{"report_id":"18ad19f5-7f3b-49a1-b785-1a796ac1a173","version":6,"status":"done","tags":[],"date":"2025-12-20T12:40:17Z","url":{"schema":"http","addr":"lefados.xyz","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"example.com/","fqdn":"example.com","domain":"example.com","tld":"com"},"title":"Example Domain","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lefados.xyz","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-24T12:40:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"usrpubtrk.com","ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-12-17T19:44:19.819274Z","alert_count":5,"request_count":1,"received_data":520,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"inadsexchange.com","ip":{"addr":"172.67.187.144","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-07-03","domain_rank":205547,"first_seen":"2025-07-30T12:37:41.182716Z","last_seen":"2025-12-17T15:27:42.184875Z","alert_count":0,"request_count":1,"received_data":532,"sent_data":1215,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"lefados.xyz","ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"domain_registered":"2024-09-20","domain_rank":2043398,"first_seen":"2025-05-19T18:39:16.069206Z","last_seen":"2025-11-23T03:35:03.119263Z","alert_count":0,"request_count":4,"received_data":33259,"sent_data":1780,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"adexchangeclear.com","ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-12-16T00:43:57.602131Z","alert_count":2,"request_count":2,"received_data":4254,"sent_data":1478,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn5-thumbs.motherlessmedia.com","ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2008-10-11","domain_rank":905009,"first_seen":"2018-12-23T05:30:23Z","last_seen":"2025-12-17T14:53:12.221165Z","alert_count":0,"request_count":1,"received_data":7155,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"acscdn.com","ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-05-05","domain_rank":18769,"first_seen":"2020-05-06T08:07:13Z","last_seen":"2025-12-16T07:22:19.041437Z","alert_count":3,"request_count":3,"received_data":272049,"sent_data":1234,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn5-images.motherlessmedia.com","ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2008-10-11","domain_rank":886479,"first_seen":"2018-12-27T22:21:35Z","last_seen":"2025-12-15T18:56:05.800853Z","alert_count":0,"request_count":1,"received_data":156671,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6c84956f4aa5d6847744a6ba2c43d96f","sha1":"c1214a3f64189b0972c50281a8e6d6ec94ce3c3d","sha256":"4e44f6855e84defb598ce0b690b66d558700646ec68300f645c50996d1d7357e","sha512":"02a2296c7c4c8b338c6c13e1f82e23bf255308857eaefcda1eac65e95b311300cebacbac34478ac03a26ee4402380c6b2d26a89983f404da5c81c337c8170cb4","ssdeep":"","tlshash":"7fa0243f0154441450d1140c047d4f1d00cc11070c403dd5374c411d0f0c0cf073140c","size":82,"data":"","first_seen":"2025-10-16T23:21:33.540096Z","last_seen":"2026-01-02T07:04:01.56738Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/inpagepush.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7f0db26eb055502a3c717fa22faf536","sha1":"b965b83fc70e9098f6220f3896069100044e8b08","sha256":"d292485d1173d3ff605da3b3bec11c71156112a984eb891cceaebe215fa2f541","sha512":"fe6d5d4b0fa356ff2dd7b9a4c08163b25eb644abddc7cffe09e7a5112462b471a903f92e4aeaa920a6f0ce98b2bf54326cef6edb1e188e144e79107108961ca0","ssdeep":"768:a+bOIVSpFggvVZm5B1kp7yu1MOWCiXY26l708UzUSU7w0GRakGqq2UFAoZ3NMpBf:rOIVSp1GawV8kXHUFAoZ3NMpBinKHfVn","tlshash":"5b136f453e40c6573309cabfb533b8d4e3c60a6ab425169bab04bc8465c1a77faf6473","size":41812,"data":"","first_seen":"2025-12-17T19:33:45.31756Z","last_seen":"2026-01-13T12:29:41.97411Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/suv5.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a3d5aa49ebce13a6399e703a116ec9b","sha1":"a52991635eddd4f54da92d657a36af619b88ef47","sha256":"8924f212e1f3553244a9eb9e01a0cf05c585ea75ecf60002b0785b69553d0fcd","sha512":"ff21d8769d8397a2998058840da6e4e78672c7e489443077ef1341f0d50a1a9799e31d98ab2b763f3400d43da6d7fcaacfec56ea675639b1df375c92f6ed6953","ssdeep":"768:7Oa8VJZShPhDL2i1Ox0O2o1wFfLen1xje/EO6BEAi7y1qIV7qp258aeraeq0CmvK:aa89aDfO6lenZ0CmgPTueNWjk","tlshash":"d64385553e80461733098ebb3a13f8e6e858387a6489459ef608bd487287177f6fc772","size":56337,"data":"","first_seen":"2025-12-17T14:33:37.346036Z","last_seen":"2026-01-13T14:12:13.861788Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rums.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","size":2674,"data":"","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rect.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9acbcf5e6e19699246d62e25fe9d4dd","sha1":"59d4d99d0509fe22a2ba9da7bbde3b09ee1797d7","sha256":"f6f6fd3844a62bd23e714095b96d6a5a9ce75722c25f2ee103264ef40dbf2352","sha512":"674e7ff38453b3583147dbecbce7c5393373463061895f5dfcb6011cab41c3c5bd07da40498c75e10a23294816aa6c5610f4ec5e2c113856597b75f5833a3919","ssdeep":"","tlshash":"2e019c9e24e11c788e6331bc8eff713c5036298754574a12751d4d862fb130ec689d48","size":766,"data":"","first_seen":"2025-12-20T12:40:21.524387Z","last_seen":"2025-12-20T12:42:13.635572Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"48250370347c7f2d054321e03c8e394f","sha1":"dce1356dc4ee7b2b650fc3b2fa5c75e2de60c840","sha256":"e3fd6b9ca5d9b8d65c6330aa94f08f24cd2b59e1834cd7c960ea6ea3417acf52","sha512":"37527c5fc8159f26120d652f8477a70703eb6fb1f30126ceb66f9a58e05ddc365a1cb34b82b5bdcb24b694036bfe2a7c3052a50d883b956cccf2e167a7188ae7","ssdeep":"3072:ZcmbG7ee6cW7n8GrMN1HDxlfm1VeDbclbsZpyQ:y/FW78GrufmyclbsZpyQ","tlshash":"f4f395083a9455037b4b6fbb271774e5e9062c4ab894099eb254bc74e2836b3fff1136","size":171200,"data":"","first_seen":"2025-12-17T14:33:37.34138Z","last_seen":"2026-01-13T14:12:13.867658Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d8648169449c680b401bf1d2f4058d5","sha1":"1aa621d367c9a1bc0ff6be4240d9aedc662a193d","sha256":"bf3a738ffc623f77c6008c88299d1846495f726eafa25d0307ab3bd907ea47b8","sha512":"c9008196bdcf2f9560bedc5de07275b8eaeafb9436eed063c03bed13bf1cec43d2a7f34a1131847ae1a5a425c519465e9f03c1f9e7388c321f577dbb0601b692","ssdeep":"","tlshash":"5ed022179a78447813232692bee32cc078a190fc029f2888820e30e02fc14d61744ef3","size":199,"data":"","first_seen":"2025-12-20T12:40:21.527388Z","last_seen":"2025-12-20T12:40:21.527388Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"lefados.xyz/rums.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:01:27 GMT","end":"Tue, 10 Mar 2026 05:01:26 GMT"},"fingerprint":{"sha1":"38:48:44:DC:D3:F2:43:F3:57:AC:D2:CD:B9:9D:E7:81:30:EA:71:1A","sha256":"17:06:46:93:46:9C:85:3F:4B:58:E3:15:AD:8C:49:85:07:24:19:E3:13:09:6F:BD:04:C7:1A:3B:A3:95:3E:FA"}}},"request":{"raw":"GET /rums.js HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 12:39:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2674\r\nlast-modified: Tue, 21 Oct 2025 09:54:48 GMT\r\netag: \"68f75868-a72\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (559)","md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/favicon.ico","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:01:27 GMT","end":"Tue, 10 Mar 2026 05:01:26 GMT"},"fingerprint":{"sha1":"38:48:44:DC:D3:F2:43:F3:57:AC:D2:CD:B9:9D:E7:81:30:EA:71:1A","sha256":"17:06:46:93:46:9C:85:3F:4B:58:E3:15:AD:8C:49:85:07:24:19:E3:13:09:6F:BD:04:C7:1A:3B:A3:95:3E:FA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: d8051=bm9yZWZ8fHwxfDB8MHxub25lfDA6; d8051b=1766234396\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 12:39:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:31:22 GMT\r\netag: W/\"b52-63a7d1083953d\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-04T01:52:25.0368Z","times_seen":5578,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=10464206\u0026cbur=0.9266801524698802\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=lefados%20porn%20-%20no%20no%20no\u0026cbpage=https%3A%2F%2Flefados.xyz%2F\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=acscdn.com\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1766234398967\u0026srs=388c8032256e2b41c66bfe425a51e15c\u0026atv=74.0\u0026btp=0.01\u0026pblcz=10445558","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:58.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:08:46 GMT","end":"Sat, 07 Mar 2026 00:07:30 GMT"},"fingerprint":{"sha1":"D5:B9:71:11:A1:C5:BD:EA:60:68:49:87:01:4B:0B:CB:81:8B:FA:6C","sha256":"66:19:A7:E1:FD:B7:41:C7:AE:CB:33:20:81:70:04:52:48:C8:D0:0E:66:96:B3:F7:FE:B5:FC:10:FE:48:0A:44"}}},"request":{"raw":"GET /script/suurl5.php?r=10464206\u0026cbur=0.9266801524698802\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=lefados%20porn%20-%20no%20no%20no\u0026cbpage=https%3A%2F%2Flefados.xyz%2F\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=acscdn.com\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1766234398967\u0026srs=388c8032256e2b41c66bfe425a51e15c\u0026atv=74.0\u0026btp=0.01\u0026pblcz=10445558 HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://lefados.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 12:39:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TG63dJDpgdlm7oBFMYv2cmvGgemB7VS6Y5WmqbC%2FmSqFbpNmn%2B50BLKDpV6KrYYq7rfWt7zq%2B0pmLQnbS%2FsQPY36wgQ8m1zmAPLYrAyI6WCi\"}]}\r\ncf-ray: 9b0f34a1bc8f56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":987,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"51923428110141900bfd170571a21c4e","sha1":"d3164d433b637ef7d325113ff6ab4ffdca206db9","sha256":"37b7f40f182fd15770f1544d9753eafffac67949c77d270178295fca52609f7a","sha512":"aad94d2c9a424f119e12a2406c9c28a27eb9b65833f931142f228e7058226828fb784cb5bb60f7805cf911df41753fea3670ed418f44636b326efc3dc14147b6","ssdeep":"","tlshash":"e711c8611558220e9f74604dc09a3de42812806bcae0fd7197b64e55eb74c70c23fdd1","first_seen":"2025-12-20T12:40:21.508951Z","last_seen":"2025-12-20T12:40:21.508951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn5-thumbs.motherlessmedia.com/thumbs/FE71227.jpg","fqdn":"cdn5-thumbs.motherlessmedia.com","domain":"motherlessmedia.com","tld":"com"},"ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.motherlessmedia.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:9C:A7:64:1D:50:C4:66:FC:B5:AE:9C:CB:DF:AC:1E:1F:4B:A0:83","sha256":"FD:6F:CF:79:47:AA:EF:54:72:2A:60:E2:1B:57:6B:D6:33:60:E2:67:DA:83:68:95:02:34:5B:66:53:45:A1:0E"}}},"request":{"raw":"GET /thumbs/FE71227.jpg HTTP/1.1\r\nHost: cdn5-thumbs.motherlessmedia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Sat, 20 Dec 2025 12:39:57 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6881\r\nvary: x-s-token\r\nlast-modified: Thu, 01 Jul 2021 11:03:43 GMT\r\netag: \"1ae1-5c60dcad0c0d2\"\r\nx-cache: HIT\r\nx-whom: cdn07\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6881,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x240, components 3","md5":"5d105eab9cc59f338d4719fb244d0118","sha1":"5fc3b03f216f36418bcd5834452a41b3effdf5d2","sha256":"761ad0bcaf9dd32d7ffca05fbe189fecfbaf0cceaa92bfdb4048355bc8579abf","sha512":"527ceb0b1d1886cd1566b3540aeb89c2b7055a0b6d41083f6c93cdc563123a4268794e25ba248b8eb566b83626f3adced717a85da6d20c0d3cb18d4adf2fc682","ssdeep":"192:1JnCcRJZZWaE6+knxqhXe0zabSLz7zcyOm:1JNZlx+knE40zv7Wm","tlshash":"a4e1afa3b9d85f9dcd22cabb803a263073446d2cdcb1773eaf87d70705681d5b449a00","first_seen":"2024-10-06T09:19:28.178685Z","last_seen":"2026-01-28T02:11:33.388412Z","times_seen":8,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":181,"dns":7,"connect":17,"send":0,"wait":20,"receive":2,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 00:40:27 GMT","end":"Thu, 05 Feb 2026 01:40:22 GMT"},"fingerprint":{"sha1":"76:9A:7C:2F:34:DA:E3:06:23:B8:73:B7:95:32:FC:FF:34:88:AB:1A","sha256":"F0:CF:B6:C8:DE:7A:81:6A:9A:D8:3E:43:29:D0:90:4D:7B:2A:8F:21:F6:9C:91:59:EA:FF:0E:B5:7E:07:E4:91"}}},"request":{"raw":"GET /script/aclib.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 12:39:57 GMT\r\ncontent-type: text/javascript\r\nx-guploader-uploadid: AHVrFxN2iBpb-t5ZfS7VArRJLFCT_VqFVa-k_zQ-uVo_DGLQ5Kg_G4ZI5UED5xfr9wCf76B8\r\nx-goog-generation: 1765975833874839\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 171200\r\nx-goog-hash: crc32c=Y6PsGw==, md5=SCUDcDR8fy0FQyHgPI45Tw==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: cloudflare\r\nexpires: Sat, 20 Dec 2025 13:39:57 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Wed, 17 Dec 2025 12:50:33 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\nage: 1678\r\ncf-cache-status: HIT\r\netag: W/\"48250370347c7f2d054321e03c8e394f\"\r\ncontent-encoding: gzip\r\ncf-ray: 9b0f34988e53712d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":171200,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"48250370347c7f2d054321e03c8e394f","sha1":"dce1356dc4ee7b2b650fc3b2fa5c75e2de60c840","sha256":"e3fd6b9ca5d9b8d65c6330aa94f08f24cd2b59e1834cd7c960ea6ea3417acf52","sha512":"37527c5fc8159f26120d652f8477a70703eb6fb1f30126ceb66f9a58e05ddc365a1cb34b82b5bdcb24b694036bfe2a7c3052a50d883b956cccf2e167a7188ae7","ssdeep":"3072:ZcmbG7ee6cW7n8GrMN1HDxlfm1VeDbclbsZpyQ:y/FW78GrufmyclbsZpyQ","tlshash":"f4f395083a9455037b4b6fbb271774e5e9062c4ab894099eb254bc74e2836b3fff1136","first_seen":"2025-12-17T14:33:37.34138Z","last_seen":"2026-01-13T14:12:13.867658Z","times_seen":466,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":41,"dns":5,"connect":1,"send":0,"wait":20,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn5-images.motherlessmedia.com/images/983C119.jpg","fqdn":"cdn5-images.motherlessmedia.com","domain":"motherlessmedia.com","tld":"com"},"ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.motherlessmedia.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:9C:A7:64:1D:50:C4:66:FC:B5:AE:9C:CB:DF:AC:1E:1F:4B:A0:83","sha256":"FD:6F:CF:79:47:AA:EF:54:72:2A:60:E2:1B:57:6B:D6:33:60:E2:67:DA:83:68:95:02:34:5B:66:53:45:A1:0E"}}},"request":{"raw":"GET /images/983C119.jpg HTTP/1.1\r\nHost: cdn5-images.motherlessmedia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Sat, 20 Dec 2025 12:39:57 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 156394\r\nvary: x-s-token\r\nlast-modified: Sat, 29 Sep 2018 20:43:14 GMT\r\netag: \"262ea-577089ef7ec05\"\r\nx-cache: HIT\r\nx-whom: cdn06\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":156394,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1008x628, components 3","md5":"44ceddcb76bb6fe6d3dde15c4e866a42","sha1":"4f48a110774a5aa5fd9f130ba44c29bf32bb3e8a","sha256":"e6cf504f4a2ec2316a8051c34f57cd15ca3adc47f259772a4d75596d99316703","sha512":"9f1693dae3d4c3abc5ed5711f0ace770eec040d942b68a7f2caae7d316adeda1603733828142b796bbef6d3360ab46a0a35e569b40ed99777f80a5f66e1a4faa","ssdeep":"3072:B31IFZQhv+9ok9IG+6c87sBxwx+8GE4+sbD0P5/17VzkMKbxrruBS5iQK:B31IFZQhv+9ocTc8YBxex4+sbc5lAbxI","tlshash":"90e323045800788533db8ed3ffd42c970bd59a3578abbaf382f969c9b096638181968c","first_seen":"2025-12-20T12:40:21.515019Z","last_seen":"2025-12-20T12:42:13.631399Z","times_seen":2,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":200,"dns":9,"connect":32,"send":0,"wait":40,"receive":38,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/inpagepush.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 00:40:27 GMT","end":"Thu, 05 Feb 2026 01:40:22 GMT"},"fingerprint":{"sha1":"76:9A:7C:2F:34:DA:E3:06:23:B8:73:B7:95:32:FC:FF:34:88:AB:1A","sha256":"F0:CF:B6:C8:DE:7A:81:6A:9A:D8:3E:43:29:D0:90:4D:7B:2A:8F:21:F6:9C:91:59:EA:FF:0E:B5:7E:07:E4:91"}}},"request":{"raw":"GET /script/inpagepush.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 20 Dec 2025 12:39:57 GMT\r\ncontent-type: text/javascript\r\nx-guploader-uploadid: AHVrFxOMsAVwX__SfpwEeJLck19L1RJA_dK1emsk-6o3jkEXKCyKpfwZgDJnVzz-Z4v07vDntsEqgA0\r\nx-goog-generation: 1765975984005115\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 41812\r\nx-goog-hash: crc32c=Pu1qMQ==, md5=5/DbJusFVQKjxxf6Ivr1Ng==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: cloudflare\r\nexpires: Sat, 20 Dec 2025 13:39:57 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Wed, 17 Dec 2025 12:53:04 GMT\r\nvary: accept-encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\nage: 1660\r\ncf-cache-status: HIT\r\netag: W/\"e7f0db26eb055502a3c717fa22faf536\"\r\ncontent-encoding: gzip\r\ncf-ray: 9b0f349a5f8e56c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41812,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (41811)","md5":"e7f0db26eb055502a3c717fa22faf536","sha1":"b965b83fc70e9098f6220f3896069100044e8b08","sha256":"d292485d1173d3ff605da3b3bec11c71156112a984eb891cceaebe215fa2f541","sha512":"fe6d5d4b0fa356ff2dd7b9a4c08163b25eb644abddc7cffe09e7a5112462b471a903f92e4aeaa920a6f0ce98b2bf54326cef6edb1e188e144e79107108961ca0","ssdeep":"768:a+bOIVSpFggvVZm5B1kp7yu1MOWCiXY26l708UzUSU7w0GRakGqq2UFAoZ3NMpBf:rOIVSp1GawV8kXHUFAoZ3NMpBinKHfVn","tlshash":"5b136f453e40c6573309cabfb533b8d4e3c60a6ab425169bab04bc8465c1a77faf6473","first_seen":"2025-12-17T19:33:45.31756Z","last_seen":"2026-01-13T12:29:41.97411Z","times_seen":97,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.01039219166157257\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:58.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 12:57:52 GMT","end":"Tue, 10 Mar 2026 13:56:16 GMT"},"fingerprint":{"sha1":"77:2A:71:0C:1C:F9:2B:14:04:DB:13:5F:A6:57:67:6D:B3:A9:A0:95","sha256":"E0:53:FF:DF:EC:31:75:79:08:DF:B9:B1:56:18:5A:48:15:62:EF:8B:BB:4C:1B:05:1C:E8:DD:3F:0C:A4:80:41"}}},"request":{"raw":"POST /ut/hb.php?cb=0.01039219166157257\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 1430\r\nOrigin: https://lefados.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1430,"data":"{\"clientHints\":{},\"isScrollable\":1,\"totalClicks\":0,\"sessionLength\":0,\"ippMissclicks\":0,\"visible\":1,\"caught\":0,\"lastevent\":0,\"isFullscreen\":0,\"isTabFocused\":1,\"eventImps\":0,\"retryCounts\":0,\"isScrolled\":1,\"isMouseMoved\":0,\"pagePercentageSeen\":30,\"belowTheFoldSeen\":0,\"touchEnd\":0,\"touchMove\":0,\"clicksByType\":{\"idle\":0,\"input\":0,\"video\":0,\"button\":0,\"link\":0,\"img\":0},\"browsingTopics\":[],\"ufp\":\"Win32/Mozilla/Netscape/true/false/1280x10240en-USunknown4824 bits\",\"sessionStartTime\":1766234398,\"sessionId\":\"388c8032256e2b41c66bfe425a51e15c\",\"timeZoneOffset\":0,\"zones\":[\"10445558\"],\"pUrl\":\"https%3A%2F%2Flefados.xyz%2F\",\"pReferrer\":\"\",\"pTitle\":\"lefados%20porn%20-%20no%20no%20no\",\"pDescription\":\"\",\"pKeywords\":\"\",\"pHasIframes\":0,\"pWidth\":1280,\"pHeight\":3511,\"vWidth\":1280,\"vHeight\":1024,\"inIframe\":0,\"bsd\":\"eyJwcm9iYWJpbGl0eSI6MC4wMSwicGVyU2lnbmFsIjp7ImlzV2ViRHJpdmVyUHJlc2VudCI6MCwiaXNDRFBEZXRlY3RlZCI6MCwiYXV0b21hdGVkQnJvd3Nlckdsb2JhbHMiOjAsImlzV2luZG93Q0RDIjowLCJkb2VzVUFDb250YWluSGVhZGxlc3NLZXl3b3JkIjowLCJpc0ZpcmVmb3hNaXNtYXRjaCI6MCwiaW5jb25zaXN0ZW5jaWVzIjowLCJpc0Nocm9tZUZvclRlc3RpbmciOjAsImRldGVjdENTU0Fub21hbGllcyI6MCwiaXNIZWFkbGVzc1Blcm1pc3Npb25NYXRjaGVkIjowLCJkZXRlY3RMb2NhbFN0b3JhZ2UiOjAsIm5vUGx1Z2luc1ByZXNlbnQiOjAsIm1pc3NpbmdXZWJSVEMiOjAsIm1pc3NpbmdBdWRpb1ZpZGVvIjowLCJtaXNzaW5nQ2FudmFzIjowLCJtb3VzZU1vdmVTY29yZSI6MCwiY2VudGVyZWRDbGlja1BlcmNlbnRhZ2UiOjAsInNjcm9sbFN1c3BpY2lvdXNTY29yZSI6MH19\",\"sentTimestamp\":1766234398475}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 12:39:58 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZlgBzFca1SvQckm3jVF6SvWkOECPRr9GBwmEhfUwVP3xVNW4Ipe99unOcnRUOnPysIPiYgIXZPCRggbgmQBrR5Ep2V02IJuVLTcn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b0f349f3d7756c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:45:59.439381Z","times_seen":13315505,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":40,"dns":5,"connect":1,"send":0,"wait":149,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/push.php?r=10445558\u0026ipp=1\u0026mads=2\u0026position=top\u0026srs=388c8032256e2b41c66bfe425a51e15c\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Flefados.xyz%2F\u0026atv=74.0\u0026cbref=\u0026btp=0.01","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:58.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:08:46 GMT","end":"Sat, 07 Mar 2026 00:07:30 GMT"},"fingerprint":{"sha1":"D5:B9:71:11:A1:C5:BD:EA:60:68:49:87:01:4B:0B:CB:81:8B:FA:6C","sha256":"66:19:A7:E1:FD:B7:41:C7:AE:CB:33:20:81:70:04:52:48:C8:D0:0E:66:96:B3:F7:FE:B5:FC:10:FE:48:0A:44"}}},"request":{"raw":"GET /script/push.php?r=10445558\u0026ipp=1\u0026mads=2\u0026position=top\u0026srs=388c8032256e2b41c66bfe425a51e15c\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Flefados.xyz%2F\u0026atv=74.0\u0026cbref=\u0026btp=0.01 HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://lefados.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 12:39:58 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=61Tj81924aZNA%2FwNpGSsYEX8rGZ3NPSTF3O1TqLSyyGXCgMGGjBKZzQMtd1hgEX%2F%2BMqY0ZN6FlCJBCBXszvB9VrFClQ6egIHuiVUmMDvzrM7\"}]}\r\ncf-ray: 9b0f349f49f656ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1837,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"854e571b2496c92b5e0498ee0a2507a4","sha1":"855f922772ed3564ef3e7528f6704b7c92743ee7","sha256":"2cacafb26669c2f051b9e91a7e430e59eaf619759e3e046f2042c679a5e793d5","sha512":"6002466fe1ce083ff5f804f2e089401acd31074019b6dc35b75ea89cebd5c5deec6f101ab3d87100281fef706446e09b733e59783e6a77e1a3dae059e1319939","ssdeep":"","tlshash":"8931298d05c675192a1e6bc0527c9c6cde1427670a4c7ca3095debd8c5bd1ac8f875b3","first_seen":"2025-12-20T12:40:21.51933Z","last_seen":"2025-12-20T12:40:21.51933Z","times_seen":1,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":39,"dns":9,"connect":1,"send":0,"wait":190,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/suv5.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:58.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 00:40:27 GMT","end":"Thu, 05 Feb 2026 01:40:22 GMT"},"fingerprint":{"sha1":"76:9A:7C:2F:34:DA:E3:06:23:B8:73:B7:95:32:FC:FF:34:88:AB:1A","sha256":"F0:CF:B6:C8:DE:7A:81:6A:9A:D8:3E:43:29:D0:90:4D:7B:2A:8F:21:F6:9C:91:59:EA:FF:0E:B5:7E:07:E4:91"}}},"request":{"raw":"GET /script/suv5.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 20 Dec 2025 12:39:58 GMT\r\ncontent-type: text/javascript\r\nx-guploader-uploadid: AHVrFxNjhSDeDCfYo-S78XpemEZnhLs0YZyYX5_rJheSp9k4DAZ7joWf_yJ-Klid8bb4F0I2tvNB6HM\r\nx-goog-generation: 1765976148566843\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 56337\r\nx-goog-hash: crc32c=C6SdHA==, md5=mj1apJ684TpjmecDoRbsmw==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nexpires: Sat, 20 Dec 2025 13:39:58 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Wed, 17 Dec 2025 12:55:48 GMT\r\nvary: accept-encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\nage: 300\r\ncf-cache-status: HIT\r\netag: W/\"9a3d5aa49ebce13a6399e703a116ec9b\"\r\ncontent-encoding: gzip\r\ncf-ray: 9b0f34a0dc4c56c0-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56337,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (56336)","md5":"9a3d5aa49ebce13a6399e703a116ec9b","sha1":"a52991635eddd4f54da92d657a36af619b88ef47","sha256":"8924f212e1f3553244a9eb9e01a0cf05c585ea75ecf60002b0785b69553d0fcd","sha512":"ff21d8769d8397a2998058840da6e4e78672c7e489443077ef1341f0d50a1a9799e31d98ab2b763f3400d43da6d7fcaacfec56ea675639b1df375c92f6ed6953","ssdeep":"768:7Oa8VJZShPhDL2i1Ox0O2o1wFfLen1xje/EO6BEAi7y1qIV7qp258aeraeq0CmvK:aa89aDfO6lenZ0CmgPTueNWjk","tlshash":"d64385553e80461733098ebb3a13f8e6e858387a6489459ef608bd487287177f6fc772","first_seen":"2025-12-17T14:33:37.346036Z","last_seen":"2026-01-13T14:12:13.861788Z","times_seen":342,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inadsexchange.com/script/i.php?t=1\u0026c=23986342\u0026stamat=m%257C%252C%252CgjI-IjE-oGU3B0-GH0dEdHP3xP.cad%252CybPkbVJBTDVJZal4WR1h7woJgf8Rc7_aDJW2uoRadzIEM_cLu3CdFdjlEsDBKByJW_Qvc7MDTQYSXfi6XEdPgDHA6IA7j5s0z5_qzejNHrEbuyk0iq6dnjjsZAnedXfKOLU9MiGmT6bjxlqBAnaZfEfla3sg4NcKXWZ50EDOudqe9piUBm6it_jVNW2zRlKMrMuPXYQlwWPTAOvK8Dqui1wkLhF5tfCPyI4DLJo6VusYup6S_YJRDen4rxa47Sx0BvAcby6i6gMjQba4A_LoLFZWX_yr5BKVcTrAzVRNTUxG0TGM_nRLzJIWTs3JMcO9uO-vOjvGZoCccJmj1ZgUf3r3Cr7mhdZV_RpLTC-PhLpuh4xw-ps_ylXf1WktUrcEU-jR47qxSwdjv7kDlKfsHV6o-JTfNh-2ry-6v_OxrlQw6PxXJ0hrl8lCt8u7yZMT9LJ_przu2HnFOrfmPNeKkEPzt-ZmYu1ghUf8Z5AM6XhTP8OJOompyRf2aNV7qw5YnQudmvNrmJXMDP335NagMz30Hpt3cf3HgUKIqbi7Ie2yhsM-Yj_22KxNmW3txwquj4GHP3r4_T9GKtXDAwlkVPFHXNcvaTHUyZiS3JrUfnU%252C\u0026utsid=388c8032256e2b41c66bfe425a51e15c\u0026cbpage=https%3A%2F%2Flefados.xyz%2F\u0026cbref=","fqdn":"inadsexchange.com","domain":"inadsexchange.com","tld":"com"},"ip":{"addr":"172.67.187.144","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:58.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inadsexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 07:51:57 GMT","end":"Fri, 06 Mar 2026 08:49:26 GMT"},"fingerprint":{"sha1":"8B:35:15:F4:0A:A6:B2:F7:75:B5:02:95:6D:60:99:47:B7:80:81:74","sha256":"A4:DE:09:1C:55:56:A2:44:6F:FB:21:4A:BA:C2:BB:5F:11:54:8D:42:5F:59:01:EC:B5:FF:33:41:1C:0A:40:C4"}}},"request":{"raw":"GET /script/i.php?t=1\u0026c=23986342\u0026stamat=m%257C%252C%252CgjI-IjE-oGU3B0-GH0dEdHP3xP.cad%252CybPkbVJBTDVJZal4WR1h7woJgf8Rc7_aDJW2uoRadzIEM_cLu3CdFdjlEsDBKByJW_Qvc7MDTQYSXfi6XEdPgDHA6IA7j5s0z5_qzejNHrEbuyk0iq6dnjjsZAnedXfKOLU9MiGmT6bjxlqBAnaZfEfla3sg4NcKXWZ50EDOudqe9piUBm6it_jVNW2zRlKMrMuPXYQlwWPTAOvK8Dqui1wkLhF5tfCPyI4DLJo6VusYup6S_YJRDen4rxa47Sx0BvAcby6i6gMjQba4A_LoLFZWX_yr5BKVcTrAzVRNTUxG0TGM_nRLzJIWTs3JMcO9uO-vOjvGZoCccJmj1ZgUf3r3Cr7mhdZV_RpLTC-PhLpuh4xw-ps_ylXf1WktUrcEU-jR47qxSwdjv7kDlKfsHV6o-JTfNh-2ry-6v_OxrlQw6PxXJ0hrl8lCt8u7yZMT9LJ_przu2HnFOrfmPNeKkEPzt-ZmYu1ghUf8Z5AM6XhTP8OJOompyRf2aNV7qw5YnQudmvNrmJXMDP335NagMz30Hpt3cf3HgUKIqbi7Ie2yhsM-Yj_22KxNmW3txwquj4GHP3r4_T9GKtXDAwlkVPFHXNcvaTHUyZiS3JrUfnU%252C\u0026utsid=388c8032256e2b41c66bfe425a51e15c\u0026cbpage=https%3A%2F%2Flefados.xyz%2F\u0026cbref= HTTP/1.1\r\nHost: inadsexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 20 Dec 2025 12:39:59 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f1f%2FLx%2FSAq4G3hlR5dqk3Ivkv1tEqragVqv89HC9Qf81akBsNc8yJEqoVDN05aHSls7VXxblwmvW5qApsya26GsRlC508NoQnDrbFZ67Zm4r\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b0f34a14f314c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:45:59.439381Z","times_seen":13315505,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":66,"dns":21,"connect":1,"send":0,"wait":142,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T12:39:56.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:01:27 GMT","end":"Tue, 10 Mar 2026 05:01:26 GMT"},"fingerprint":{"sha1":"38:48:44:DC:D3:F2:43:F3:57:AC:D2:CD:B9:9D:E7:81:30:EA:71:1A","sha256":"17:06:46:93:46:9C:85:3F:4B:58:E3:15:AD:8C:49:85:07:24:19:E3:13:09:6F:BD:04:C7:1A:3B:A3:95:3E:FA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 12:39:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 4140\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25810,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"d5f579c78d7c809430b411b8449b5965","sha1":"7dd1b5af5a66f94cb7ba9707f9533206a833f33c","sha256":"9c906a03309f83ed83b0cc8952df6a63fe89db130b7c7f82586779e28a9a7d24","sha512":"417a3236474c4f7a90cf2a5e5329d77ad5f7fea67447c042d74cfbe183a7f29bc7d9be0f97603093426e366b3e69c0ff066566cd090eeebb89ca2367e3a71239","ssdeep":"768:djFjFJXFVMF4FqOaPXC/pH0LNA6E+0CKmSK1euCMHtRdMbqpTJv2g:lxnXoekOaKAaX6rR5","tlshash":"6dc2044395f304155197f2c4ba31177bbd56ae43e027893cb9ac5bd8cfb3e864883a89","first_seen":"2025-12-20T12:40:21.522388Z","last_seen":"2025-12-20T12:40:21.522388Z","times_seen":1,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":305,"dns":1,"connect":144,"send":0,"wait":255,"receive":1,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rect.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-12-20T12:39:57.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:01:27 GMT","end":"Tue, 10 Mar 2026 05:01:26 GMT"},"fingerprint":{"sha1":"38:48:44:DC:D3:F2:43:F3:57:AC:D2:CD:B9:9D:E7:81:30:EA:71:1A","sha256":"17:06:46:93:46:9C:85:3F:4B:58:E3:15:AD:8C:49:85:07:24:19:E3:13:09:6F:BD:04:C7:1A:3B:A3:95:3E:FA"}}},"request":{"raw":"GET /rect.js HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Dec 2025 12:39:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 766\r\nlast-modified: Sat, 06 Dec 2025 10:15:35 GMT\r\netag: \"69340247-2fe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":766,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (365)","md5":"b9acbcf5e6e19699246d62e25fe9d4dd","sha1":"59d4d99d0509fe22a2ba9da7bbde3b09ee1797d7","sha256":"f6f6fd3844a62bd23e714095b96d6a5a9ce75722c25f2ee103264ef40dbf2352","sha512":"674e7ff38453b3583147dbecbce7c5393373463061895f5dfcb6011cab41c3c5bd07da40498c75e10a23294816aa6c5610f4ec5e2c113856597b75f5833a3919","ssdeep":"","tlshash":"2e019c9e24e11c788e6331bc8eff713c5036298754574a12751d4d862fb130ec689d48","first_seen":"2025-12-20T12:40:21.524387Z","last_seen":"2025-12-20T12:42:13.635572Z","times_seen":2,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}