{"report_id":"158399ef-fed9-4aa8-bb42-c900509162bb","version":6,"status":"done","tags":[],"date":"2025-12-31T15:28:25Z","url":{"schema":"http","addr":"cazooysterlis.com/?cat=2\u0026groupds=189\u0026clientId=1365\u0026productId=2796\u0026publisher_id={publisher_id}\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"cazooysterlis.com","domain":"cazooysterlis.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":0,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"final":{"url":{"schema":"https","addr":"d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"title":"CAPTCHA","dom":{"size":147724,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (13866)","md5":"23b4f2d90f7e970abf8995f5973ebc42","sha1":"c6ef0994d65be9cf4aad4b870b0f4f192717fe5d","sha256":"b2a3df073006a764065b3d160956122da8aae784a608d7fbad27fcb25e7bf88b","sha512":"bc48ecb3c9fb2b715dbbee809c479c09991ca079198b99063f2a1a5fa6ccdf77c81bf50655e5e7242fd31825da9235cf54415d09cdf043cf5585220bb36da11b","ssdeep":"3072:W7pQba/zA4jA05GuBo9JCuq+cs0yyg5cRoE9lHuCB7:uQQzRG9JCuq+cs0yykSoE9gc","tlshash":"f6e3f1baaab715527943f4ac739fa6567e22d507c00ad4703a9cb2dd8fca9c085533cc","dom_hash":"domhash4ac922962a6c6751810f77170e935d4f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cazooysterlis.com/?cat=2\u0026groupds=189\u0026clientId=1365\u0026productId=2796\u0026publisher_id={publisher_id}\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"cazooysterlis.com","domain":"cazooysterlis.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":0,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-04T15:28:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"d.chachenmorim.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"d.chachenmorim.top","ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"domain_registered":"2025-08-07","domain_rank":0,"first_seen":"2025-12-31T15:28:25.738724Z","last_seen":"2025-12-31T15:28:25.738724Z","alert_count":1,"request_count":2,"received_data":151769,"sent_data":3780,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cazooysterlis.com","ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":4519,"sent_data":597,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cazooysterlis.com/?cat=2\u0026groupds=189\u0026clientId=1365\u0026productId=2796\u0026publisher_id={publisher_id}\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"cazooysterlis.com","domain":"cazooysterlis.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"8fa98cb15477bfc1375c4244460699e9","sha1":"014cbb4fa53ea79886927536bb213f092a4c4fa0","sha256":"b7c2330e7b5ffc3881e42311275deaa72b91fe398db46dbdd55d1b648d5e04f1","sha512":"bb9605688b9aaa676aa4f35b1a13c1dfbfe063d6fa5d1e574af777bed669af847e998f276398947878bab36bf4fe15457c1ab034002be70a978b89bc1d6a75b7","ssdeep":"","tlshash":"15d097ae012211300372b029c72fb3032533249fa4498c03ba0c1ee86f0031ec231088","size":236,"data":"","first_seen":"2025-12-31T15:28:33.228417Z","last_seen":"2025-12-31T15:28:33.228417Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d72c17f35e39c4117b324a83af81a97","sha1":"69e7bfd9d11c35335579b80e18b2cbd366124337","sha256":"7a8395e1a72c4dab64415012a90c8fb6dd12434e07520af06573d500bd92fa2d","sha512":"fc2a35e25cb380cf25c6efc235a2764a38583c4b9a97061f4dc832058ab8ea39d29bc19e692e484e47d81099b74fd01a21f19e187fcdd4d28323cf95d0a11d4a","ssdeep":"","tlshash":"87110646dea70dd53e552428537fe01438e501cb008cd666be6cf917af42a0b82fd0dd","size":1045,"data":"","first_seen":"2025-12-31T15:28:33.230555Z","last_seen":"2025-12-31T15:28:33.230555Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5188934a4a6d9df201288f7a2b49489","sha1":"ada0e2a886fa90a16111f33ab2d48679ce0db83e","sha256":"d1f95c4e4c93d0f53094edb66b988db2da42131cae710b167fe9492f386e484d","sha512":"b1a319c4ec80d1936c39724101f59596cd971cfe9672e507884f6602425b4f3a7562058e1b79c51390c327cf6a657809a5a770d7e2302bb4482c4cd9fd8b4244","ssdeep":"","tlshash":"77d022efce6223462a22484cc33e3a679d24250f8dc2c913b60ca4e74f01a2a86f108c","size":223,"data":"","first_seen":"2025-12-31T15:28:33.233179Z","last_seen":"2025-12-31T15:28:33.233179Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d.chachenmorim.top/groupds/assets/js/backlink_back_button.js","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":false,"md5":"60af47aa63c3bf9235687f706af2e899","sha1":"9b651a755c24a2e61617f574579b4d43db107609","sha256":"0faf991e33ce5cfde4a76de0c10f4271f51d30244da938b0e2b2e3f80b4cc035","sha512":"d9dd9a090d3a0bbbb6059b44171577ab1c836c0058b5bb8824a51f9dbf796077c33475150ca0ca033a4eb67ce2484ead2e766b04b6a98415dfef0a193f1c1a48","ssdeep":"","tlshash":"00f0b48d58a60078597331a9dfafa5283563046f3403ea117a8d97904f6472ec389fe9","size":620,"data":"","first_seen":"2023-03-11T20:55:10Z","last_seen":"2026-05-08T20:40:00.282943Z","times_seen":552,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"fdf767b3d55cc92ca7d8bba1653f037e","sha1":"13e472a7afa3597c403757db41ba267c52fafb4a","sha256":"728d591eb0f86b86c494e47c405405bad21375c81ac8435aa1646682dd54b8ac","sha512":"9d55c5b1fa0235f49400e9f47e705f54434b5c2d731c66c6c1dec29e0a27d57dc7a3e1b123b0281a9cc3b402c057568d1c57dee0c3dca6d402478e25c7615ff7","ssdeep":"96:H8uV2tqjyq7eEqFX0fQo47zIGkRP2HPVzzXta2t/NoKSd:H8uV2tquq6ESX0f147hk1ydzzXI21N7q","tlshash":"5bb1304ebeb711a81997b07f5befa1182072d02f2049f4157dbd50905fa0a1cb694bf5","size":5241,"data":"","first_seen":"2025-12-31T15:28:33.23518Z","last_seen":"2025-12-31T15:28:33.23518Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T15:28:03.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"d.chachenmorim.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 04:05:04 GMT","end":"Sat, 07 Mar 2026 04:05:03 GMT"},"fingerprint":{"sha1":"E6:9D:2E:22:59:FE:03:3C:7D:1D:50:62:21:4E:EA:C9:C4:ED:D5:A2","sha256":"DC:2C:B5:D9:1F:5E:C7:19:C7:2C:EC:26:F7:7D:80:67:4B:A7:7A:40:C9:AC:81:1C:CC:8C:E3:C0:5A:28:55:BB"}}},"request":{"raw":"GET /?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7 HTTP/1.1\r\nHost: d.chachenmorim.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazooysterlis.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 15:28:03 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: c2s_step_des=%5B7%2C4%2C9%5D; expires=Wed, 31-Dec-2025 15:43:03 GMT; Max-Age=900\nc2s_step_limit=3; expires=Wed, 31-Dec-2025 15:43:03 GMT; Max-Age=900\nc2s_user_data=%7B%22isp%22%3A%22blix+solutions%22%2C%22country%22%3A%22NO%22%2C%22lang%22%3A%22en%22%2C%22clientId%22%3A%221365%22%2C%22operator%22%3Anull%2C%22action%22%3Anull%2C%22valid_products%22%3A%5B1414%2C1415%2C1416%2C1417%2C1418%2C1422%2C2841%2C2842%2C2843%2C1732%2C1896%2C1897%2C2822%2C2823%2C2834%2C1898%2C1899%2C1904%2C2563%2C1870%2C1981%2C1831%2C1814%2C2791%2C2798%2C2793%2C2800%2C2661%2C2666%2C1907%2C2665%2C2670%2C2790%2C2797%2C2845%2C2664%2C2669%2C2663%2C2668%2C2794%2C2801%2C2792%2C2799%2C1676%2C2795%2C2802%2C2796%2C2803%2C1829%2C1815%2C2662%2C2667%2C1847%2C1722%2C1738%2C1749%2C1748%2C1874%2C1843%2C1724%2C1827%2C1718%2C1872%2C1913%2C1970%2C2807%2C2812%2C2805%2C2810%2C2804%2C2809%2C1717%2C2024%2C2806%2C2811%2C2816%2C2808%2C2813%2C1727%2C2838%2C1909%2C1825%2C1750%2C2562%2C1849%2C1721%2C1863%2C1747%2C1853%2C1720%2C1971%2C1768%2C1767%2C1857%2C1855%2C2774%2C1902%2C2829%2C2828%2C1697%2C1763%2C1839%2C1764%2C1845%2C1723%2C2839%2C1968%2C1972%2C1769%2C1716%2C1728%2C2781%2C1726%2C1725%2C1835%2C1711%2C1851%2C1719%2C1841%2C1741%2C2780%2C1911%2C2001%2C1861%2C1859%2C1837%2C1733%2C1715%2C1900%2C1766%2C2833%2C1823%2C1821%2C2840%2C1765%2C1964%2C1963%2C1890%2C1889%2C1892%2C1891%2C1680%2C1967%2C1966%2C2509%2C2508%2C1868%2C2510%2C2513%2C1866%2C1975%2C2511%2C2514%2C2512%2C2515%2C1710%2C2771%2C2772%2C2773%2C2827%2C2824%2C2826%2C2825%2C1713%2C1714%2C1983%2C1969%2C1988%2C2071%2C1658%2C1657%2C1977%2C1591%2C1592%2C1593%2C1594%2C1595%2C1596%2C1974%2C1997%2C1752%2C1411%2C1706%2C1701%2C1665%2C1405%2C1404%2C1406%2C1503%2C1502%2C1504%2C1505%2C1908%2C1943%2C1942%2C1702%2C1547%2C1635%2C1627%2C1628%2C1629%2C1630%2C1631%2C1632%2C1633%2C1675%2C1941%2C1940%2C1906%2C2609%2C1616%2C1744%2C1705%2C1672%2C1667%2C2072%2C1699%2C1673%2C1599%2C1481%2C2250%2C1651%2C1662%2C1650%2C1654%2C1656%2C1655%2C1647%2C1648%2C1649%2C1660%2C1663%2C2028%2C1668%2C1666%2C1408%2C1407%2C1409%2C2023%2C1597%2C1659%2C1559%2C2070%2C1598%2C1536%2C1540%2C1652%2C1653%2C1901%2C1987%2C1637%2C1674%2C1537%2C1538%2C1539%2C1961%2C1413%2C1420%2C1421%2C1412%2C1499%2C1679%2C1696%2C1483%2C1661%2C1579%2C1484%2C1570%2C1553%2C1581%2C1490%2C1546%2C1580%2C1485%2C1550%2C1569%2C1486%2C1541%2C1712%2C1833%2C1803%2C1482%2C1636%2C1487%2C1551%2C1556%2C1568%2C1535%2C1488%2C1554%2C1552%2C1555%2C1489%2C1340%2C1460%2C1366%2C1367%2C1368%2C1341%2C1342%2C1449%2C1450%2C1451%2C1369%2C1370%2C1371%2C1372%2C1373%2C1425%2C1423%2C1424%2C1343%2C1344%2C1345%2C1354%2C1617%2C1626%2C1618%2C1619%2C1620%2C1621%2C1622%2C1623%2C1624%2C1625%2C1664%2C2002%5D%2C%22invalid_product%22%3Anull%2C%22successRate%22%3A0%7D; expires=Wed, 31-Dec-2025 15:31:03 GMT; Max-Age=180\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":147762,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (13866)","md5":"9a4b132a950b9e0467f15577cd478b29","sha1":"e9f39efbe80be511136e9078f5cb95d254b91daf","sha256":"efb3b835712951e1bcd1ad687e4ad645296557540763ffc1e3fccec8bd0c54c9","sha512":"dfc938298dd0fe7458a453ac57a2a42b73837c7ab124d9075b9cb1ebddff4bec19d1d73d768510797132b403bd2c985afbf493111e968cf2425ad6bc5692e716","ssdeep":"3072:K7pKba/zA4jA05GuBo9JCuq+cs0yyg5cRoE9lHuCBP:SKQzRG9JCuq+cs0yykSoE9gQ","tlshash":"14e3f1baaab715527943b4ac735fa6567e22d503c00ad4703a9cb1dd8fca9c085533cc","first_seen":"2025-12-31T15:28:33.220277Z","last_seen":"2025-12-31T15:28:33.220277Z","times_seen":1,"resource_available":false,"data":null}},"time_used":739,"timings":{"blocked":199,"dns":11,"connect":52,"send":0,"wait":130,"receive":210,"ssl":134},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"d.chachenmorim.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d.chachenmorim.top/groupds/assets/js/backlink_back_button.js","fqdn":"d.chachenmorim.top","domain":"chachenmorim.top","tld":"top"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","date":"2025-12-31T15:28:04.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"d.chachenmorim.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 04:05:04 GMT","end":"Sat, 07 Mar 2026 04:05:03 GMT"},"fingerprint":{"sha1":"E6:9D:2E:22:59:FE:03:3C:7D:1D:50:62:21:4E:EA:C9:C4:ED:D5:A2","sha256":"DC:2C:B5:D9:1F:5E:C7:19:C7:2C:EC:26:F7:7D:80:67:4B:A7:7A:40:C9:AC:81:1C:CC:8C:E3:C0:5A:28:55:BB"}}},"request":{"raw":"GET /groupds/assets/js/backlink_back_button.js HTTP/1.1\r\nHost: d.chachenmorim.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://d.chachenmorim.top/?groupds=189\u0026productId=2796\u0026clientId=1365\u0026af=5002309114043154\u0026tracking=mju66v6opv6xoqnvpue3vr97p7\r\nCookie: c2s_step_des=%5B7%2C4%2C9%5D; c2s_step_limit=3; c2s_user_data=%7B%22isp%22%3A%22blix+solutions%22%2C%22country%22%3A%22NO%22%2C%22lang%22%3A%22en%22%2C%22clientId%22%3A%221365%22%2C%22operator%22%3Anull%2C%22action%22%3Anull%2C%22valid_products%22%3A%5B1414%2C1415%2C1416%2C1417%2C1418%2C1422%2C2841%2C2842%2C2843%2C1732%2C1896%2C1897%2C2822%2C2823%2C2834%2C1898%2C1899%2C1904%2C2563%2C1870%2C1981%2C1831%2C1814%2C2791%2C2798%2C2793%2C2800%2C2661%2C2666%2C1907%2C2665%2C2670%2C2790%2C2797%2C2845%2C2664%2C2669%2C2663%2C2668%2C2794%2C2801%2C2792%2C2799%2C1676%2C2795%2C2802%2C2796%2C2803%2C1829%2C1815%2C2662%2C2667%2C1847%2C1722%2C1738%2C1749%2C1748%2C1874%2C1843%2C1724%2C1827%2C1718%2C1872%2C1913%2C1970%2C2807%2C2812%2C2805%2C2810%2C2804%2C2809%2C1717%2C2024%2C2806%2C2811%2C2816%2C2808%2C2813%2C1727%2C2838%2C1909%2C1825%2C1750%2C2562%2C1849%2C1721%2C1863%2C1747%2C1853%2C1720%2C1971%2C1768%2C1767%2C1857%2C1855%2C2774%2C1902%2C2829%2C2828%2C1697%2C1763%2C1839%2C1764%2C1845%2C1723%2C2839%2C1968%2C1972%2C1769%2C1716%2C1728%2C2781%2C1726%2C1725%2C1835%2C1711%2C1851%2C1719%2C1841%2C1741%2C2780%2C1911%2C2001%2C1861%2C1859%2C1837%2C1733%2C1715%2C1900%2C1766%2C2833%2C1823%2C1821%2C2840%2C1765%2C1964%2C1963%2C1890%2C1889%2C1892%2C1891%2C1680%2C1967%2C1966%2C2509%2C2508%2C1868%2C2510%2C2513%2C1866%2C1975%2C2511%2C2514%2C2512%2C2515%2C1710%2C2771%2C2772%2C2773%2C2827%2C2824%2C2826%2C2825%2C1713%2C1714%2C1983%2C1969%2C1988%2C2071%2C1658%2C1657%2C1977%2C1591%2C1592%2C1593%2C1594%2C1595%2C1596%2C1974%2C1997%2C1752%2C1411%2C1706%2C1701%2C1665%2C1405%2C1404%2C1406%2C1503%2C1502%2C1504%2C1505%2C1908%2C1943%2C1942%2C1702%2C1547%2C1635%2C1627%2C1628%2C1629%2C1630%2C1631%2C1632%2C1633%2C1675%2C1941%2C1940%2C1906%2C2609%2C1616%2C1744%2C1705%2C1672%2C1667%2C2072%2C1699%2C1673%2C1599%2C1481%2C2250%2C1651%2C1662%2C1650%2C1654%2C1656%2C1655%2C1647%2C1648%2C1649%2C1660%2C1663%2C2028%2C1668%2C1666%2C1408%2C1407%2C1409%2C2023%2C1597%2C1659%2C1559%2C2070%2C1598%2C1536%2C1540%2C1652%2C1653%2C1901%2C1987%2C1637%2C1674%2C1537%2C1538%2C1539%2C1961%2C1413%2C1420%2C1421%2C1412%2C1499%2C1679%2C1696%2C1483%2C1661%2C1579%2C1484%2C1570%2C1553%2C1581%2C1490%2C1546%2C1580%2C1485%2C1550%2C1569%2C1486%2C1541%2C1712%2C1833%2C1803%2C1482%2C1636%2C1487%2C1551%2C1556%2C1568%2C1535%2C1488%2C1554%2C1552%2C1555%2C1489%2C1340%2C1460%2C1366%2C1367%2C1368%2C1341%2C1342%2C1449%2C1450%2C1451%2C1369%2C1370%2C1371%2C1372%2C1373%2C1425%2C1423%2C1424%2C1343%2C1344%2C1345%2C1354%2C1617%2C1626%2C1618%2C1619%2C1620%2C1621%2C1622%2C1623%2C1624%2C1625%2C1664%2C2002%5D%2C%22invalid_product%22%3Anull%2C%22successRate%22%3A0%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 15:28:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 620\r\nLast-Modified: Tue, 08 Apr 2025 08:01:04 GMT\r\nConnection: keep-alive\r\nETag: \"67f4d7c0-26c\"\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":620,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"60af47aa63c3bf9235687f706af2e899","sha1":"9b651a755c24a2e61617f574579b4d43db107609","sha256":"0faf991e33ce5cfde4a76de0c10f4271f51d30244da938b0e2b2e3f80b4cc035","sha512":"d9dd9a090d3a0bbbb6059b44171577ab1c836c0058b5bb8824a51f9dbf796077c33475150ca0ca033a4eb67ce2484ead2e766b04b6a98415dfef0a193f1c1a48","ssdeep":"","tlshash":"00f0b48d58a60078597331a9dfafa5283563046f3403ea117a8d97904f6472ec389fe9","first_seen":"2023-03-11T20:55:10Z","last_seen":"2026-05-08T20:40:00.282943Z","times_seen":552,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cazooysterlis.com/?cat=2\u0026groupds=189\u0026clientId=1365\u0026productId=2796\u0026publisher_id={publisher_id}\u0026tracking=mju66v6opv6xoqnvpue3vr97p7","fqdn":"cazooysterlis.com","domain":"cazooysterlis.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T15:28:03.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cazooysterlis.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 14:32:20 GMT","end":"Wed, 25 Feb 2026 14:32:19 GMT"},"fingerprint":{"sha1":"07:66:A8:35:B9:D6:F8:54:05:47:B0:5A:93:F7:45:AF:72:56:D6:35","sha256":"DB:F3:41:7A:26:F6:B4:C5:D5:2C:30:FB:04:FE:FF:A4:1F:4F:E8:D9:1C:F3:C2:73:44:83:39:2F:49:68:8A:A3"}}},"request":{"raw":"GET /?cat=2\u0026groupds=189\u0026clientId=1365\u0026productId=2796\u0026publisher_id={publisher_id}\u0026tracking=mju66v6opv6xoqnvpue3vr97p7 HTTP/1.1\r\nHost: cazooysterlis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 31 Dec 2025 15:28:03 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nSet-Cookie: redirect_user_data=%7B%22country%22%3A%22NO%22%2C%22city%22%3Anull%2C%22isp%22%3A%22blix+solutions%22%2C%22netspeed%22%3A%22%22%7D; expires=Wed, 31-Dec-2025 15:38:03 GMT; Max-Age=600\n_tracker_ikangoo=a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002309114043154%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NO%22%3Bs%3A4%3A%22_isp%22%3Bs%3A14%3A%22blix+solutions%22%3Bs%3A5%3A%22_time%22%3Bi%3A1767194883%3B%7D; expires=Wed, 31-Dec-2025 15:30:03 GMT; Max-Age=120\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3700,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"58296a200c223191c65a2747d08bd026","sha1":"2f32af067aed2fcadd526145bd4855e94e8fa0ca","sha256":"1fd40795ffb31aff7c9d3c1123c325a97192c99efe7d59a924f622d47a93604e","sha512":"578823e5ac9eca1edf47c98fdc3eadfd4b1f0581cb791c26dd228435bd6aa970d568c38b0dc4932fd7957dc6f8e8df51f51cbf441b19fef47bb14dac66e0a4ae","ssdeep":"","tlshash":"8c71e06a5c97010a7196e8386beb73418d258447e206dc68bd4cb2d8cfc0ed585eb7ec","first_seen":"2025-12-31T15:28:33.225434Z","last_seen":"2025-12-31T15:28:33.225434Z","times_seen":1,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":222,"dns":32,"connect":50,"send":0,"wait":90,"receive":1,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}