7C:30:06:28:EA:E2:5D:C5","sha256":"B0:88:89:B7:0E:04:59:B2:28:76:2C:0B:85:EA:22:E4:B0:A9:09:C5:BB:E7:4F:74:B7:24:BA:0D:0D:FB:5B:42"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2OTg3OTM3NDg3MzIwMzQ3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMzguOCIsInRhZ19pZCI6MzQ5OTE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuODIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1\r\nHost: d92fde5bc9.21a3ff363a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nx-cdn-host-id: AH1747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":123,"dns":77,"connect":21,"send":0,"wait":51,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"d92fde5bc9.21a3ff363a.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 02:32:03 GMT","end":"Sun, 11 Jan 2026 02:32:02 GMT"},"fingerprint":{"sha1":"4F:91:E2:5E:A1:B1:4D:7F:49:01:1E:73:C6:07:EB:0A:BE:44:4C:44","sha256":"7B:0D:8E:03:0E:6E:23:65:30:3D:E8:FC:0C:E7:66:46:E2:5B:7F:FA:FD:D2:FF:61:4C:A4:18:08:24:70:51:6B"}}},"request":{"raw":"GET /popunder-admanager/build.m.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Mon, 10 Nov 2025 11:57:34 GMT\r\netag: W/\"6911d32e-1747d\"\r\ncontent-encoding: gzip\r\nexpires: Sat, 15 Nov 2025 07:39:33 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95357,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9fcd0ce6da93385c2aae7faae9ee533d","sha1":"4e81cc0eb5a5e4a80ac043722254a206a2467d21","sha256":"044cbb4a44b387749d187da88b0888e8ff2da383ca1bf3bf8390752a90aa322d","sha512":"877349afc430e39cd8267d0f2c544022abd64568136237d5f8ba8aa0bf90138755fad1b45c30e34e530f757291b27924da67f4f040146f5c75b06aa012ff52b8","ssdeep":"768:ubVWcprcLsdOKo/+PDPfVal3ATlP8JnU2qbJ/XSURcq3TG9sh8sf2x22Zf4dsU9w:WkmOK1Nh8J0/tddEf","tlshash":"899318cdb7d2b07043b765ba902f151ab33f2a09b809441cf969d9d138ad84e9327f79","first_seen":"2025-11-10T18:08:30.272513Z","last_seen":"2026-04-10T08:08:30.486685Z","times_seen":309,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-15T07:34:30.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /e/6LklLgXB?lv1=asese.site HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:30 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A813FE660B1924795543B49AA\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3yO3L0PAOHc2OgLsMO8TEes%2BBSs13vBO2C4npFtPP%2BDj277tirdgKPNq03jIG3hudgmoi0kPB0r4mGOMoHCsRqY6rl62hIDXW3mY9AFYK%2BFa\"}]}\r\nlast-modified: Fri, 14 Nov 2025 06:06:18 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: EU-ESP-madrid-AREA1-CACHE4[3],EU-ESP-madrid-AREA1-CACHE2[0,TCP_HIT,1],EU-IRL-dublin-GLOBAL1-CACHE3[630],EU-IRL-dublin-GLOBAL1-CACHE17[381,TCP_MISS,625]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 0b8c8be8500aa1031376fe504c448481\r\nnginx-hit: 1\r\nage: 87030\r\nx-ccdn-expires: 2504970\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 99ed1106b8780b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":2018,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3efe9199a2447467c4583f77d54bccbd","sha1":"6ec029855be31c29f5631e4d5068fb91ea1b94ee","sha256":"b254b0a06044a38f8300dfde0c4c0164afcbaf1d1962e65dbe5618f12ac44b35","sha512":"a96b436e021842e2dbfc08c486affbcdfe75c8c2aba8d49aa2e5963c1560d1bffe89da44c050c597e157b962a70a7b701fbed9a51ad3737a5122a2fe5814ed4b","ssdeep":"","tlshash":"fd4113432de3484824215a656fd3f118ad56b2439b46ed9475ee717ccf85b83cdc38a4","first_seen":"2025-11-14T06:59:41.093092Z","last_seen":"2025-11-17T01:28:17.478499Z","times_seen":10,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":25,"dns":6,"connect":1,"send":0,"wait":337,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/vendor-chunks-DH--4bEh-1763100366801.js","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:30.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/vendor-chunks-DH--4bEh-1763100366801.js HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/assets/main-pt9vCjmE-1763100366801.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:30 GMT\r\ncontent-type: application/x-javascript\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F9F8E7B01567D6E8494B81\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2502804\r\nvia: EU-ESP-madrid-AREA1-CACHE5[8],EU-ESP-madrid-AREA1-CACHE6[0,TCP_HIT,4],EU-IRL-dublin-GLOBAL1-CACHE4[5],EU-IRL-dublin-GLOBAL1-CACHE14[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 06331eb51307aa497dc953995c55033c\r\nnginx-hit: 1\r\nage: 2091\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gU5Wy0Y7tLSU5VBrLCsDm1nWJVf2dQwp7VSgWz4jTC2pHiFtVsRvek2Ar1Eftlka6RJuIJu%2Be1yxO119jJ9MDl9Z5wUj0rrX%2FKsMo%2B1SN6uW\"}]}\r\netag: W/\"50d712bd0033f3622be3eb62bdf0ee37\"\r\ncontent-encoding: br\r\ncf-ray: 99ed110b389f5690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1270326,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"d5ffa44357e80f1c65fe87c30587f50b","sha1":"49a1b3fff2091d1562aa749bccd4c98a4cd4ed15","sha256":"966cc679f98dd01db5c608878ab396b5825fdcfbe3264cd2f00989ae989c64ca","sha512":"324ae875fa279ce79883c0ce2e7c6e6eb6fb740c232bee33e83c8734e73a4a89856d3e8ed9d544f98139564b8df901ee315833ef562df7b88f94eb6701e8b4a6","ssdeep":"24576:TLgcTD3IaDerXpsBbIw98z6CS2dSG6MIIsPGiUcWFYMKduqC8:TscTD3IaDerXpsBbIw98z6Cz6MIIsPGs","tlshash":"26254bd932a6706287d361a4503f5207723a7d16248cc45cf63af9ea2eb8d09647bf7c","first_seen":"2025-11-03T21:11:09.309439Z","last_seen":"2026-01-18T18:49:56.054383Z","times_seen":122,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ur.foretopheaved.com/r4xjjmZUr51mvyQ/RNklR","fqdn":"ur.foretopheaved.com","domain":"foretopheaved.com","tld":"com"},"ip":{"addr":"188.42.241.189","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ur.foretopheaved.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 09:56:09 GMT","end":"Sat, 13 Dec 2025 09:56:08 GMT"},"fingerprint":{"sha1":"91:AA:F1:1B:14:24:36:CD:6B:51:31:6E:5E:C4:CF:18:8E:A6:40:19","sha256":"C9:CD:6B:8D:1D:0B:25:5F:FC:34:0D:27:E0:29:A6:64:DE:36:11:67:88:AF:25:45:05:AA:32:99:35:95:94:EE"}}},"request":{"raw":"GET /r4xjjmZUr51mvyQ/RNklR HTTP/1.1\r\nHost: ur.foretopheaved.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-headers: content-type, gyfr29qt4j80vdr0zhsj, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Sun, 16-Nov-2025 07:34:32 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViD0LglAYRu99ESGS4gGHRpdW0VLBJSTndGhoaBILEcRXrtrH1F9pb4r%2BVWtTWzacA%2BcIIcicgsoGRujaoWN7C9v1PcgClKSgvIaesDpnV0gFcpYgVWOcthVbMfd1N%2Fwc2r8hS0zWVXmxtlz1Xcl1CxoYxawaVll3hGx0Cer47%2FZgCsiTPgNVmRFtPu9Xcf8OwUY0vz33u9UD1LTQHD8IfrcSKq4%3D; expires=Sun, 16-Nov-2025 07:34:32 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-05-31T17:37:49.790979Z","times_seen":17242,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":135,"dns":94,"connect":19,"send":0,"wait":22,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/YI2Jx-p.ZLWM5N0OZ_GQFR0SYTT-9VyWcXmYl_kaPbWcNdl-ZfmgUhziM_GkYlxmNnW-Yp4qNrjsM_4uOvWwRxh-OzDAZBiCO_TEdFmGOHT-kJ4KOLWMQ_xONPDQFRl-","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"accuratephrase.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 06:43:11 GMT","end":"Sat, 10 Jan 2026 06:43:10 GMT"},"fingerprint":{"sha1":"5C:01:82:3D:3E:91:A2:72:76:A4:E8:DA:42:F8:FD:E6:74:85:B6:CF","sha256":"70:75:DE:E9:C6:17:AD:2B:3D:6E:6A:92:30:CC:7F:07:FE:0A:01:18:13:08:46:C7:F6:A5:EE:0D:04:8E:7E:00"}}},"request":{"raw":"POST /YI2Jx-p.ZLWM5N0OZ_GQFR0SYTT-9VyWcXmYl_kaPbWcNdl-ZfmgUhziM_GkYlxmNnW-Yp4qNrjsM_4uOvWwRxh-OzDAZBiCO_TEdFmGOHT-kJ4KOLWMQ_xONPDQFRl- HTTP/1.1\r\nHost: accuratephrase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 80\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-length: 0\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"na.nawpush.com/tags/349919?version_name=d\u0026domain=www.flowdoodcbk.com","fqdn":"na.nawpush.com","domain":"nawpush.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"na.nawpush.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 02:32:20 GMT","end":"Thu, 18 Dec 2025 02:32:19 GMT"},"fingerprint":{"sha1":"38:85:B2:05:59:7D:15:16:9D:87:1B:83:46:10:68:2E:DC:7C:7A:D1","sha256":"FE:22:4E:C6:6F:85:46:CA:64:38:8F:48:77:17:E8:29:0E:7C:14:27:20:EA:A9:7B:CB:5E:49:87:A6:B0:60:2F"}}},"request":{"raw":"GET /tags/349919?version_name=d\u0026domain=www.flowdoodcbk.com HTTP/1.1\r\nHost: na.nawpush.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.24.0\r\ncache-control: max-age=300, public\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1377,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"47ab307bd5eb59fa9c264028a815048c","sha1":"2eea0f63beb20cfb5e99ee3019253ae901cad773","sha256":"65b2d252adc52c9ba36a86dc9deecbe5e3e0ddd4797bdb58190d02a28f6ce326","sha512":"af5f004c055b5fc5c20dcaa2d35521d8eb6d3e826f69832a9e3002f7440ecf2a3ca24aa2783164813616b6ff5cf53e1168849bf479bf4c8f80d55569b58f5458","ssdeep":"","tlshash":"122131ec99759caac0c4478a84d63f4802a4327bb2c8785af5ad49b816cf596192f24b","first_seen":"2025-11-04T15:17:02.560155Z","last_seen":"2025-12-06T11:17:17.903429Z","times_seen":18,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":74,"dns":29,"connect":19,"send":0,"wait":19,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"POST /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1971\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Sat, 15 Nov 2025 07:34:33 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 58\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.flowdoodcbk.com\r\nSet-Cookie: id=501309906072133270; Expires=Sun, 15 Nov 2026 07:34:33 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c4efc1d6d16235d9433cd2565d887460","sha1":"22d069a5f536640e46122475c79db933e82d7f2e","sha256":"f0a6b8c736b7d8c5d3304a9ccd10d2114a0f25f2ba946cce62204df3384a131f","sha512":"af1cfe529f3173efdc7f4aff67355529095e775d8edb38d8a7c9565e09807aff470a465ffdf89ef6555f06cc88efa675823becc942896c63fa64a3140858f539","ssdeep":"","tlshash":"5ba00294c5c00e3c80200c3a73cf901628e4d304120217880ca66b5108822abe333c91","first_seen":"2025-07-26T17:44:43.174102Z","last_seen":"2026-05-31T17:02:57.433912Z","times_seen":6883,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":27,"connect":48,"send":0,"wait":27,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/vendor-chunks-DH--4bEh-1763100366801.js","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/vendor-chunks-DH--4bEh-1763100366801.js HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\ncontent-type: application/x-javascript\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F9F8E7B01567D6E8494B81\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2502804\r\nvia: EU-ESP-madrid-AREA1-CACHE5[8],EU-ESP-madrid-AREA1-CACHE6[0,TCP_HIT,4],EU-IRL-dublin-GLOBAL1-CACHE4[5],EU-IRL-dublin-GLOBAL1-CACHE14[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 06331eb51307aa497dc953995c55033c\r\nnginx-hit: 1\r\nage: 2091\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rTKFVcBwE3wwILDlTHjQRWKIE%2BWogteEaoht3lGpPdnlwdjrDwzRg57Kwwajnco6Nok7N8f5I%2FI1wZK5f2R8pHGamy%2B%2BzDHEBUBeATY6Hf3H\"}]}\r\netag: W/\"50d712bd0033f3622be3eb62bdf0ee37\"\r\ncontent-encoding: br\r\ncf-ray: 99ed110c99935690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1270326,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"d5ffa44357e80f1c65fe87c30587f50b","sha1":"49a1b3fff2091d1562aa749bccd4c98a4cd4ed15","sha256":"966cc679f98dd01db5c608878ab396b5825fdcfbe3264cd2f00989ae989c64ca","sha512":"324ae875fa279ce79883c0ce2e7c6e6eb6fb740c232bee33e83c8734e73a4a89856d3e8ed9d544f98139564b8df901ee315833ef562df7b88f94eb6701e8b4a6","ssdeep":"24576:TLgcTD3IaDerXpsBbIw98z6CS2dSG6MIIsPGiUcWFYMKduqC8:TscTD3IaDerXpsBbIw98z6Cz6MIIsPGs","tlshash":"26254bd932a6706287d361a4503f5207723a7d16248cc45cf63af9ea2eb8d09647bf7c","first_seen":"2025-11-03T21:11:09.309439Z","last_seen":"2026-01-18T18:49:56.054383Z","times_seen":122,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=4b2b311e-9042-4b0d-a15d-9357f87b2463\u0026uid=1926436872029081602","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"GET /v2/s/assets/f?id=4b2b311e-9042-4b0d-a15d-9357f87b2463\u0026uid=1926436872029081602 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nContent-Type: application/json\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: application/json\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4fBsyUbRIZXogwy27VuT2M%2BTeKaxFxtzGqczkFU9RZqb4NCp16h2LaHeAIxvSdW1toYr3ubSOb6krc7k7GfWeUzjBtD%2B0wv5POh6reO8%2F6EhUPk%2FtGg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 99ed11129eb65684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"be435bceb1e873bc76e8e05d72875cab","sha1":"5cf8c8f06ddacb631dfc1930ee519cefcf109ec8","sha256":"e3c2509577c3dd521171d02b510a43816d8c80fcc8aa1990fb1c3792557cb28f","sha512":"b1c5e50e7fbd85236d361b228439d9d323a64ddc83fcd8aa3fdf27352a90bd447758624080a762d76e07b813d82b24a1dc8e133230cb7b00904b1451e1ff1768","ssdeep":"","tlshash":"56c0c0670194064113375dfa097080014ac0b05ea10503120c7c460443c083270c49bc","first_seen":"2025-11-15T07:35:02.140482Z","last_seen":"2025-11-15T07:35:02.140482Z","times_seen":1,"resource_available":false,"data":null}},"time_used":984,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 76922\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-12c7a\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 78374\r\ncf-cache-status: HIT\r\ncf-ray: 99ed1114a83bb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244907,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5117\r\ncf-ray: 99ed1115fff7723c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03faa-45f4\"\r\nlast-modified: Mon, 04 May 2020 16:15:38 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 273954\r\nexpires: Thu, 05 Nov 2026 07:34:32 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=NlQRryPtgJSk43GPdOq8phEFl5NUUy1fS3C2JWKZ54p9ID0oCJvHdCpEL5M3OKocMcmi3Cs8hhx%2FZabm7OTzA1wjRDsFSLA0qekoKolvz7bOqfz30evITanJ3esxuvy4Dz2LM00Y\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17908,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (17660)","md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-05-31T12:28:59.273694Z","times_seen":7462,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":3,"send":0,"wait":11,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"POST /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 259\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/json\r\npriority: u=3,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CPz7xPA%2BivM02NT3r%2Bv%2FedwMoSmBorvjobWtgBaIlEeSIXXpDIFxE1k1OkebLI76NqVbhxYSjaJNW2oQ256AWEdNfUG%2BQ4aQ0QxoFnCfnXtOUCYPzQc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 99ed1112ced25684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a3ccdf4f5cc8da7a6c2caa521331e46a","sha1":"dfe98614ee3b455bca14db2eef682f1338580a8a","sha256":"017e430f25345405c1b0bfeb89dce3a8f2be65237a718e8ad7563b2e977d9b5f","sha512":"afacf3e0a96434042d8417442f5a16ed1642ffb0e964552926b6ef374bfd2cd4e2a270fd66ee6fa906a67a47e750c72731cbcae88c0189c0a51c7a0f3bbe1b24","ssdeep":"","tlshash":"34d05e7d297154ad14985152d651e9c9f78058aabf58b750c423c11f34eb0c8723d2b7","first_seen":"2025-10-16T16:52:07.242118Z","last_seen":"2025-11-20T22:31:42.767036Z","times_seen":72,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 20:07:09 GMT","end":"Thu, 05 Feb 2026 21:05:30 GMT"},"fingerprint":{"sha1":"D2:20:C9:EE:4B:2D:3A:82:43:E2:14:9E:C3:25:30:01:9F:8F:BB:C3","sha256":"D2:57:0B:6C:75:32:2D:6D:C0:F7:1B:32:FC:56:BA:06:7F:64:4B:FC:95:E2:29:A1:4F:59:5C:DD:D3:8D:37:7B"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nx-trace-id: 953f260235a645046299c02b80841e1e\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 116\r\ncf-cache-status: HIT\r\nlast-modified: Sat, 15 Nov 2025 07:32:35 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ENCfyBvbY3GLlU5ImwLggSkd0k0vjtrefBrSq32X1IniQPzWcGvGGfmEqsNabV6d%2BzEZ33cIjS9Vx9oCVafjUEl4QiayemU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99ed11148a2d5693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8d409bb8252946da915249ad352db9f6","sha1":"0c0f558a0a0cf38af00c0eaf7fe5bc3144d62df6","sha256":"ff07cde64d33de8f91499307fd7aabad820a752eadc98d60d07485d09d554ff1","sha512":"b762bd08a1392d17ad4b80388f8a66bb0fdfd05e14cffd85503022b42c846788f84dc0e695c2759e9f76805003623ca32a30b85c84e343f0c9f6362f717bd3d5","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33B1HxB+E8v:3+DdXvWwmUiYS0C3x1HGZ","tlshash":"48b319da22666459126f402405abec0d75ae8c81048dcd78e0e5fc762d78f26e3f7be9","first_seen":"2025-11-14T11:39:37.377497Z","last_seen":"2025-11-17T08:56:43.657932Z","times_seen":63,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/icon-L3kzdSYP-1763100366801.png","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/icon-L3kzdSYP-1763100366801.png HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1763192071$o1$g0$t1763192071$j60$l0$h0; _ga=GA1.1.736412167.1763192072; test=test; UGVyc2lzdFN0b3JhZ2U=%7B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 12350\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F98121B19B5E5E2BA6F064\r\netag: \"37e3e456df677e380ab34f5e0043db7d\"\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: LA-MEX-mexicocity-EDGE3-CACHE11[6],LA-MEX-mexicocity-EDGE3-CACHE15[0,TCP_HIT,4],LA-MEX-mexicocity-GLOBAL1-CACHE17[252],LA-MEX-mexicocity-GLOBAL1-CACHE22[249,TCP_MISS,251]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 3edda1be386bb48b74ea1ecd767c20e3\r\nnginx-hit: 1\r\nage: 4810\r\nx-ccdn-expires: 2589218\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kOOrAADtJWiPE9ah1CNqfj%2FYH%2F%2Fm9jWVCcPi9d5VWFTtZjMIWqGCFXiJAMiYNwqzan48rlaQcbM8FBkhnv1BnNAvSq6bSqvPWvqqZ6y7fg%2Bc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99ed111b7d115690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":12350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced","md5":"37e3e456df677e380ab34f5e0043db7d","sha1":"64ad1b4cca68328e5d987582f76ae59ea79a2d63","sha256":"0d8d6d6357c54934d059569ec6bd54e03b1f0ebad04ace58f8af20a88c2ea8a1","sha512":"7850cd6a4b9fe0cf8b0f1c07851fa283d4929e8d03e2c860470d89b621fbc3147a83812facd7f6b51b2fcc1bafb3cafabae9694077b9497bf7570c83983a273e","ssdeep":"192:whxxxL8uzJHxhnGn6dm0rrkV5Hm1qjDbPU6tbNi/esZtkcJ7Pzx0Xqh8:whxxxlRxhI6Zy5G1uDA+bNetvhVc08","tlshash":"dc429df7d9287f5827e17b23bad19a22f0ed40ae92056004f5da45b757393c8c046e93","first_seen":"2025-06-18T09:39:56.944198Z","last_seen":"2026-02-27T13:27:16.34167Z","times_seen":398,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/main-pt9vCjmE-1763100366801.js","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:30.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/main-pt9vCjmE-1763100366801.js HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:30 GMT\r\ncontent-type: application/x-javascript\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F9F8D9B0D7151BFC4D45AF\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2502805\r\nvia: EU-ESP-madrid-AREA1-CACHE1[4],EU-ESP-madrid-AREA1-CACHE6[0,TCP_HIT,2],EU-IRL-dublin-GLOBAL1-CACHE3[10],EU-IRL-dublin-GLOBAL1-CACHE9[0,TCP_HIT,8]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 6685bab124bb12563e8abf9f3cdfa789\r\nnginx-hit: 1\r\nage: 2091\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NUtgdAKju1T8wmacivqJx71LJw%2BGqaLWIrkmDnfptvku2y%2F4VAP0JBqMxqSHZK0O2lzG09uq7qXWmeFAjkMQbX%2Bf9XUpMhyFp1JlSoRqthFS\"}]}\r\netag: W/\"0f1c0f8653373747982bcdd31c3d11ea\"\r\ncontent-encoding: br\r\ncf-ray: 99ed110ad86f5690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":104126,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14304)","md5":"0f1c0f8653373747982bcdd31c3d11ea","sha1":"b5b64b38a17f2aceedc3c5e59e57efe4f3aa205a","sha256":"a0921cb681aec34093868b60a94a417b08fc36c77a3092fd29c2f364799e5be5","sha512":"fbc7c510bbce412ccc9bcbfb715df7d069cc426e67e406284611ead89eec4a33b0a7dafd5bf7b92d29f6eadaf2a7a10b45a0a9c62c25399207ce66626c1cefa4","ssdeep":"1536:0pR1KKXrr1FfGYkBvaW/q37RHHq4Ff2TF7rThZ+nxGxevcVzqr/nmoKFCFRV4NQz:0pTZtFfGYgHeHu1lZsmoMoKGef+","tlshash":"5ea38eed612d8e38fc5609c5787a9534b828366bf928c8c1f0fd3c025b94d8459ab7de","first_seen":"2025-11-14T06:59:41.124238Z","last_seen":"2025-11-17T01:28:17.506251Z","times_seen":10,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p2yn.com/5/10111173/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=0802828767e0431bff8dde4aa37e7d06\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"p2yn.com","domain":"p2yn.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"p2yn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:27:55 GMT","end":"Sun, 28 Dec 2025 05:27:54 GMT"},"fingerprint":{"sha1":"3A:5A:0E:B8:A9:06:87:BA:DC:58:BC:E1:AE:2A:E3:CB:58:5D:59:7D","sha256":"27:5C:19:3A:05:81:0F:0E:62:D4:C2:B2:7E:E1:93:86:B8:9F:2C:9D:90:0B:A5:AE:52:48:27:FE:CA:75:F4:5E"}}},"request":{"raw":"POST /5/10111173/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=0802828767e0431bff8dde4aa37e7d06\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: p2yn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2637\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":117,"dns":27,"connect":26,"send":0,"wait":33,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 928\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37f7f3f4389ecd0aabf0ee388f19ce6f","sha1":"d89cba2438045428e24d5e6b3094e29493f01410","sha256":"4231340d3151fa0f969f578ead8263bcc9ab7e500d5820fbffe925605615e231","sha512":"a85d64f2aba17e4d7e750e378cec29db7c329b30024973ae17d92a0b6ae24df17b1e28a56796ed6d4d3d6b3bd7201f64e7aed86cb87151847ae7d63ba4aa74e0","ssdeep":"","tlshash":"6980040511303c4cd5c05d5471040051401d454c15034043f5015447d10554700d1574","first_seen":"2025-11-15T07:35:02.144584Z","last_seen":"2025-11-15T07:35:02.144584Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1398,"timings":{"blocked":615,"dns":346,"connect":106,"send":0,"wait":108,"receive":0,"ssl":221},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/advertising.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 02:32:03 GMT","end":"Sun, 11 Jan 2026 02:32:02 GMT"},"fingerprint":{"sha1":"4F:91:E2:5E:A1:B1:4D:7F:49:01:1E:73:C6:07:EB:0A:BE:44:4C:44","sha256":"7B:0D:8E:03:0E:6E:23:65:30:3D:E8:FC:0C:E7:66:46:E2:5B:7F:FA:FD:D2:FF:61:4C:A4:18:08:24:70:51:6B"}}},"request":{"raw":"GET /advertising.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nlast-modified: Fri, 14 Jul 2023 08:23:25 GMT\r\netag: \"64b105fd-0\"\r\nexpires: Sat, 15 Nov 2025 07:39:32 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":86,"dns":33,"connect":21,"send":0,"wait":21,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:34.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1342\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:34 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"0ff98ce06330024b0a4c9a30e45d31b7","sha1":"8880a3fc0e11d4337886998dcd9707f02c665fd9","sha256":"5106eb33a8bda32368fee27745f5c79aa002eee58d1feaad0ba1d4d5ddba862b","sha512":"15f4eeda6919128d8a631305b46aa5ded309aff90f65b28d3c9f4f4fd4e3e0d51c072230525d541c058ac9a3a5569057294f7e16ee3f49de0b898f2854b9c9a1","ssdeep":"","tlshash":"f980008380a88888228282002800a288a28a88fa80a00aa328208a20ea000ca0e8f000","first_seen":"2025-11-15T07:35:02.145541Z","last_seen":"2025-11-15T07:35:02.145541Z","times_seen":1,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1926436872029081602\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/spots/494334?s1=1926436872029081602\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: nauid=CSviy8GthYZKTutFQRZl; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2573,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2071)","md5":"a21b95015e9cb63efd8511eaf2894836","sha1":"286c099346bef15329fffacd4e11b26894d75403","sha256":"735b0e567386fc0d49134429a6069669214877e375f3b48d101ba96d4f2e7192","sha512":"c3a9db412021c1ee073333f0a66e00da61ac5df59d3090533e1a74e1dd059bf4d1f754adb027e59d320d38a5902237984883699124d7b7b1d97c7f1e3360fcb0","ssdeep":"","tlshash":"ef518684d6fc6316f62b1070dd7acb9f551ee14192198075effb26aac3cc64c06712ca","first_seen":"2025-11-15T07:35:02.146618Z","last_seen":"2025-11-15T07:35:02.146618Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":41,"dns":0,"connect":17,"send":0,"wait":15,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 76922\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-12c7a\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 78374\r\ncf-cache-status: HIT\r\ncf-ray: 99ed11146facb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244907,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p2yn.com/5/10111173/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=0802828767e0431bff8dde4aa37e7d06\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"p2yn.com","domain":"p2yn.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"p2yn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:27:55 GMT","end":"Sun, 28 Dec 2025 05:27:54 GMT"},"fingerprint":{"sha1":"3A:5A:0E:B8:A9:06:87:BA:DC:58:BC:E1:AE:2A:E3:CB:58:5D:59:7D","sha256":"27:5C:19:3A:05:81:0F:0E:62:D4:C2:B2:7E:E1:93:86:B8:9F:2C:9D:90:0B:A5:AE:52:48:27:FE:CA:75:F4:5E"}}},"request":{"raw":"POST /5/10111173/?oo=1\u0026js_build=iclick-v1.1618.0\u0026userId=0802828767e0431bff8dde4aa37e7d06\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: p2yn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2637\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/vendor-chunks-DoTr35U9-1763100366801.css","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:30.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/vendor-chunks-DoTr35U9-1763100366801.css HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:30 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80F9F83CB017E38301B2F3B0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2502805\r\nvia: EU-ESP-madrid-AREA1-CACHE6[3],EU-ESP-madrid-AREA1-CACHE6[0,TCP_HIT,2],EU-IRL-dublin-GLOBAL1-CACHE3[7],EU-IRL-dublin-GLOBAL1-CACHE18[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 1dae69bf1b3fc3c302514c5b2da568b6\r\nnginx-hit: 1\r\nage: 2091\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0oBGFXmXSqVnqOvylou09EHjPVY1%2BkB8fxtgC209KFu4xy3BQxRkY9tTJf5bc6EWAlIVEGH1tJQWqYU4RyqCDE%2BFaCtiQAc%2FVkwCK3cWasir\"}]}\r\netag: W/\"583c695c76766d48b720411106e87599\"\r\ncontent-encoding: br\r\ncf-ray: 99ed110ad8715690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":161718,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"583c695c76766d48b720411106e87599","sha1":"e7e75b7ea87593b675eac8f4937a1af7db66f102","sha256":"3f61af115313bbfe92c14794125043e3c53029cc5be9de758ce7a6a4e503275d","sha512":"a9c008b55f23c2460d6650529750b10d9ff30b66cdeb90ca7ad75ec21bb350c619593ae0e01975bacf784d013e08795f40f95c365deeaa4e594a6aa3785e2756","ssdeep":"768:eK4kaqXtxtd5+NuoRbV/es4idulogKFjY3xkjS5nz1miiJykXEK1rBw0OBp6EnUp:eKLvTdw7tejDxkjS5nzK8BTpZaKjpi","tlshash":"58f39569ea10a27de91faf259bc49f8ca224e881cd311af7f685610c4dc3bf115e274d","first_seen":"2025-06-14T07:01:13.355089Z","last_seen":"2026-02-27T13:27:16.333567Z","times_seen":523,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /ip-push.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 41273\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-a139\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 78311\r\ncf-cache-status: HIT\r\ncf-ray: 99ed11120afab28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"3b4d2cef2d654ba5b8451f3274d2eec2","sha1":"bc0ccbcae68a88da5dbf353cd189aead463ddb9d","sha256":"8702933a72df2217e6c61d654f4494fe0b7814c4eed13205b52e6d024559e93d","sha512":"e64660c80c8580f2302fc44f2ee4162682f4ba80896fd60b1d03b2cc67d0c11d0e7bba180d2034baa52cbcd02ae9330e68f021f8fbeb0eaad970ae2e9fc5dafe","ssdeep":"1536:gmQEWeFL35kTTLy8UFV5tl2NuZ8UnbyVqb0IjzYrOpwQ4:XQEWeFWTTLy8mJHZ8mq","tlshash":"efd3628dbbc1b5a106a37064023f540af2b73a54b48fc8c0f669d5e06e7e94f6167e2d","first_seen":"2025-11-10T18:08:30.266138Z","last_seen":"2025-11-25T01:12:43.431593Z","times_seen":87,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":105,"dns":75,"connect":1,"send":0,"wait":12,"receive":4,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodcbk.com/assets/loading-BvwxM1uT-1763100366801.png","fqdn":"www.flowdoodcbk.com","domain":"flowdoodcbk.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodcbk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:53 GMT","end":"Thu, 25 Dec 2025 06:52:28 GMT"},"fingerprint":{"sha1":"69:77:25:A3:B9:7F:D2:66:A1:82:03:49:5B:E3:8A:FF:55:B8:88:76","sha256":"83:2F:08:7B:47:A9:5F:30:E5:37:E9:F5:9C:18:2D:98:31:89:96:07:D8:26:C5:AB:7C:3F:E3:F5:FA:2B:75:66"}}},"request":{"raw":"GET /assets/loading-BvwxM1uT-1763100366801.png HTTP/1.1\r\nHost: www.flowdoodcbk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1763192071$o1$g0$t1763192071$j60$l0$h0; _ga=GA1.1.736412167.1763192072; test=test; UGVyc2lzdFN0b3JhZ2U=%7B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 8360\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A80FA7256B2D500EBA6A9B229\r\netag: \"10294db26a1ee74d2bd5ac9297c0693e\"\r\nlast-modified: Fri, 14 Nov 2025 06:06:17 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2591011\r\nvia: EU-BLR-minsk-EDGE1-CACHE2[23],EU-BLR-minsk-EDGE1-CACHE5[0,TCP_HIT,19],EU-GER-frankfurt-GLOBAL1-CACHE14[2],EU-GER-frankfurt-GLOBAL1-CACHE5[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 2f033cb9565fc622122efc697e6293e2\r\nnginx-hit: 1\r\nage: 2091\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9uEaDAsJQ1uMlz16aQy7Ow5CVUc2f0j%2B0MtBXtxmNgo2RuRBfMsvbk7b9kjK8A7tpUA2%2Bi0CCPQV60oo8dnFruJbNREf9opJWMVeIoHf69cY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99ed111b9d295690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":8360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 224 x 224, 8-bit/color RGBA, non-interlaced","md5":"10294db26a1ee74d2bd5ac9297c0693e","sha1":"71335147dc3bf9b762a0f3e8f265dd9a5adc2bfb","sha256":"776c214d4f0f016446d9778df425ad05e3a365288c4fac9eeb0b91db08b46ff8","sha512":"af025913467b40fcf7f4978c18795090c00d0cd0e550e620914fbfb4209510f45fa10805823b0ad5befa406a5fad14bb0ae67a542891b096bf8f3a20333ba974","ssdeep":"192:ueFidH3tvHhIdbfXs2mBNuv9SyYeVpmwea9ry4baWsp0hl:ueI9vHhIhfc2m6vhlfeak4bHn","tlshash":"9002d06d6a7d27b3715878f418790ffe0e69f1932fa74818640e1a92e0fa6658c1932c","first_seen":"2025-11-04T19:36:24.488568Z","last_seen":"2026-02-18T06:22:10.140796Z","times_seen":81,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=3e6240ae-7913-480e-b43d-bdaa3c826786\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-15\u0026timezone=0\u0026ver=1.170.1","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:34.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"GET /in/dip?event_id=3e6240ae-7913-480e-b43d-bdaa3c826786\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-15\u0026timezone=0\u0026ver=1.170.1 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 15 Nov 2025 07:34:34 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/6LklLgXB","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:31.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v2/s/home/resources/6LklLgXB HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-stream-l1\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type, x-stream-l1\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gt8VgMkwP97UB%2FgLRkek9leswaRVGAH93XGYnqnJfFpeUnOpS1FAXgc6rZQiiHj2QoklvuBwbID4dRFubhFEWd3R0KoamjH81wWaWdY6pyL70Ld8yU7qfw%3D%3D\"}]}\r\ncf-ray: 99ed110dddeb23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":65,"dns":30,"connect":1,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sm.videqqwuieyui.com/thumbnails/xbox-streaming/1926436872029081602/2309f3a5-35d3-4f90-b611-10e5eb770e8a/screenshot/3x3.jpg","fqdn":"sm.videqqwuieyui.com","domain":"videqqwuieyui.com","tld":"com"},"ip":{"addr":"34.126.238.65","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:33.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sm.videqqwuieyui.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 05:36:57 GMT","end":"Wed, 03 Dec 2025 06:32:52 GMT"},"fingerprint":{"sha1":"FC:A6:40:BF:F6:86:15:F2:39:8C:A4:74:3B:0F:FD:A3:2E:F6:D6:50","sha256":"0E:E3:78:75:04:97:54:84:45:2A:C2:92:6A:4A:20:1D:0E:71:4F:F6:38:1F:A3:67:A5:27:D1:46:3E:B8:E7:86"}}},"request":{"raw":"GET /thumbnails/xbox-streaming/1926436872029081602/2309f3a5-35d3-4f90-b611-10e5eb770e8a/screenshot/3x3.jpg HTTP/1.1\r\nHost: sm.videqqwuieyui.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 98465\r\nserver: Google-Edge-Cache\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A821FA77BB15EC84117C04313\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-origin-time: 348\r\nvia: EU-NLD-amsterdam-EDGE3-CACHE1[527],EU-NLD-amsterdam-EDGE3-CACHE2[523,TCP_MISS,525],EU-GER-frankfurt-GLOBAL1-CACHE5[516],EU-GER-frankfurt-GLOBAL1-CACHE7[348,TCP_MISS,515]\r\nx-hcs-proxy-type: 0\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 18b106db44673e2e4a3f672f1a4d4bf8\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\nx-request-id: 6e1d7a69-a6dc-447d-9c4a-2f8d0549e7a9\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\ndate: Fri, 14 Nov 2025 11:28:24 GMT\r\nage: 72369\r\nlast-modified: Fri, 14 Nov 2025 10:20:23 GMT\r\netag: \"7c6abcc3823d53805b9a9498f926d155\"\r\ncontent-type: image/jpeg\r\ncache-control: public,max-age=86000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":98465,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 15374x15237, segment length 16, comment: \"Lavc58.134.100\", baseline, precision 8, 1368x2568, components 3","md5":"7c6abcc3823d53805b9a9498f926d155","sha1":"ce42a4f464f2f5e9e701a151693383328d6a9bfd","sha256":"026610702946d612dceefe0bef3897876c272a4a9b627f0528a673860d1c06c8","sha512":"c975c22fbf1e646353bf1bd9fa6b763587add4b06aa9d35e19918569f817ec9b62b427b42986c1b9371a76e9f9dc9251de931dc260a6d541f9442587b65085e0","ssdeep":"3072:zMMfoSN01Q8nmAg/4of8dNL6i8AKMSfChIgpXtF41J:4Mfo801Q8UKNLyzMSfChIgpXf4D","tlshash":"3ea302628934e13373ac5077add986ef3f87368f282338b15ae86a5fc11c5149d0dd56","first_seen":"2025-11-15T07:35:02.149359Z","last_seen":"2025-11-15T07:35:02.149359Z","times_seen":1,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":114,"dns":34,"connect":8,"send":0,"wait":11,"receive":20,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S-903548828%3A1763192074299516\u0026hl=en\u0026ifkv=ARESoU1g12Km-id6DbhvQU3fR4gZQgzbNTVThJuquJ1QgLABUCPbze7zlCnla2Rhh3HN7kDfpZb8dA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.9.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:34.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"BD:40:9A:DB:26:FC:C1:FF:4D:85:05:A9:F0:E9:24:BD:05:29:25:7B","sha256":"C7:A3:E4:68:D6:D8:86:E7:C6:E2:D6:E3:1D:DA:60:9A:35:7E:71:9E:F1:91:26:57:47:43:91:7C:CE:BB:07:17"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S-903548828%3A1763192074299516\u0026hl=en\u0026ifkv=ARESoU1g12Km-id6DbhvQU3fR4gZQgzbNTVThJuquJ1QgLABUCPbze7zlCnla2Rhh3HN7kDfpZb8dA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 15 Nov 2025 07:34:34 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-3ynsKSryKcb1h1ulQ0hAIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.nTB-S8XDrAA.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"36946.phidonatome.com/4/js/260941","fqdn":"36946.phidonatome.com","domain":"phidonatome.com","tld":"com"},"ip":{"addr":"88.208.22.3","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.phidonatome.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 09:13:10 GMT","end":"Sun, 08 Feb 2026 09:13:09 GMT"},"fingerprint":{"sha1":"D1:79:EC:D3:41:C5:94:89:05:BD:DF:2C:EA:FE:0D:E3:B2:42:25:47","sha256":"44:7D:1E:F2:C0:52:2F:E1:0F:B3:A0:98:03:B5:E2:57:13:66:36:49:33:A6:9D:B4:E1:45:A3:41:BB:EA:43:CE"}}},"request":{"raw":"GET /4/js/260941 HTTP/1.1\r\nHost: 36946.phidonatome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 11325\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nreferrer-policy: unsafe-url\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory\r\naccept-ch-lifetime: 31536000\r\nset-cookie: _ccid=13957626580344814004; expires=Wed, 15 Nov 2028 07:34:32 GMT; domain=phidonatome.com; path=/; HttpOnly; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31412,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31412), with no line terminators","md5":"9fcb14c102bf75793ec96145730be87f","sha1":"326e58302ef1c88d2615ee860efda33c4a3906ea","sha256":"f7bb1d5f4aa628605f08ae659ad31693344940c28adc56c6610754a66bc2184a","sha512":"8fd9c6cb31a8892b0cb00adcc2ce342c1df70d87f8c21870dd77f18871cd08a23374f6a1ecd5c52f6ad076a530ec7dc04267bbbdc879360b271756ff2c717b83","ssdeep":"768:H+mbr/4nqZVnyTPxVC2/R3hMwsZwJmvnDY87bBZzBPZvzXRb7iGqj:HyxnufF3qj","tlshash":"c2e22a95f996703043f7187a403f511af3361a94789e8460da2b99822c66fcb837bf7d","first_seen":"2025-11-15T07:35:02.150249Z","last_seen":"2025-11-15T07:35:02.150249Z","times_seen":1,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":56,"dns":17,"connect":19,"send":0,"wait":24,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"104.20.34.46","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /adgpt.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 635\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-27b\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 78383\r\ncf-cache-status: HIT\r\ncf-ray: 99ed11162b0ab28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1285,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1285), with no line terminators","md5":"4b545479ce261f8f128bca42b01f2b48","sha1":"24a48b2711e0bdc8b80c1037760a9d6106a812c3","sha256":"8bc734c4ee2f7f3f39b1a1e7b57f483f31b108c553af0fe16bd17c7b2abe8a38","sha512":"0a1b3d7e3f89748fc6fc016db882aa8cc5b55e7576ef84f23f93409796d67900b1926385bfcec76ff2460135a2c511f1429e28c8a143af8eb6873e34afae8905","ssdeep":"","tlshash":"162165da31e0f8d213cb6956113f4009f2aa6c65157fa0d0c358cd75bcf8889a1a2faa","first_seen":"2025-11-10T10:16:11.78532Z","last_seen":"2025-11-25T02:54:33.370695Z","times_seen":160,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-14","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"enrtx.com/get/","fqdn":"enrtx.com","domain":"enrtx.com","tld":"com"},"ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:34.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"popunder-base.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 02:48:33 GMT","end":"Tue, 03 Feb 2026 02:48:32 GMT"},"fingerprint":{"sha1":"DF:80:3A:A1:4E:A7:47:86:A1:5F:68:2B:5B:AF:F5:A8:BC:15:A6:70","sha256":"4D:BD:57:8F:2B:73:C5:49:EE:D9:2E:BE:D6:03:16:1E:BD:42:5D:7E:AA:12:FA:BF:8D:DF:AA:CB:5D:D0:5F:CD"}}},"request":{"raw":"POST /get/ HTTP/1.1\r\nHost: enrtx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1741\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.16.0\r\ndate: Sat, 15 Nov 2025 07:34:35 GMT\r\ncontent-type: application/json\r\ncontent-length: 3045\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9490,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"62fc080e6243598d25d851efc60a0bb0","sha1":"b7eaa3216df3664d392232a84a398e35558766d2","sha256":"dcfa52a457fcaa9a5bea5843a0f4c52f84e41bde8df66f4c0e15d1f7c6e7eb72","sha512":"afb8d7d47e2681cf6cd788bc0b72f94e824c163e86c8208664190a2f649f84a4c271fc754ae586d7a29e779d7e29166e5ec9857a2a3c8ba04955ec9115422a1e","ssdeep":"192:A577ya4MA/7S/7EbWdGsm7S/7Eb6i577ya4MAoGsN:AVURS/7YsGS/7KVUtsN","tlshash":"36122a576193fa60ac9da9c1e2e3a364c7dbdaf91e874d9fe5a21b35848d20200c4f1c","first_seen":"2025-11-15T07:35:02.152749Z","last_seen":"2025-11-15T07:35:02.152749Z","times_seen":1,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":107,"dns":26,"connect":25,"send":0,"wait":236,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494331?v2=1\u0026fill=0\u0026s1=1926436872029081602\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/users/494331?v2=1\u0026fill=0\u0026s1=1926436872029081602\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodcbk.com%2Fe%2F6LklLgXB%3Flv1%3Dasese.site\u0026sid=06977eff-cb3c-46f6-904e-a166381edc58 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: text/xml\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.flowdoodcbk.com\r\naccess-control-expose-headers: X-Asg-Config, X-t\r\nset-cookie: nauid=qcCCImIXzJyyyhs7WLa1; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\nx-t: 0\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text","md5":"73d174f378b492e8958d14c2e6a9a4ec","sha1":"7d699dc411131a000b55c5e3808d6c75b443a25f","sha256":"c6f441dbb28602e988f9ae260f3f9c8556ac8d11eac13a6f997c04519267a621","sha512":"dd3c103c5a448e2e3df63dd51379b0f2225bbe5ce804402f5b13d102bd64500652eff4a136f311426d152d0068f4e9d0ce036e054b567246fb9e1a4156c0d195","ssdeep":"","tlshash":"e0b012867301b43305f16f135b24c01513783b85089d588ce8f30ad01e6440c03481ce","first_seen":"2025-09-24T04:41:31.323262Z","last_seen":"2025-11-20T22:31:42.782605Z","times_seen":115,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/settings/494334","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/settings/494334 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1be64b6d6652effba7dcf744e90def6a","sha1":"d9fbc7d1fa49fa4733f90a3739882d63972c2352","sha256":"72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f","sha512":"ff1aee5b5d4ba25f4f78a0ddc80cd878856815c1ded88b32370c72bff242e73522e6aefb60fa5e53c434f10d2611dab7679152edf9321edc2b656e0265ef7006","ssdeep":"","tlshash":"408004c00dc1545410c010f4434043150103140f535c3304d41d1701147f4d17030150","first_seen":"2023-04-06T10:58:14Z","last_seen":"2026-05-20T02:25:30.848628Z","times_seen":7611,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":37,"dns":1,"connect":15,"send":0,"wait":15,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-15","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"accuratephrase.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 06:43:11 GMT","end":"Sat, 10 Jan 2026 06:43:10 GMT"},"fingerprint":{"sha1":"5C:01:82:3D:3E:91:A2:72:76:A4:E8:DA:42:F8:FD:E6:74:85:B6:CF","sha256":"70:75:DE:E9:C6:17:AD:2B:3D:6E:6A:92:30:CC:7F:07:FE:0A:01:18:13:08:46:C7:F6:A5:EE:0D:04:8E:7E:00"}}},"request":{"raw":"GET /cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l HTTP/1.1\r\nHost: accuratephrase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\nlast-modified: Sat, 15 Nov 2025 07:34:32 GMT\r\nset-cookie: uniqCookie=3020ba7eeff7927b9d20cda23cc9b1b5; max-age=1765784072; path=/\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38020,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22784)","md5":"cb746d8526a1bc530d776cd488ec6096","sha1":"79dffe493f7c2d3b9ff7d1e30d6febcba4f8e9d2","sha256":"056224b015736338c7a89c6932bbeb4f41c3ab304bdfc97424fd0baf7c0fe3dc","sha512":"cbd56d02758b8c767b09f713aea08ffaa3fa4a1c9b1b2c88e0672e07a8ad912b22cd72c0c0f2578390cf51e9aba61d28e9db9b9330d692fa60d823e1f5a2d42c","ssdeep":"768:QZhdZg7J0OMLfTF9dFaQNp8JY29c6SboEBkleZ2YoOcLhlPPTgLgooDMiG82IGEj:QZ1g7JQLqQNp8Jr9c6SboEBkleZ2qcLv","tlshash":"5003b6d871c3642642eb107d713b7208b23a54655429b028bc79c8e4fcb9e9f8677bbd","first_seen":"2025-11-15T07:35:02.155229Z","last_seen":"2025-11-15T07:35:02.155229Z","times_seen":1,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":50,"dns":31,"connect":18,"send":0,"wait":47,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodcbk.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 913\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:33 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"8921601ae216bffaf740f52940f3e883","sha1":"e2e13cd6375aec1b9a5f7d764fdee1ebc349152c","sha256":"3562ab647abe7fe673062af9d7d6a15feb4c12105f129934bf21afdc183d3fd8","sha512":"e9de73acd353aeb3207713b2363d8c232f4cf80dfcbeba71f55236d85c004afd38e3e0e20acb1995da192842d09f62af21b02ae9e6022493dc8a946c8e964aab","ssdeep":"","tlshash":"7c800414d0045443444f0347557035453f0000113455fc4f04c01f74450444447dc105","first_seen":"2025-11-15T07:35:02.156225Z","last_seen":"2025-11-15T07:35:02.156225Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1404,"timings":{"blocked":609,"dns":357,"connect":104,"send":0,"wait":107,"receive":0,"ssl":223},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.meagersex.pro/ecc874/e5f3045861a4.js","fqdn":"www.meagersex.pro","domain":"meagersex.pro","tld":"pro"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.meagersex.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 14 Nov 2025 07:03:09 GMT","end":"Thu, 12 Feb 2026 07:03:08 GMT"},"fingerprint":{"sha1":"D3:5F:71:CD:1E:F3:08:FA:9D:D3:1D:37:5D:E8:97:30:4F:C2:DE:4E","sha256":"F9:3C:FA:E7:73:E1:55:9F:FF:BF:F2:D7:9C:EB:72:5E:8E:04:E2:5D:D4:BD:1D:2E:FF:08:F2:05:11:31:D2:D1"}}},"request":{"raw":"GET /ecc874/e5f3045861a4.js HTTP/1.1\r\nHost: www.meagersex.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Mon, 17 Nov 2025 07:34:32 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"192f9524e295a0137b3463b1f2074895","sha1":"6132ac360fea93d3b48838693cad26491fea5e3e","sha256":"ea60d2aabd4eef1f17b31f52ccce738a8b5d0bf85c62e36c89f58045fb0e847a","sha512":"3987e2fbe24b71b25250802fa678a2ee87b9f43f9cb17293eca3160e12fffc8fe98141c2fd7414dd8ccb2c09a57ccb84ec6a4f2bb86b0887839798647245dd02","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPv6:OijxEQq3P5Enne9zkWHLA","tlshash":"efa33461350b64fd2ad0c1e7eb6720886c295810e469cca1ecd1e7c7d6eb8e3429b5f7","first_seen":"2025-11-14T10:43:36.708338Z","last_seen":"2025-11-17T06:41:31.19719Z","times_seen":41,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":69,"dns":26,"connect":19,"send":0,"wait":38,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/solid.gif?z=2081141\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.636-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=Jf0H2hoaHR0cHM6Ly93d3cuZmxvd2Rvb2RjYmsuY29tL2UvNkxrbExnWEI%2FbHYxPWFzZXNlLnNpdGU\u0026afid=4337677206328832\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pload=1392\u0026rlp=%5B0%2C76%2C213%2C151%2C23666%2C3389%2C723%2C3024%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:32.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"POST /solid.gif?z=2081141\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.636-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=Jf0H2hoaHR0cHM6Ly93d3cuZmxvd2Rvb2RjYmsuY29tL2UvNkxrbExnWEI%2FbHYxPWFzZXNlLnNpdGU\u0026afid=4337677206328832\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pload=1392\u0026rlp=%5B0%2C76%2C213%2C151%2C23666%2C3389%2C723%2C3024%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodcbk.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 15 Nov 2025 07:34:32 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-route-id: stats.tag.loaded\r\nset-cookie: UID=2511150234bbf3218b96a744e5b9fb1bffa5; Path=/; Expires=Sat, 19 Dec 2026 07:34:32 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Sat, 19 Dec 2026 07:34:32 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 19 Dec 2026 07:34:32 GMT; Secure; SameSite=None\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"28e463819a210071de3b45ebe7633613","sha1":"6dccd571828ec0912629119cf7eabfea9f33ddbc","sha256":"44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84","sha512":"8a82ac5a7883cd9b74bdb561cf825ce86474e259ad8c445e538d697b0003e3f2b1d6edcd3dc6512f4ad16e9074da204a79938257c457ecf68f4329eac0182e67","ssdeep":"","tlshash":"04900003e280e082c3a0c0300e0ccb802b88a2308a28030fb0fc2baefc3a3a20c23000","first_seen":"2023-04-05T09:26:54Z","last_seen":"2026-05-31T16:47:01.291741Z","times_seen":22084,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodcbk.com/e/6LklLgXB?lv1=asese.site","date":"2025-11-15T07:34:30.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:50 GMT","end":"Mon, 19 Jan 2026 08:33:49 GMT"},"fingerprint":{"sha1":"48:8A:E6:98:60:86:BA:71:57:34:7F:7F:AB:BA:86:86:8F:73:20:E2","sha256":"AF:F1:47:F8:37:C7:C4:95:30:91:49:71:1C:6F:0E:A8:5A:0D:92:0C:E2:D9:F4:A7:AF:27:C5:6B:39:0D:33:46"}}},"request":{"raw":"GET /gtag/js?id=G-FZ6E2FXG92 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodcbk.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 15 Nov 2025 07:34:31 GMT\r\nexpires: Sat, 15 Nov 2025 07:34:31 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143121\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432224,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"0a4fad3c91f5530a26cb72878af88643","sha1":"53fd1c16c643a475bec3e352a2a61eb0b0061f05","sha256":"4f0ff4db10d39492aa1689b232c185e22d5711a16a6166f6fa2bb0ec8917e690","sha512":"1b0d3be506ab739981a8dd73e0fc8fe4c98c997cd6cd09eb2402052af557f5acdbcccea14ba37d9f82409fe1a6a6f15a8f794e6c2c6572ca5996ec48d5446612","ssdeep":"6144:X4Jxo7CyxOsjtxj31bC2sUOJdR+rVmIQZOBZDTQ3kLQz:XOm7ZxOytV1bjsmQZOH8","tlshash":"ee9418de73d674265396f078502f018ba57b28a2b44cc896f1c9cde02e74a9a4277f7c","first_seen":"2025-11-15T07:35:02.157512Z","last_seen":"2025-11-15T07:35:02.157512Z","times_seen":1,"resource_available":true,"data":null}},"time_used":337,"timings":{"blocked":123,"dns":1,"connect":16,"send":0,"wait":42,"receive":45,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}