{"report_id":"1cee01e5-bd5c-4a7e-9460-2c322c871c31","version":6,"status":"done","tags":[],"date":"2025-11-22T22:44:45Z","url":{"schema":"http","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"172.67.194.148","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"title":"(1) New Message!","dom":{"size":107280,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"8ba626b59b9e14368ff97bf7259c973d","sha1":"a56d9d8395999ea18fb9696f3cc03f8c142541a9","sha256":"7f66cd99358066c6e682b1e988789e9daccc27be79e477d1d22ea406b2a34c30","sha512":"c21ec2e4437155ebd19196b06643caf938d2cfdfa4e8e0a7f87a04f908223c6447400209015936ebd45a0171f264c39fa9b785d8d75b47f658c0a3d5c03d8b31","ssdeep":"768:lPu2u4TtgFuLuNuhuJKOZcMmLoVbaZ7LFVTF/yoFjFltqom8ekGm5oRsaDR:Xg7KOZcMmLoVbaZ7LH5yohjrmbkf+/","tlshash":"e6a3cf9d69d01240d227865cc7fe5f252b68e533181a9cdbf2c21c8acf87e6c9be514b","dom_hash":"domhash646514760f34f3ecb1f5039882802433","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"172.67.194.148","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-27T22:44:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":31}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-22T22:44:25Z","timestamp":1763851465,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.22","port":49291,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-22T22:44:25.066771+0000\",\"flow_id\":1487137741014227,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":49291,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-22T22:44:25.066771+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"protrafficinspector.com","ip":{"addr":"3.125.70.62","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-11-18T17:36:30.087644Z","alert_count":0,"request_count":1,"received_data":423,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"image.tmdb.org","ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"domain_registered":"2009-09-15","domain_rank":53077,"first_seen":"2021-01-09T06:43:03Z","last_seen":"2025-11-17T15:07:03.424494Z","alert_count":0,"request_count":9,"received_data":318795,"sent_data":4167,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-11-17T09:36:44.126639Z","alert_count":30,"request_count":6,"received_data":216387,"sent_data":6865,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-11-17T11:05:45.168485Z","alert_count":16,"request_count":8,"received_data":11919,"sent_data":7777,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-11-19T07:32:15.648628Z","alert_count":6,"request_count":2,"received_data":171912,"sent_data":824,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"r8kybcupde14.s4.adsco.re","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":0,"first_seen":"2025-11-22T22:44:47.452155Z","last_seen":"2025-11-22T22:44:47.452155Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":440,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r8kybcupde14.l4.adsco.re","ip":{"addr":"185.200.118.62","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"domain_registered":"2017-02-14","domain_rank":0,"first_seen":"2025-11-22T22:44:47.459283Z","last_seen":"2025-11-22T22:44:47.459283Z","alert_count":0,"request_count":1,"received_data":463,"sent_data":440,"comment":"","tags":null,"fingerprints":null},{"fqdn":"c.adsco.re","ip":{"addr":"104.16.42.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":100769,"first_seen":"2017-11-29T18:42:15Z","last_seen":"2025-11-17T12:06:42.792462Z","alert_count":0,"request_count":1,"received_data":72091,"sent_data":511,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.filmaon.bz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-29","domain_rank":0,"first_seen":"2025-11-22T22:44:47.47764Z","last_seen":"2025-11-22T22:44:47.47764Z","alert_count":177,"request_count":59,"received_data":1407875,"sent_data":52367,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Site Kit:1.166.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Sign-in","description":"Google Sign-In is a secure authentication system that reduces the burden of login for users, by enabling them to sign in with their Google account.","website":"https://developers.google.com/identity/sign-in/web","common_platform_enumeration":"","icon":"Google.svg","categories":["Authentication"]},{"name":"WPMU DEV Smush:3.22.3","description":"WPMU DEV Smush is a WordPress plugin that allows you to optimise images without losing quality.","website":"https://wpmudev.com/project/wp-smush-pro","common_platform_enumeration":"","icon":"WPMU DEV.png","categories":["WordPress plugins"]},{"name":"WP Fastest Cache","description":"WP Fastest Cache is one of a number of plugins for WordPress designed to accelerate the performance of your website.","website":"https://www.wpfastestcache.com","common_platform_enumeration":"","icon":"WP Fastest Cache.png","categories":["WordPress plugins","Performance"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-11-19T02:16:45.643485Z","alert_count":6,"request_count":2,"received_data":1060,"sent_data":1532,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"4.adsco.re","ip":{"addr":"162.252.214.5","port":2087,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":95532,"first_seen":"2021-01-04T16:47:52Z","last_seen":"2025-11-21T08:31:02.428571Z","alert_count":0,"request_count":2,"received_data":864,"sent_data":857,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.cdn4ads.com","ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2020-04-18","domain_rank":441594,"first_seen":"2020-04-19T20:21:04Z","last_seen":"2025-11-20T20:45:40.690537Z","alert_count":0,"request_count":1,"received_data":42464,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"realizationnewestfangs.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-02T06:26:57.543488Z","last_seen":"2025-11-17T20:52:29.182882Z","alert_count":3,"request_count":1,"received_data":525,"sent_data":507,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-11-17T00:28:00.919789Z","alert_count":0,"request_count":1,"received_data":32532,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-16T22:16:03.162694Z","alert_count":0,"request_count":3,"received_data":432354,"sent_data":1320,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-11-17T08:28:43.475071Z","alert_count":18,"request_count":6,"received_data":274221,"sent_data":2812,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn4ads.com","ip":{"addr":"216.59.63.128","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2020-04-18","domain_rank":44268,"first_seen":"2020-04-19T20:21:04Z","last_seen":"2025-11-20T20:45:41.514739Z","alert_count":0,"request_count":1,"received_data":257,"sent_data":1738,"comment":"","tags":null,"fingerprints":null},{"fqdn":"6.adsco.re","ip":{"addr":"104.16.43.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":91627,"first_seen":"2018-01-15T04:15:29Z","last_seen":"2025-11-21T02:07:42.170256Z","alert_count":0,"request_count":2,"received_data":997,"sent_data":857,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"r8kybcupde14.n4.adsco.re","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":0,"first_seen":"2025-11-22T22:44:47.462393Z","last_seen":"2025-11-22T22:44:47.462393Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":440,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-11-17T08:28:43.399608Z","alert_count":1,"request_count":1,"received_data":2201,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-16T22:13:25.532985Z","alert_count":0,"request_count":2,"received_data":52970,"sent_data":920,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-11-16T22:39:01.613573Z","alert_count":0,"request_count":2,"received_data":244547,"sent_data":847,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-16T22:13:25.550079Z","alert_count":0,"request_count":7,"received_data":283365,"sent_data":3857,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adsco.re","ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":3069,"first_seen":"2017-04-03T03:11:30Z","last_seen":"2025-11-18T17:37:46.430165Z","alert_count":0,"request_count":1,"received_data":1790,"sent_data":488,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.highperformanceformat.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-10-15","domain_rank":366864,"first_seen":"2024-10-23T18:32:34.138968Z","last_seen":"2025-11-17T15:15:53.232334Z","alert_count":4,"request_count":1,"received_data":47478,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-11-19T14:00:05.408664Z","alert_count":4,"request_count":1,"received_data":377,"sent_data":417,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"accounts.google.com/gsi/client","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c1b180bd4a35728727c3f32a874d68b","sha1":"5b1ae4f0e404bbd39c9cf8eb101af7753433ef18","sha256":"d03f87f21af37507b32e32609e621d6cbcdef0f1b6d1467bfa8fa673497212de","sha512":"035b6d485f66c60f5a6d464e3dc8f3701971255b919a7b9210cefc975b1cbb341e006b8528150e6206549935becf1508f3a0c3e4990bedf00139c7660e3155fa","ssdeep":"","tlshash":"0111ab9572a2d541812770da4a0f108bf06aa83f9eacb960b2a4c8f49db899a4455e16","size":1000,"data":"","first_seen":"2025-11-13T19:14:55.157966Z","last_seen":"2025-12-20T06:40:24.915644Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f7a00868c94990fc6417d7abcbb3f85f/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef250758a35649cf35008dad7d06b23c","sha1":"e642738c10d50868fc2a1bd72d7ee90d88f47a85","sha256":"e3ce78b18ff699a9c701bf2e6bec8dffe3da6115931ecc181b0b8657e9e168df","sha512":"141e0605925173546fb7683fdcd0d963aaf7bb10cef8d81ec7a5c10969d6124034f86859a057fabf9b052abd0501800c25b2aa40bcbe81f4ca9f501a285283e5","ssdeep":"","tlshash":"0111c2bfbfa0f071874733a8158f114bed11fcb760b49044a500a9f07e6049d4473b29","size":1000,"data":"","first_seen":"2025-11-22T06:55:18.203837Z","last_seen":"2025-11-30T14:57:42.715308Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-09T15:13:20.105431Z","times_seen":15701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-05-09T15:58:40.906661Z","times_seen":11285,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-09T15:40:42.134352Z","times_seen":71723,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-09T15:34:22.197122Z","times_seen":857002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b2aa32ba240422a91e7117668ee82268","sha1":"0822d051e93c99da06d48bf2566cff71288e124a","sha256":"ea3604ecc0e25d6e5e3072c3778b5db2c4199695f7d620beae854c2b9ef94bce","sha512":"cea9299208b8432b36bc5e28d4250cd73b3f6de4e182b60fa693f74542a125f2250515db794d663ef1dc537841a7bb4776251df55d807e8ba7b88983972e38c8","ssdeep":"","tlshash":"8d01103e13411dbd4bd0a1c9ee52b113a5e853a6e25105cca598f75c01bde33f129935","size":727,"data":"","first_seen":"2025-11-22T22:44:58.860101Z","last_seen":"2025-12-02T14:43:18.50502Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b7d8a1a33a77fcd0328d3c709c5a9eb3","sha1":"e8ea90d66488aae87f231079141b02b04cc26f05","sha256":"3f06772f212125287a824492bf133d5fc6ef851b8478c081406f650716869cde","sha512":"b92d0879e95318270c892770db71380d6f66efbeb8e4c9a8155e82b09e66a0a90844a4d0e38ede9b6bd536d8926ab4359e3bcc5266594f04136fa66295bbc9c1","ssdeep":"","tlshash":"f37000082080000200200002020222003202203080c82002a2000a3020ea08b8020080","size":20,"data":"","first_seen":"2023-03-07T16:36:56Z","last_seen":"2026-03-06T11:55:01.489296Z","times_seen":4296,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=GT-KD7LNFM4","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"74dfa5c7afd0d77d58bd941dc9d5c8f6","sha1":"9028ee644a1e562dd0944aebb11b4b458ba470e6","sha256":"4abf9f759e662aa93da51f8192744b8c6bbf06a6c8926f1b7da8f45af5f4d817","sha512":"694ecd8dc1b8bec8f2fd8e9fa04f3a12005949c2325b1ca4779ce37c0ec6d600b14db6d9a70ee3c350369c7c0ba99b9c8b7217f630c8add7bdc2f59790b06fc7","ssdeep":"6144:3UJ51BUKitJeUI2XVUULUVWo6O7GQEO7QZ2ElVFBoOr+Lu:3q53Di2UnVUUtO7QZ/","tlshash":"d5941ace73d674225396f078502f018ba57b28a2b45cc896f1c9cde42e74a9a4277f7c","size":431184,"data":"","first_seen":"2025-11-22T22:44:58.743349Z","last_seen":"2025-11-22T22:44:58.743349Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"79e362235e366729632e60d6d35f8904","sha1":"69df1a1691b05442e11e2bc5825fc6297b977a92","sha256":"da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36","sha512":"94ca14ccb12238f547249a07134689257dd97639be34d7f466f52741df7176be982d88c5d294dd42a534a32d908533b5eaae33a13cb47ce0cf065d3098d9383d","ssdeep":"","tlshash":"fe60000000000c30000303000c30c3cc3c3f000030033030030c00000c00c003300c00","size":15,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-07T00:17:53.104166Z","times_seen":23612,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"476b43130f4da0758e51a26ea93e733d","sha1":"5eac9c53e9cc1410e58f6f0bdc85528acab30736","sha256":"b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c","sha512":"d7b6af5bbc8185dfa58fccd8be30e14c79aed4aba53d8824cc066465690837c5f2d173bc3bb78eda33f9ae91ac0434fbb63d4d4c906e1874cc614ecf72ac4291","ssdeep":"","tlshash":"547000088202202a003828028282a220223ca82080028020000a020228002032ba08c8","size":22,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.474522Z","times_seen":22786,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"33ccae8deecda841e6884c46b02e643e","sha1":"1cff496075be09daaa98d93444fa0ba255e674d3","sha256":"ed58e6260f5af30a85dc699f90308e404049b2660a177fb9d15d3ab7d3c00194","sha512":"f4ba403858969bb78dd322a11a8373ef98efd602b03ee0ee2614d4c1dbd95f1ffc91b0037acb2bbdd41320c4c62c63cb0bba134a0f52e42a4bc1aeb8177d01c0","ssdeep":"","tlshash":"aac04c486b0e28626eb83f5d5a265b889ae9120fbc21692511568243a4d946745445c4","size":145,"data":"","first_seen":"2025-11-22T22:44:58.86304Z","last_seen":"2026-03-08T22:24:31.092068Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"aaf72876f0d5e8a677a383fd45bf938b","sha1":"d8b2ca3c238c933223f4a6313c5c0561f99e0c1c","sha256":"15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6","sha512":"c6bec20224539a5319a753a794c7521e7063e76b3d41bac8d7f0159880eaf3ed07c3fc1b0eb4ec285f1970f270f4b0ab68890d5a0ed01e3b1542102ad707f6d7","ssdeep":"","tlshash":"207000080820000820200802220322283822323022cc0002220a083022ea00b80282e2","size":24,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-03-06T11:55:01.498128Z","times_seen":23956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7145e6d4dd187b573a13f0240103f6f0","sha1":"f8e7ff7fd488f675f418011ef8ecca4a822933b5","sha256":"02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897","sha512":"8fb980002683780ece97cb8cc6679fb9c8c97f543b927fe1efbf4073887176b68be02fd0ffbbc4bec0ebce401d04132fe4d1ab1edab9d006be9493f77bcfc736","ssdeep":"","tlshash":"0d700020000082000b2000032f83b280300a033000c8000002028f32a8e802fc020080","size":25,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-01T02:02:24.962633Z","times_seen":21543,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"41310478a380eaf7e07dbad9b4f81a97","sha1":"1714b6ef86e90b5b23e2aaa1e7728ed9c59f4d34","sha256":"848e5342d9196c0f64861ab926a3c5aecce9294750febbd22e5d8df859bdb144","sha512":"7b93f330547524ce01b8f888a8d56c19cd4432fbee43db16aab33fc1aecd77243762c5e7dd5ce767e38c0fdf9d58bc629caf106d77689c1ef90ebeb09406580e","ssdeep":"","tlshash":"d37000000000000b203c00020a023a003003003000880800820808302ae800b802c0a0","size":23,"data":"","first_seen":"2024-02-12T20:00:21Z","last_seen":"2026-03-06T11:55:01.500018Z","times_seen":19951,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8b5e8699c1b76c14c38283a27772a3e0","sha1":"8e39b41dbcb6877e9b189351a2c90908abdc7754","sha256":"cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c","sha512":"66ffa0031cc22b4eec8867f36dcf3d887b021a11ea74f51c2a2eff1ec4cf9eeb44c4e1d5a6c197f29d66546c5f42ef283c54261f6157687237e4dabe1715523d","ssdeep":"","tlshash":"cb700000000228a200fe230e8e82230822282223a28820c820220a2820003232380880","size":25,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-01T02:02:25.035676Z","times_seen":22396,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d9f9b0f82813d813afe0d450e9fab4d6","sha1":"cb6ce93dd97adc3649f697ff49681f5aaf8b1671","sha256":"d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b","sha512":"849997b396eb218b8bbc788eeb34ec3eb9ab4c809a07ac707a57a5e13baabb69d2c52795403d032f007276109c7f4476daa8255550fa236873e1eb9ba6dba3ba","ssdeep":"","tlshash":"706000c20008802002c200028820a2802832008a20022000c00800000000a0c0222808","size":17,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-01T02:02:24.983731Z","times_seen":23638,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a97ae6bd4dc972c26de801f868a79d5c","sha1":"cf1a46aa575a9718f8d4154813a7892317e7f8bf","sha256":"51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5","sha512":"f16b7e511db0f35f83e9380c46a6173de1ca6aebbcf4aec1be6efd8d0cb669fc9a07c4e7702149f0421425109c35a9cd041347677ccaed445c978296502e78a8","ssdeep":"","tlshash":"51600003030c0000c00000030c003000fc333c0c3c0c30000c0030000000f033cccf3c","size":17,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-07T00:17:53.131619Z","times_seen":20820,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0eea0408655c01545c25f142ecd898fd","sha1":"1bb9d98a7fee41318007652d0723141704a658e6","sha256":"5991b17b41002817f208207448eb82392a618a9b6bf9f4ca2c8e84815769a722","sha512":"da2f11b1a3b21b0d9d5bf0da0dd692adeb76910cd115264ffdfde7b4b61bc2526f3849b8f77f9e85537acd000cd14a25068715b5281bfd9267d6e180a482a63f","ssdeep":"48:TajZ6/nJN73IMTGnJNfqdaX6DlJB/KvjFd43payvh6Y2OnJNAPn2DjL/6vtnooO:T+Z+J1YMYJZqdk67B4d45nHJa2n6ne","tlshash":"4aa1564170815dd7023b23601e3bb60ba2937faad70a9401717ed1e50fa6d8a353671f","size":4741,"data":"","first_seen":"2023-03-07T01:03:55Z","last_seen":"2026-05-08T04:13:16.174724Z","times_seen":1732,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fb440b8133f21c3e5d3e39624e7bda94","sha1":"1b46d8568f9bd8a2be944d6a61924a21ec0b6e4f","sha256":"a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc","sha512":"f874692932aab2be754d763a3998c5cd3c654a5bcd78c5d839fe0ba506f9a9e563d3cecba0ca71a6b0db35ff94943f6fa8bb0292f10c1aeb7df2704ea6d85fbf","ssdeep":"","tlshash":"047000000000000820200802220322083822223002cc0002220a083022ea00b80282a0","size":20,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-07T00:17:53.1035Z","times_seen":24312,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/2c/93/0c/2c930c8e830e5f1ce7932b5ad082e873.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3849f8a816e8c47540c0a370c938834c","sha1":"b712c9f882680d331fdfe1c6012b42777c14743e","sha256":"b5cb12134df98029ab9649433df108f6e5a9bfb7669f6de44aa92f595fdfd858","sha512":"8c621e10bdf2299b306565319822dffacfc03d1c0e4850f39d4d7c1b256695c3480d84f691b9849c620bbd3622f73407a555414b5ad317f9499e333affb79231","ssdeep":"1536:/l64PpZE7gSqZXqJNplkBiBXFxYgm0M/J49rClQuIwy9Lj6qdEIGZi0hj6mgSdZu:o6YXLaJ4sQusEIGY6ciJnQ","tlshash":"41b3ea4cbb50f0ad41a67077623fd90bf0690d90109cd968e5c7f8f86e5872be63da68","size":111854,"data":"","first_seen":"2025-11-22T22:44:58.771447Z","last_seen":"2025-11-22T22:44:58.771447Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.22.3","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f1995f627c2b765b03a1e6e65dda68d","sha1":"c103ea2399aa54ceae6882a573be91ab72d3123f","sha256":"b1ca20df57e5b380049dc96ad4829c87bc66d7f01179cc15c601fa46c6afc9a1","sha512":"29bf44eec3e2a5f57f7ecf743f681b08af2e5f933b377a6c950fa2007041834ab0f58f07f3b81712f2473b3bd400d984c560c814a8aad20c38ef5a7032819095","ssdeep":"","tlshash":"7f11ce3f71817076bd5b24f5811f321f56792670098e5820ab6ad0f5f9a8cce8173f58","size":1000,"data":"","first_seen":"2025-10-06T11:03:43.217533Z","last_seen":"2026-05-03T22:51:35.244034Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"26ce7791f08fb671816e8ac15c21abcc","sha1":"cd121446322214f9ee849fadd1686452f9acf3a9","sha256":"e039e804b7483aec11801d7a306db1603f9c6d5f562340f9a5dbeda753c0224d","sha512":"01af678dd36e5bcfaf95c43fee3d7ac605299c1aca9187b5b330dffac03c16910e373e8ccb57e00c66810daff06b475d561370c05abe8a3beb00f5f9f950c409","ssdeep":"96:PKheeIZELV3rtYwDxXvH9VLgjY6oB/rCKTQ3l35AcOrzYdOtkiz9u5Z4tTpfn7:Pbj6VbjxXvw8zTCKTvlSQpfn7","tlshash":"b9d185883e81f0d513a3b5779a3f6549b3ad6814549fd804e107a0d03e2ce2ae97b6a5","size":6461,"data":"","first_seen":"2025-10-22T08:34:06.793976Z","last_seen":"2025-12-01T10:40:04.095127Z","times_seen":3160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab7744800928e7148174801ba9935c56","sha1":"b5ecb5b51a705fdee5f2f61e3a30316e7eb0867d","sha256":"896275ee9e6da58abf591d90d36f865c04b1d6f5d934ffb381cbe272f95b6a7c","sha512":"77445b01cef56a2138ef5d1714207feeead7d6074202f6ce4255597c36be00ac203aaa810105c18a2d4751dfab7ddcd524f994d6856658aa6a918d9d71acf2e4","ssdeep":"","tlshash":"0e014733208109fbc9e9b9026b176a9a3a6733dae5b874114dcc160839bfe17e0d4cc8","size":714,"data":"","first_seen":"2025-11-22T22:44:58.868936Z","last_seen":"2025-12-02T14:43:18.516236Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c5ed44a0a16901d7d4b07f832254f56e","sha1":"24ff505e1901984c931b6e57641f2750fcf80984","sha256":"8c429e219865e1adfcf7e3f9921c27f5099d6680d45cd4a59d715c30c88080a1","sha512":"4656dd2188980e9f2b941a0f5d90dd99f5a9ff7f6ef011e5774a4729c985fad51eba5d442cb155f93c4598a338b59cb1d678922fa7fdea354d82a67c11ea2d80","ssdeep":"","tlshash":"4bb001b6b8118d798a8e620db17cc3e83cb80480fb433901e0bca48a2070eca9c01e88","size":95,"data":"","first_seen":"2023-03-07T01:15:13Z","last_seen":"2026-05-09T14:56:19.293377Z","times_seen":6104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"67b2371a222c2dc94f01b8579fff4f4d","sha1":"0b0a5e2d11790de282055efe8b8cfd6f4378bbfd","sha256":"dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b","sha512":"06a32863a820cca2b2f4460c10c4dc3583687648c909c5f67c746e727ecd4ea6301db1273b40dacdaf397a585ff257eb8c3e226fc023e95d3bda257e02505dfb","ssdeep":"","tlshash":"d4700002880200a8302bc808a3022300200080802882000008888002b0000230808088","size":20,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-01T02:02:24.96695Z","times_seen":20843,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"04310cf79011cebea3fb86da6f8899ee","sha1":"520edb1c3b8cf22b346c3b8b120e4b1a163771fd","sha256":"e8da77a33828f2b4837adc6f2cf91a7ed9c3240f1679a195c51d19ac2ebda4a1","sha512":"912ca1f36ac191aa7d1d953ead1e503fbf5ab37b3ea71efc1734fb89bc33d20a1c21d8586435b3d7d6ed160b42d45a2635e359dd75a7fc9fbcbb4042a6de82dd","ssdeep":"","tlshash":"c3d02b8c611cb1595bef2254d87b8700d616b4135204198140dd2a705d54230431659c","size":251,"data":"","first_seen":"2023-03-07T01:03:08Z","last_seen":"2026-05-08T04:13:16.20466Z","times_seen":2140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7545d1da7159ca66338b4c84b69f8ae4","sha1":"0858800340ee5b8c413a1aabc50fb28d0bdf89db","sha256":"7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81","sha512":"dbd944acd2868ed6eb1de313c0efe7590f715129f7ca5a9ae5a3dfb9de0035612a248441d9e6c4c1812d8ec4b3de7cd2a5973c4c71887361a2276de1d73fab94","ssdeep":"","tlshash":"af8000088820202a20be0a0e02a3e232220e3022a0020220000f0280380020bb302880","size":26,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.475594Z","times_seen":22616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"d6a40b9f9aa7812f68c0a044aec808f7","sha1":"3e42f6de9c9725587c043045ca518c6905e5102c","sha256":"7df2b97012e23c01b66f2ed962cc5dac21a1a870e309f6694799370f5d02dfc3","sha512":"55b06758bac540b6f91e0379072976d55d938dbb38b2d04fb41be7b368cfc26910480f39216913f13f7cb92cbe66a7c42b909bb7b68afe5f49007973f524f6a3","ssdeep":"","tlshash":"57312bdea84b3ed31c7eebf715a6ee113c1445044200f1897878cea116aba7912ac8c5","size":1789,"data":"","first_seen":"2025-11-22T22:44:58.872883Z","last_seen":"2025-11-22T22:44:58.872883Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5757082452e6a4997c2b7cbc5976d249","sha1":"3cce21cdaf9c6f19e0abcd278d77d7cfc59f7c68","sha256":"25d206f52ace794fb8765823cf2f6a270c028c181170a22694e4a13d7ab7af21","sha512":"4160bf5bc91fed579c0693953d1bba6edee1a5af020376a034151dd945df16fde1c62336b6a2fcf2f1dfed1fade38982d326ea99a48d47a9e202dc08c1b6bc60","ssdeep":"","tlshash":"93c08c9c22822cf1a2eb27601b6fba02b083325498b21c2209497348aa20c67e694998","size":168,"data":"","first_seen":"2025-11-22T22:44:58.874003Z","last_seen":"2025-12-02T14:43:18.521272Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d76b27315ecd569836df85e8de060dc","sha1":"c823f25e5f78fd408e51865426f528fdb06b6325","sha256":"dff70623682e8abb58bd7a694ad7ed53e487e0be7f6c6441c339741d2ab09a8b","sha512":"0b7b2616c96102f94ba1b4c7e18eea03df8abf78937e18664538e9b4ea8ae37df482446468b2396ddda70b4ca2f575e6dac417e50f2fd4f3603fe5ea1869175a","ssdeep":"96:xozGihWE3GxRiXumCKhoKV+FTufmk/w3GxRiXumCKhoKV+FTufN1jDuCfMEDaH:uz1sE3G2umGFT2mko3G2umGFT2XvuCkL","tlshash":"65911cdd9ddb39e91c7febaf15b2e9053c10400a5600f149bcacca651fa6b745eac4c4","size":4546,"data":"","first_seen":"2025-11-22T22:44:58.875332Z","last_seen":"2025-11-22T22:44:58.875332Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5acf07f91ac8a9f33cb9ed26f637f8df","sha1":"57014ce9eae1cdda7f6785473436b22514d0bc63","sha256":"924ffdfafc8d88257ae7716e11e78cbe819dfe995dfbd00d961ceaa1c42643fa","sha512":"4a14b5f74389d17e600e18068e093aa1c0440bbff3d9e42562dd0648e2556cde2197de965d47c76e02bd8d148d1c52bf2e293fb7d8ef2dfdb9225c66b18c1e82","ssdeep":"192:Qs4crcYmZomLRFrfgAIgeklyPBNlkDd1AsUpFMI1mm5oRsNUBf1WWXToD:QsiomctNkoPFPqkmm5oRsaDa","tlshash":"ab02fd18c0ee5069d108d05d72b62829b7e80967ce2479d1ff88a45a1fce67f75382bf","size":8453,"data":"","first_seen":"2025-11-22T22:44:58.876449Z","last_seen":"2025-11-22T22:44:58.876449Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"96c13af539f919650be76fc441dda549","sha1":"278bc460ba016e4069d77832000517d23b631dcc","sha256":"67294b1cd2b91e64c125de7cd4675af60144c6b0f4c718aee0535f782120d3b7","sha512":"50f38e46c3e65dc0be285ce5f828683f4382388f1d3a4a3874d0edf5a8124bd435861dbb8fe6ea70a0e712a0dff93227734c64aeb6823944e6e8f7b6bc535e38","ssdeep":"","tlshash":"1111842c381c6a1cb1d5a8f8853afd38b472009d4600aae468eee6925ff2cc62d535dd","size":921,"data":"","first_seen":"2025-11-22T22:44:58.877792Z","last_seen":"2025-12-02T14:43:18.524045Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6a88d4bd5bd93656328a2f38b4378d0b","sha1":"d2afdc9b1693f0cf62ab6e88bbcf4e20fb62844e","sha256":"3b1758c84d9df642c22e7c547795bd40ff0a9610795e44c90109fa7f9b8016ab","sha512":"c64eb8517871a1b996d76fd0d9982a9726515a003cebbbdf1639067607e2f7697c97f79fc176802c7e560f325e3f39f40c9edecb49e7c1626b95ca0cb8349424","ssdeep":"","tlshash":"687000380a2000000230202200020002008282a0c0a2a8c0222a820002020200282002","size":21,"data":"","first_seen":"2023-03-07T12:58:03Z","last_seen":"2026-03-06T11:55:01.48721Z","times_seen":8444,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/8k8xzldk/5wvf1.js","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a286ebf0be67fbf3eb36b592dc593734","sha1":"de15cf5fb284b44a10d5d7e59628865319e89e51","sha256":"bdfc8b9229a4d6d0fa83a804541ce9672bf02c22ac10c4fc4d4c1cf19615af4e","sha512":"71652b6365e55f8e9a26243269f58bd002a0d2c535fa66dae9acb2d0ece49699a4a3af07f72c6d4aee04de6a628d4608fe9b2836582deb390266567745755d9f","ssdeep":"3072:mHNwcv9VBQpLl88SMBQ47GK2rPU+ESXc7d9hGJtT03O6t+NQYMAC:mHWK9VC78UBQ47GK2rPU+DXc7d2JtT0/","tlshash":"170428de3255706347eb32b9402f110fb2365999a80e8414b1add8e9bdbd98e4237f3d","size":189916,"data":"","first_seen":"2025-11-22T22:44:58.826808Z","last_seen":"2025-12-02T14:43:18.480601Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9cdaa41552f826224f0f15d03f391072","sha1":"610368db588211ded27731cad98c2f45d27a9ff9","sha256":"e3625c23b9664193317f5161c131791608e0081b49c26ef6ab0814c84b9539dd","sha512":"594ccdfeca2dcaa701ca2b614b223f22eeb9c9fe3ff173ebba099fbf3238e7d8d9edb1e50c06caeeadd470577890b2a68175b8b883b2d6597d23a8f4add66741","ssdeep":"","tlshash":"abb092d9820eb39678b7ca7f1470ca488326ad4a3904443535e2a95289949a29886bd0","size":119,"data":"","first_seen":"2025-11-22T22:44:58.879379Z","last_seen":"2026-03-08T22:24:31.103225Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9aa3dc35f8ba994aa0f04a42c4da5062","sha1":"a65df79b7b70e8b8d22a2db929f6598428a827e0","sha256":"89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb","sha512":"72ec1d5aaa34463f798b2d2c5976a6221f70e51ea2afff582319f4c8b7e31f4a67ef2a2d39427b4d1cc89ca66c4d4374db662c1137380ce0aad2acfcdbed4d6c","ssdeep":"","tlshash":"ec7000080000a0308808a002882ca3803c20a820b022a008080823080000a020008e0e","size":24,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-01T02:02:25.041668Z","times_seen":23255,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7a837a4ba8ea13b8193945adf0261e19","sha1":"61428cd720ebc0f01c4c017204c313193c22c101","sha256":"28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e","sha512":"abe0e46d98027527a7d2567c4feaece7ad3c1ec94eed8fea59b9eec596cdd4fa39e7776e9dbc4dd6fe777d9b09300d45ba2a49fc9479e0acbdea92ebf5ef940f","ssdeep":"","tlshash":"516000000003c03300300300030f33000030003000030000000c00303003c03c0030c3","size":14,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-07T00:17:53.132399Z","times_seen":23261,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e98e4e3521ef26c329c1f5190d79134","sha1":"d221b08f9cc524eedcf544be2a8c5346b899909c","sha256":"d761ddbccf390fa1a4346f9e32499cdd892b50e061664ac2d65868073d12cf53","sha512":"546f617ec449fcf44502b07d614abc89b91cc8536df70be8ecb15af0651dfe0e6be4c9a94193b743af50a7cd62be72b2503fb96748f37f56a0d848d025e335ca","ssdeep":"192:hKZa9mdDyUBjGbVNjZs24CqL43cumvw8wD5scy7Qqaldqr:oZa9mdeUBina4qU3c5vSscyEqalMr","tlshash":"9e22e88bbe88b75e12fa31a2002f7fe6212bc9a940041e45d711dde87d74754782efad","size":10090,"data":"","first_seen":"2025-11-22T22:32:00.753289Z","last_seen":"2025-11-22T23:11:20.030108Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/fcy5988t/5wvf1.js","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0721db2078fcb5e542ac6cbefab18eb0","sha1":"6f40e09256a7caedc0cdf5384fc1f5ca1d541669","sha256":"9038a226d71c01d6e7b8c47edb99e333609ae0ef9ba1e6fe5af4763caeb515ac","sha512":"816776d10ef68197740359f8636c9f7de89379172b671ae0f56e2bee5bcd85b826a7e88281ba70fe5372ce9364f54361c62520ccfe6624bd85b3bd22882f22a2","ssdeep":"384:OWJ5xYXJ0yfMS103o3Y93U3k3A69uDxMJxtvpWF1x1mUgspVYopnpTI6I3MIk47H:xGXfM5MigwA69uDxMJxtvpwVNRpTpxIN","tlshash":"8b62645778869cc9027761a1306fd50ab2b33e51d9124a0af1b9a1ec5ffdec66033b1e","size":15125,"data":"","first_seen":"2025-11-22T22:44:58.734204Z","last_seen":"2025-12-02T14:43:18.409101Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ab3b4884408bb0261d6b56a7d288fe80","sha1":"b0f370141ada9b591302b575434c255db51ae151","sha256":"e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587","sha512":"e57cb5cdac6519a8a24e85d5d91f2c6492e282308a94d369619e9455cef8f22a2a6abd62023647fbfa0228b6d3e12da22c280d691cd351608aada9c284ca3a66","ssdeep":"","tlshash":"6c80008ea0803232a2fa02038a822200a2af38ea88008820000a0200288030f232ac8a","size":26,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-01T02:02:24.975662Z","times_seen":23030,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fe99bbf2987d52a27e4d042d61264b5f","sha1":"96bb68de49d3a4146142cce3f02de1ccbf8d0bf6","sha256":"cfe90e4da6c1841088b25b3582dc78b887f3239cdfde633ff426703c6ed538f5","sha512":"9dd74689d8b3460b4da7557d2797047f31cfa1b8522959d152c08f1f48989897e15f026d9b254a7ef61b99b9b18fc002054f29a12a2e30554a68d7815c53f3dd","ssdeep":"","tlshash":"d570000a20a02022082a000082022200288c0082a80800380a008b003c008032222382","size":22,"data":"","first_seen":"2025-03-02T21:04:17.177505Z","last_seen":"2026-03-06T11:55:01.511158Z","times_seen":8483,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"11cc3621e45b2f0b945ccf3c32be2d99","sha1":"65369460879076ce3d2ca049392097e9c15b8149","sha256":"8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c","sha512":"e8af12a7397f87b88e2b71577fbb9be3be97b309345786db07de0c882ef2203a6d2b98a7f74c4f5b065e3d67cdb2c54f23ff7694c9ccc83e22ee93e950e60715","ssdeep":"","tlshash":"8bb009b69262c0b9c4469c9eb13ad6e7397a12143813b327901d49205522e5e2b008a0","size":108,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.455072Z","times_seen":20074,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"be6b25353280fac3960e70c9dcb6804f","sha1":"46c69609a3bb697e60644b18dc85d780c44804ea","sha256":"38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd","sha512":"cfb553df29882616e097d28e643208df6aae0e005e63b7e7d9310a731135e9e33407ec268f12699208db7dd4fe2e8ba8a49de900e8b0a1a4bd83bd522f2ee953","ssdeep":"","tlshash":"10700008e08020a308380002028223222a0c282080822020002b0280288228baa88a80","size":24,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.509203Z","times_seen":22176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4c1585baaa0ee7bcb8074363d23846f6","sha1":"27e285a3e3376a9f17967dd8323c6889d84445f5","sha256":"c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b","sha512":"db86fd21dcfe89953389b2328efd1334dd16bb2a36379c8d8ad344ccf1e6b35e23e4e211233f6510b263d8ecf4a792a63f8ea617866df71ceaec3c1ecf2fc4b1","ssdeep":"","tlshash":"83700000a82808e000202000ea0323222000800a80220800820008b0220080ba230088","size":19,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-03-05T02:41:16.768272Z","times_seen":13619,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d720eef71edef78b948a643d5712ec07","sha1":"ea5eb334bd6ddb0f04abafb700dc2ecb30070c76","sha256":"2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae","sha512":"63368ff1fef849df7f849af23bc2f24698893bd3d58300282427a76665b2d5c94f097d409f93173ad9c36944b4fffc2e37fa03a91f81e4e04f3737f9b73d2d6f","ssdeep":"","tlshash":"5f6000c00000c00c0000ccc3c00300c030000030c0cc3c0003003c3300cf00ccc00033","size":15,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-03-06T11:55:01.51255Z","times_seen":24260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e969e6981adb7ab1cb174994a5c8c627","sha1":"5f534a259a6f3754d1d392028fd4cbb344fb6563","sha256":"5cb18f9c0eebf644c0bc27e5224177984121b4c4a3f8189861a6d797a15a2e7a","sha512":"10bbe815bb6e4ade10d00a42a82dd10b668e95e275161cb0a637b2ea95785f8f7fc72b31bb48ac9c1dfad03d811912c0683941a3c09357525f164915d5b033cf","ssdeep":"","tlshash":"a380000a88a8a0222a30a0228c020200202e822080ee208083f2032020c283c022b802","size":30,"data":"","first_seen":"2024-02-12T20:00:22Z","last_seen":"2026-03-06T11:55:01.514986Z","times_seen":20053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"879c12264b74d969b0314e9a9cd1f17d","sha1":"714a5d759f4d1b7d41f8c5526451aef114b33d41","sha256":"28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337","sha512":"3547b27de7764e655bc8749fd5c1166599da57d2a76057e66923476fda692917a9e537a934374c77f361359b9fe94d739bc037044bbcf2648feb43f7ff9f1c7f","ssdeep":"","tlshash":"f7700008e0a03032203a020a228222202a0c2020800000a0080a328028882832380880","size":22,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-04-19T05:15:08.498638Z","times_seen":21975,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"aff4911aae12241b7709effded4af0dc","sha1":"86a68b9926821e374cdd34cc9d0ec5d8c9f2c870","sha256":"c66fd00bf884bbcc3f43284fb1c86bcea447ce653124ca7b7202d0e5fd30ae08","sha512":"5c3a88f2ccff8de35abb443fb5fb5e12fa49467d1b81ab5ca0747f65b2dd8e042a9ed6c6f8ddb1865feb09acc7c49a6b097fb843e5aaf8b731b235b2277734d6","ssdeep":"","tlshash":"278000c3800008e802e20a03ce03322020a380ae8022a800020088b02208b0f8b332c8","size":27,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-03-05T11:10:16.790605Z","times_seen":14639,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-09T15:13:20.105431Z","times_seen":15701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.adsco.re/#0.41379718932479503","fqdn":"c.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.42.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"77c8287be10ff4b66a8490ca4d999917","sha1":"7fccb364c5e22958503bcd8b92cdb648d5c4c96e","sha256":"c2d43195d015b5856873b3b0c6e717ee21599ca3f03f820b7c325f27b9b6a31d","sha512":"2007ec2f0297a0479f4507af110911f7022310f757533ba1bbd40228d9b26908758bc09afa59f09471cdc254e49b84baa61f80514a010195d288f8049dface07","ssdeep":"","tlshash":"e3f050ddb475e1e955d22580bd2fbf407876526e240361e0d20cbcc1041868e871dbca","size":486,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-01-09T03:52:32.475699Z","times_seen":6630,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"ce908f3ba38f847bfadbdd65201dd129","sha1":"6947247190d9e826ffd3a6a42aa001ad67f4df65","sha256":"527ccded4f9e60b73130c417fbf8ab1951b6d12924d5245ea44483e069e17170","sha512":"cb137f926a0676b0b706776f99fe5a63566cdc6b6b93f37f8e6413d4989e1457ed9aba5fe60c80d229ad6d0a2e6dd6dacaae43a34721f386c7734ba2930566ce","ssdeep":"","tlshash":"fa310aed99563dde153acb9b1eb169123d600418d251f098a9788c7527d7721aa98090","size":1525,"data":"","first_seen":"2025-11-22T22:44:58.887784Z","last_seen":"2025-11-22T22:44:58.887784Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn4ads.com/oxhoncwndhc?sabgWneL=BQOCAAAAAAAACZUAAvQIz9_DG5186JrpmqaQBuufVNCSWyFE0fYZVCE-h09Ardze8Dr7yKErN2VE7P70N1r22rJqV3RKciNBj-iVLFKNHX8bojFO2laWTLfeW4b2Gz-bmtxMiDetb0kGNyHhyE3ItNLqtu-qauD5EPpWsL8n-t6BTWtw0rhWxT-ZjpHYoSzBRPO_n7j2nE_ztAP7Bm6F_1eV5JkbHr8QTr-kb2xUpW7bneQAsw6xI2AuhVmV1kTnGnLwaeCMtUDHP_XmNp6wioItrPLmsCMEOO81UdozRnNSza3FY-qHe2yWB8_csiL_NrkLlPTiJJImb8D_wPSKSnavZys5OrQD8JgE0Mk3Od5CTYjowwOoOZ0Z4yhGPwpDLzLAfNVIse5UnNUoUJ7sWd552Hqma3e6AHqY0eV0Ji9rXxZMKK3R_aA1gfao2W0ngkvthfTloUQDJDH6UfmsFf3avtF0ye1Q-vtgEV5TNwgiw0ekclsODSxSqYDik3G1dOexvqUyW0rIdK8_hZHlqMBUsmUpcKM1l0cD5PBKAwO_n348zVPOUXTbGmETJmglEr9qlPWv-8NiBsF_BjwIMFQ5LkK2s7GM3kBlb2fH6Eh7gp2VCknfhInsHZR9AEUhBYRyJHv_4gusEjXUb-UVeXZMwfCIf_Zn1zB0iREvcC__vQ_qM1SzjMv7VejnIxeSPfPV7KRds-f1n1LuVASVRalTiOppyruC1y3cqeXWqWQ7yuVx2OTulqgKMVEjPZzLDDtWavHBGd8b3uwdIaEk6EDvSc6yyGxMzvxfJHrGDhoBQ4mdX571PzwX2QGWJ4u8a4q3501kncpto8dAS49rJogS0qWPti2gZya8uxgSuSWwJfGgLrW4-jl_AA9bLboagDoLti1uKS4yTEGXWPGVmHHVFEUc1J02sPWIaWNgQJIA5BjSjqNzcoID0Oj6s-wK-bF8pVChy7Dex2slLhkm-NFSdudZuMu7IjhKTHiv_bbS-Ht_uB030syWBN55z03rDl4qf7V1FPDPqNAcuGq0b3FoOpx7Crl8pK46w0vsUpScewXYGaIoa3yhGoP3rfOVvz_LfsU2z14oFy6gneqVFEK_1M9bobqcgLtAt_xJMFrPV_yYbIey4anypvWwdLdJurOOvBONa0hl1CfWLrZrGYgepNdk8STv9PtKMpbyLoeZZXzHGZjknbBrlyqp\u0026GbKqQwED=4\u0026tgkAjhVH=5213999\u0026AbcOZuPB=\u0026jJGuaXDp=0:1,0\u0026KdcaxJfe=\u0026KkvEFqLe=\u0026oDGuBlhp=1280,1024,1,1280,1024,0","fqdn":"cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"216.59.63.128","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5f0a25e4d3522d56d48ce7bc3e518fb","sha1":"86794caff58f7fee6e684c2ba7195f970a8d6f4c","sha256":"9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5","sha512":"a3a81801f516a4eb11f00d6f56dab0ed4b8a79219e6b4f5436993479f09dae08f14cffbab3327ff66fb39201d8eba1153ae7114f7705a01cc6f0edf840ef1616","ssdeep":"","tlshash":"789002801814116115d1500b8d5159d01259b1a4540801324446ca502dc7883a415774","size":44,"data":"","first_seen":"2023-03-07T01:17:45Z","last_seen":"2026-05-09T14:32:17.000906Z","times_seen":23814,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2731772e163f205b1c9e24a5c6c7b470","sha1":"81bdbbc6fcb56e622ddfd6a6d28e72493e3f2329","sha256":"55974bc676581db39c8e596c87ebd046b4439fdb6c381e4270b43f6065393623","sha512":"4622fa5cf1c9120c4bb5439ac1f8b97ba81df1ae3b2a0093ae9f00e6a13e223e535ead27cf999d7621d8c3ea057591c9f379dab920e38877fd6caf338ddb6787","ssdeep":"48:gqhZsZGRO2NQ5XM9gMy5U8aG0vxBOCOo7JMcvTNqfQNuJoH+p58DPJEpE751KhZD:gUTn8aGExBULEen851FEBE7NPbWqi/","tlshash":"2aa1542b3222b0dd10bf2371752fa45416276d59da05498ab8b8c8da0d3fcc621a7f3f","size":4786,"data":"","first_seen":"2023-03-07T01:03:55Z","last_seen":"2026-05-08T04:13:16.133709Z","times_seen":1727,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cdn4ads.com/kuUM/V/sl20n.min.js","fqdn":"www.cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dcf3079fbdb292cd3649edf4489df0e","sha1":"2f63d935ace55cbd42880cd5314d290813234173","sha256":"7f87f0f571834cf6a611b2ab1922754365fd7eb739a024ea5584bf370dd40555","sha512":"e096ec0441a1b8e947ebfbb71973a746de94d7ba8b746e938cf6fe0380721840b9a2e12e5940a79edc5f805ae33fbd4c524faff90a59eb65200c947460b7029e","ssdeep":"768:bt9rqAYKKGrZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigCbKUCntlqK:bbhZzFQ9JsTgZvfzmMzhYrTscpMZw","tlshash":"76133aaab286282601e741b9513eb316b23305167812d458fcb9cdf96e3ddc6127b7fc","size":41922,"data":"","first_seen":"2025-11-22T22:44:58.744681Z","last_seen":"2025-11-22T22:44:58.744681Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/04/18/75/0418753ac95ca42f1d5fe6b2b689e1fe.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"47c8c070d2bb7246630a10a22f41087d","sha1":"c9bf077a9d33e0a947ebbeed7f169d2db3d9ee2a","sha256":"4f920e381f82ad210c95da54b68f24c186ce5027014e88e9abd7eb623c446aba","sha512":"51c9b4797e435b0734ca2f4f04ed723740752a92255079f9d90db3075145f3fc1207581852cdfa37d71d18c648f8bb144b80eb5f3c81484130562c0636bac06a","ssdeep":"1536:g6atuYKb5yrHvXp2mbVKBw591hyGo2tf68hK3vZEvF:gvMYKb5QEmbV11hyGztinZE9","tlshash":"3f83e6883f51b09903d76077222feb8bf12edc10109ee444d623e5d97b6834ae5bbe65","size":81590,"data":"","first_seen":"2025-11-22T22:44:58.801168Z","last_seen":"2025-11-22T22:44:58.801168Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"76a9a0a26d5a2a4d467545a19ec30b2b","sha1":"9dd927f9c00482946d9f90763facabc70f39787f","sha256":"c5b9c148e3ce1af58c87655f2330cd848e215c420335d917be3796918c3bcaf7","sha512":"3ccc49135e213d3961bbb51e4237f84cd9d83bc0e34727f7a63d6eccbd2f8230a3968219d55e8d0973e00bedc5c2a612f22ba11e37eaa01f24fc06fe164046c3","ssdeep":"","tlshash":"57d0a795296589306594028660bee3a4676035a07661a14481d9cc2b6b21d9304f1558","size":217,"data":"","first_seen":"2025-11-22T22:44:58.889213Z","last_seen":"2025-11-22T22:44:58.889213Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/1p90a211/5wvf1.css","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/cache/wpfc-minified/1p90a211/5wvf1.css HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 16 Nov 2025 19:39:59 GMT\r\npriority: u=2,i=?0\r\netag: \"691a288f-2588f\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9FVkGuxUG6iyJHqhVCKWzAJUMCYQsOomSLgB2tOmZzYDIlyZRM8rKOSzOogH51V8vAV1DbhCo2et5CXdUH0dJAo3zJC2abfTHa4u4VOw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3768fe35fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153743,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"dc4930adf5d8432e6789c8aa3ae4e1fe","sha1":"f2183e92e3635de7ea2f05346b4187e9e07b43c4","sha256":"68f245f06bb439bd0f69a7301e1362599d680174bd532c38318f6a3703d3bc10","sha512":"458f9fedf77a1feab813c320e6fb114a42971ed298c8c7f6e2fee72364433cb2a8d407618c8b0daf69fc50233ac29928621a5190af7cb1c2be1a9f2be0b18bb1","ssdeep":"1536:hStSxfMqx1dqPoietmX+C4+ed0qBe3bAMv1SQxK5tt1jDE1BN+av1zk:hStSPL6nEj8Nu","tlshash":"ade398319562202eb137d561f9c2b7dd32384156f3130baee63e3479cac66e72572b88","first_seen":"2025-11-22T22:44:58.692703Z","last_seen":"2025-12-02T14:43:18.411294Z","times_seen":2,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4318N3FV40","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-4318N3FV40 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: Google Tag Manager\r\ncontent-length: 1584\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":94,"dns":0,"connect":8,"send":0,"wait":18,"receive":1,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"3.125.70.62","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://www.filmaon.bz\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; expires=Tue, 20 Nov 2035 22:44:23 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9c4fbeebbdb22690b4374b8796ff1b04","sha1":"c83ee641a2ee91df43dc7722e73acdd7b0fd35d9","sha256":"12be5836f554b91436155d16f6b8549f8245f9bb477fe993aae9c708a3cc9371","sha512":"9353789aab5ee4ddae885be5e4cee555db628cf00e8ec60ade931918c9a3bb244c31af175a141e4a0d8864e2bf2633b3e91d28ba7230497c16f8a43ff494e157","ssdeep":"","tlshash":"8690041305c431011570004010444f47534734051f3f54f01705c30d11d3c7015013f1","first_seen":"2025-11-22T22:44:58.69614Z","last_seen":"2025-11-22T22:44:58.69614Z","times_seen":1,"resource_available":false,"data":null}},"time_used":452,"timings":{"blocked":212,"dns":9,"connect":21,"send":0,"wait":22,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/cdn-cgi/challenge-platform/h/b/scripts/jsd/13c98df4ef2d/main.js?","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/13c98df4ef2d/main.js? HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CbCNEZr4bf5D4J6AemG5e42PSZ43C5YuWsJLMq2K0EHOs94Nh8kuVnXAwykAD2zflhF%2FLh4xII27cL1b9OyBNllCprmpyl%2FyAiKn29D0dIjDst5QljWwgUtKjUlmdjkB9g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9a2bf37cfd2f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1238\u0026min_rtt=815\u0026rtt_var=269\u0026sent=384\u0026recv=67\u0026lost=0\u0026retrans=0\u0026sent_bytes=404045\u0026recv_bytes=16090\u0026delivery_rate=65008275\u0026cwnd=204000\u0026unsent_bytes=0\u0026cid=97064d1719fccf27\u0026ts=1221\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10090,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10090), with no line terminators","md5":"2e98e4e3521ef26c329c1f5190d79134","sha1":"d221b08f9cc524eedcf544be2a8c5346b899909c","sha256":"d761ddbccf390fa1a4346f9e32499cdd892b50e061664ac2d65868073d12cf53","sha512":"546f617ec449fcf44502b07d614abc89b91cc8536df70be8ecb15af0651dfe0e6be4c9a94193b743af50a7cd62be72b2503fb96748f37f56a0d848d025e335ca","ssdeep":"192:hKZa9mdDyUBjGbVNjZs24CqL43cumvw8wD5scy7Qqaldqr:oZa9mdeUBina4qU3c5vSscyEqalMr","tlshash":"9e22e88bbe88b75e12fa31a2002f7fe6212bc9a940041e45d711dde87d74754782efad","first_seen":"2025-11-22T22:32:00.753289Z","last_seen":"2025-11-22T23:11:20.030108Z","times_seen":4,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/3teWChNzKJdbfen46IdeKTygdZa-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/3teWChNzKJdbfen46IdeKTygdZa-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11437\r\nserver: cloudflare\r\nlast-modified: Sat, 08 Nov 2025 20:03:25 GMT\r\npriority: u=4,i=?0\r\netag: \"690fa20d-2cad\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qLwu9mbU2jWcvpZPQxmopgfkjrTVRt1DiMQUVooTzlT%2F0OVbNKMOiyw0SnEPrRyE2qeftRJMAhj20poqll58mY6KCYoi41goerpGG1Eb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3890e075fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11437,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"31932deb3a5fe95f36b5f2e107122587","sha1":"6a38003097fd045c60f0ae74567c41be6d84b900","sha256":"028d4a846ff0af0c520a8639938b0ee278e79a3c2230e53321fd795d67d07cac","sha512":"0d1da99847c97437d8e9bf2f8b063a26b7ad3b7ad110eca77f20fd07f38e61e2b946d689b4f2513c577efae0294456c12bfafe70f6ebc72b9306fddeb6a6b33e","ssdeep":"192:MgWGkAyZjRAyxiFbgCaq3PS87ezc5ziXOrKuPDo2nP/GW8Oe3Hx6YVD1xFn:Ynriy8cC//SAewtoIKuPDHP/EN3H8YZj","tlshash":"9532ad8643a68692f6ce5fe3a8488f6d919cff45419a1e42fe76e03d8418bc986d2060","first_seen":"2025-11-22T22:44:58.700384Z","last_seen":"2025-12-02T14:43:18.442043Z","times_seen":2,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/eqzCnwSw6PZjLCUIZIEGjikw6tB.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:35.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/eqzCnwSw6PZjLCUIZIEGjikw6tB.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12262\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Wed, 19 Nov 2025 14:01:14 GMT\r\nx-bo-server: LA-295\r\nx-downloadsize: 29811\r\nx-bo-origindownloadtime: 185\r\nx-bo-compressionratio: 58.87%\r\nx-bo-processingtime: 13\r\nx-bo-version: 1.0.26\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1082\r\ncdn-cachedat: 11/20/2025 23:25:03\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 2a26122ac4c0bad63bb6b22fabc40ecd\r\ncdn-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":12262,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5792e56bf6b6fffe1b6e2235bab8c9f5","sha1":"e26de1834969ced16a42df39cf19ebfd9a5148fd","sha256":"4eb076bc3dcf209a845efdbffe4aa2b294e8b8ec4c40dc1967722e29072dd129","sha512":"6678d5362e3e29ecff17c3d1bf756a704e08390a4b9e057e8860d9db548666063dafb97e4f1850783ed1fb9ccb53b3d2b6aa1165c41f99ab556ab8eba0fedaf3","ssdeep":"192:TqtzzJutwE2apx3/4EXinAbI+cFdvBay9EcJu9tYlkifZKm9NQFWrej5Be5usG:KzWf2CJ4qRSFdvB8cJoyfQmej5J","tlshash":"7842cf098679db18b7146492c4c1a2de4d59047c43f0bb9e07728ae8de932ddf5cc6be","first_seen":"2025-11-22T22:44:58.702461Z","last_seen":"2025-11-22T22:44:58.702461Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/mSqrCsNXdNUHkDx4ivSxpB3mySf-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/mSqrCsNXdNUHkDx4ivSxpB3mySf-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9520\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Nov 2025 21:36:12 GMT\r\npriority: u=4,i=?0\r\netag: \"6920db4c-2530\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=84bJYjNit5FPf9oygtSoyEOm8%2F4B7fUwqKQRqRQLWQNQQAzJw8ILKViXBo74uVaro6jy9hq2D5eQdDUtnL95iWRWs17TO%2BzMzZMd%2FHR4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced175fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9520,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 185x278, components 3","md5":"0e9a12efe9dbbe243b745b37f9e59f46","sha1":"e774af6d03d38c6d948b12bebdbf26184d9f42e3","sha256":"6f5668ce30596f0edcfad57962ff2f9809b486f8746bc4386388b5db4a7e4e4e","sha512":"f0fc65f2eb4f350c62fc9f83290c58cd3f75f65f01f4103c07f559a0c1533ef9eb52bfcea13ae27fe1e73dbb453cbdf5500f4dc7b239eb0ea579b727474e4171","ssdeep":"192:MNJais3t09ebgFm++Du9AyuOywjd3dcRMSUwwfad0WEu80y9r:8av3e8lDu9luSjdKOf69C9r","tlshash":"9c12af291b5ab149e652bfbe30d2ee97592941b2941e36f64eb0c06d0bbfcd704c10d7","first_seen":"2025-11-22T22:44:58.704602Z","last_seen":"2025-11-22T22:44:58.704602Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1652981340230.js?dev=e\u0026key=f7a00868c94990fc6417d7abcbb3f85f\u0026kw=%5B%22filmaon%22%2C%22bz%22%2C%22filma%22%2C%22me%22%2C%22titra%22%2C%22shqip%22%2C%22hd%22%5D\u0026pst=1763851523\u0026rb=\u0026refer=https%3A%2F%2Fwww.filmaon.bz%2F\u0026res=14.3095\u0026rmtc=t\u0026shu=d69c4eb05aec771589f4eb9868e63047dd6cc1d121dd8e6fc1524abf33a6811dcfdbd2fc748a44739dd150d20db2e080172a82ce6130baa0569c4a678d79d84df134bd4ee287f7e4e6ed1e50493874e74bddf444a1ff188b22ab4a\u0026tz=0\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /watch.1652981340230.js?dev=e\u0026key=f7a00868c94990fc6417d7abcbb3f85f\u0026kw=%5B%22filmaon%22%2C%22bz%22%2C%22filma%22%2C%22me%22%2C%22titra%22%2C%22shqip%22%2C%22hd%22%5D\u0026pst=1763851523\u0026rb=\u0026refer=https%3A%2F%2Fwww.filmaon.bz%2F\u0026res=14.3095\u0026rmtc=t\u0026shu=d69c4eb05aec771589f4eb9868e63047dd6cc1d121dd8e6fc1524abf33a6811dcfdbd2fc748a44739dd150d20db2e080172a82ce6130baa0569c4a678d79d84df134bd4ee287f7e4e6ed1e50493874e74bddf444a1ff188b22ab4a\u0026tz=0\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nReferer: https://www.filmaon.bz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzAxOTc1OCwiayI6ImY3YTAwODY4Yzk0OTkwZmM2NDE3ZDdhYmNiYjNmODVmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MDY3NzA3LCJwaWQiOjExMzgxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InBybnN5NzJ5ajQiLCJjcGtzIjp7IjI4IjoiMmM5MzBjOGU4MzBlNWYxY2U3OTMyYjVhZDA4MmU4NzMiLCIyOSI6IjA0MTg3NTNhYzk1Y2E0MmYxZDVmZTZiMmI2ODllMWZlIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuZmlsbWFvbi5iei8iLCJhciI6W119fQ.GGShGirQHo36h5EZ6F5ndaunKpPAT9-t6DYEUQroQTs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 2186\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.filmaon.bz\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; expires=Sat, 29 Nov 2025 22:44:24 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 23 Nov 2025 22:44:24 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 23 Nov 2025 22:44:24 GMT; path=/; secure; SameSite=None\npdhtkv32=true; expires=Sun, 23 Nov 2025 22:44:24 GMT; path=/; secure; SameSite=None\nuncs32=1; expires=Sun, 23 Nov 2025 22:44:24 GMT; path=/; secure; SameSite=None\nu_pl27019758=1; expires=Sun, 23 Nov 2025 22:44:24 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 28\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d831b750f0c3f8256e9ccf45d93db9bc\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4578,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3702)","md5":"07efa28257dfa4e1e8a6c0f2cf8205e9","sha1":"62be284e4171462fd3164d6153e33a28d27da526","sha256":"0461bdd05f464cce07ab5752e669e9bdc24720aa3e8c80c1a065fa79410e19d8","sha512":"65265296a388fe25fc0892582fde1186efabdcfc59f55a1cf46fecc1c6b9dc243f1aa3665c669442d00c277789e4a96624ff582953bd1cfaca9464424799467e","ssdeep":"96:wozGihWE3GxRiXumCKhoKV+FTufmk/w3GxRiXumCKhoKV+FTufN1ZDuCfMEDaH:Zz1sE3G2umGFT2mko3G2umGFT2XVuCkL","tlshash":"e5911ddd9ddb39ed1c7f97af15b2a9053c10410a5200f049bc6cca751fa6b745eac4c4","first_seen":"2025-11-22T22:44:58.706567Z","last_seen":"2025-11-22T22:44:58.706567Z","times_seen":1,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbs?c=1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:26 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/m1jFoahEbeQXtx4zArT2FKdbNIj-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/m1jFoahEbeQXtx4zArT2FKdbNIj-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4093\r\nserver: cloudflare\r\nlast-modified: Thu, 13 Nov 2025 22:34:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69165cec-ffd\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4BEsQmS55rhotmvgmH9s3QsDBXZsVpYQ6H%2FtnmfR0f2pkwctbO7fnq9FSDdZw%2BHIC3p%2FcuanSp4S06uCEgAoCX%2BOGapA6eSbb7%2F7%2FwxW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bec195fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4093,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"a905aa07c2b99f7c7a7f3de6050e43a2","sha1":"ae76b1d07b163cce35c9f33d198baeec54820707","sha256":"e6d6da297e50cec64b190cb6ffbbf8e63feefa5d0fdd6c8878a473e2089ef3b8","sha512":"527ce1022141ca8c498d57d11685b37fb79e5e5a17e9625155130774be76e4b512bf746112fa3042551864e0a2a5f72bd538cac959988520e7b0f8f03f7e6a9b","ssdeep":"","tlshash":"bf816d8f03aacbc1f67bbc548d6c0745af146361deb89b197078e95c33524c980b95cc","first_seen":"2025-11-22T22:44:58.708792Z","last_seen":"2026-03-15T14:54:59.770757Z","times_seen":4,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2019/08/mL0876_6cf8c6-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2019/08/mL0876_6cf8c6-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5124\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Jun 2025 20:21:24 GMT\r\npriority: u=4,i=?0\r\netag: \"6841fc44-1404\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gRstZbUkwk%2FbKOJ42hbQ3MLJ6HDZtu8bdMRN6ZdkcjqWCOfMxKkiq0LNiLc2EWYM1kR3L%2FD%2BFNOkpagnkI3qND8T5ZV9uwfyhkvsbKTa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bfc415fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5124,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 90x135, components 3","md5":"b98a0acf00ff44765fd4f93d7df3d08b","sha1":"87eec1396440874240afc8ff6893b21f594e6264","sha256":"eace4a8ed56b29cd4c1f951a82a65140c45b0f3ecfefbfea7fd69ecc11008518","sha512":"e68340e0df98c4b39a7ec92dec7823518728c14450fa974293530f25fce6683e688ab8c254b77a182b6c7836b66d326e7b5a04a9b5c20ae7aa2fe895e46e90d9","ssdeep":"96:TCIrP8WS8OR0MSF/E+ADQGijSRst8Oz2J4Mn9WL3L0qKz4sVTo:TfrPdSY/AQest8Oz2JobrKzC","tlshash":"1cb15c191f81c02af9592f3442504fb6430bfd6331c67fcaa9f1d96c09b9ad95edc612","first_seen":"2025-11-22T22:44:58.710682Z","last_seen":"2026-03-15T14:54:59.813475Z","times_seen":4,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f0d3b14579311387b4c15d972e3cbcac\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-09T15:13:20.105431Z","times_seen":15701,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":65,"dns":1,"connect":22,"send":0,"wait":25,"receive":20,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/sbar.json?key=0418753ac95ca42f1d5fe6b2b689e1fe\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /sbar.json?key=0418753ac95ca42f1d5fe6b2b689e1fe\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4507\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.filmaon.bz\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; expires=Sat, 29 Nov 2025 22:44:25 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 23 Nov 2025 22:44:25 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 23 Nov 2025 22:44:25 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 23 Nov 2025 22:44:25 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 23 Nov 2025 22:44:25 GMT; path=/; secure; SameSite=None\nu_pl27548561=1; expires=Sun, 23 Nov 2025 22:44:25 GMT; path=/; secure; SameSite=None\nslec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]; expires=Sat, 22 Nov 2025 22:44:30 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 108\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f509ebec2c24cf0140f4a905423b3e63\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5798,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"9fe26496fc71f769b3ba26c32a2d79d0","sha1":"e14d5b570b31b616da469d22d494f01fe5f78295","sha256":"f5ef7ee1736bb075e9be4970c97a4ae062fbb490d730b7bf73bfa31321c8f820","sha512":"48055de1286498f538344eddd12ad2bda70c0adbfededaf8e1a969656b5d03d97a7989426d73df20df088e4938e8119791f11385067f52a3cbdd2ebc12541a0e","ssdeep":"96:9zr3hv9TwaUasuNArZ/s4YP4tTwIiL6KprR/gKhEyYHxvR3Qptp+3s:9z7h+lasuNAl/s4hT9irRLStCp5","tlshash":"c1c17d7b588b61f42d7b2cdc6f575cec5c43ef4b60a5888c557aab3f13875621604070","first_seen":"2025-11-22T22:44:58.713557Z","last_seen":"2025-11-22T22:44:58.713557Z","times_seen":1,"resource_available":false,"data":null}},"time_used":772,"timings":{"blocked":285,"dns":2,"connect":92,"send":0,"wait":202,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/i6m3t9S6h9mTramzXPA490F5s0F-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/i6m3t9S6h9mTramzXPA490F5s0F-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7662\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:33 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca15-1dee\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yqqEq9CrZB%2BeoBIyR76544w58R%2BJmxKcUgTgcjO17GWIFjmZiZTiX0eqzGQ64c8p45aN%2FN9J72rkYu7zcRpUexrzjo%2B7xm2swgWUqdSB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38d69b25fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7662,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"0d13778d14abb3b13af019574dfaa224","sha1":"5850a5ac6659667aefc23e3bbc6f446a97844b59","sha256":"cc2f6b1430aac1323b1a2aec3f04f233042b69ae61a9952be2ba2617d98527f0","sha512":"6a92b0038904dccfa6b4dc026c0b51202db24d28d44c83bf1ca2ffd3bc950f57c284dae4f215c603214b1d7485641fbd3e6e55e3a6e7b4f567f5c896b7ffb361","ssdeep":"192:M6JJrOm7D8VtaiTCh/7DZOeTU5qo9XSi4JAbRcWCOgZx:tTrOpaiEjDZ3wP9YWIZx","tlshash":"b9f19e7beb640b85cc1c1c3a29764e2441e574b15b2d4eac2bf6dcf4022f0ddd212756","first_seen":"2025-11-22T22:44:58.715217Z","last_seen":"2025-12-02T14:43:18.494575Z","times_seen":2,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3422\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 504fd7b66ab100218b1123c6456d34be\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6461,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6461), with no line terminators","md5":"26ce7791f08fb671816e8ac15c21abcc","sha1":"cd121446322214f9ee849fadd1686452f9acf3a9","sha256":"e039e804b7483aec11801d7a306db1603f9c6d5f562340f9a5dbeda753c0224d","sha512":"01af678dd36e5bcfaf95c43fee3d7ac605299c1aca9187b5b330dffac03c16910e373e8ccb57e00c66810daff06b475d561370c05abe8a3beb00f5f9f950c409","ssdeep":"96:PKheeIZELV3rtYwDxXvH9VLgjY6oB/rCKTQ3l35AcOrzYdOtkiz9u5Z4tTpfn7:Pbj6VbjxXvw8zTCKTvlSQpfn7","tlshash":"b9d185883e81f0d513a3b5779a3f6549b3ad6814549fd804e107a0d03e2ce2ae97b6a5","first_seen":"2025-10-22T08:34:06.793976Z","last_seen":"2025-12-01T10:40:04.095127Z","times_seen":3160,"resource_available":true,"data":null}},"time_used":737,"timings":{"blocked":316,"dns":23,"connect":92,"send":0,"wait":102,"receive":1,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/2lkU7he9G8YGQqs7jabsRy2rBbl-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/2lkU7he9G8YGQqs7jabsRy2rBbl-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7769\r\nserver: cloudflare\r\nlast-modified: Tue, 18 Nov 2025 21:52:17 GMT\r\npriority: u=4,i=?0\r\netag: \"691cea91-1e59\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qEMTIKEgv7dvQAPBgpYBK3ivo7%2Bw2qWwXX1m71fKFrl2NUcjkbi8NmM6BjwxDgQImZNVfDsgC%2Bv8vkft%2Fwn6CmIHvXPbeNeNdcv2wFzP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3890dfe5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7769,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 185x278, components 3","md5":"8e9d69e6557abea40ae34986847518a0","sha1":"1b0f20d9a6c39cc89657797b919e5f3887c54e17","sha256":"991d092fa9d391a4f6f72bf4033be2a2c2e2d4f757bd501d82fcb143d6668854","sha512":"9336ca17b598ab3bdbfd9459d11f6dcb8c8b6a987876cf8c21bc665dc5166152a730b023fdfe71c08396d723a932880c1f4ddc2c03a7f4086efc6c6edb47b08c","ssdeep":"192:M3BnfGlffZsqHqs+eeHC8ETlfhexbrtTgzuSyS:UBnfsfxnXveWTlZe/tTgzuSF","tlshash":"bdf19f9a0150b2e9d7058f3179bb2b6dd1da69f7b7019b88027dce7c180c6f825d0b51","first_seen":"2025-11-22T22:44:58.717734Z","last_seen":"2025-11-22T22:44:58.717734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/yueXS3q8BtoWekcHOATFHicLl3e-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/yueXS3q8BtoWekcHOATFHicLl3e-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9039\r\nserver: cloudflare\r\nlast-modified: Tue, 26 Aug 2025 13:21:33 GMT\r\npriority: u=4,i=?0\r\netag: \"68adb4dd-234f\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x3p77%2FWK7evGnkR%2FwxpD4CUa7Cxsoecik6tOxIoRdFkexuJmeK0r9x5%2FtZwvV4f1SH9jRJX3aypjm8b7s5tCtQVgQnqaVc0SV14G9%2F3y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38a9f715fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9039,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"c6caa594d00d801eb3a204278ba5ba0d","sha1":"ab620a5a745f8259db7446b869209302c03ed361","sha256":"284d2827e8a79a42a30e24e5c27d4653af4aeff7d287e26a9e948d40d1291169","sha512":"4749be2be24161edd240e68008856d8eba8c39c76d9c6dc002834b258ca43ebcdbf90e4dec2c78f7d503de94280e37e6234899b8af45f9d5923a7a22ab355727","ssdeep":"192:MD0XoCjs/aVAAo51jVumYcttWY0ZZ8TuD1RqlTkPss5hgXWZwM:AlyEaR0xumhtWYYQuKXs5hQqwM","tlshash":"0b129e1abb15cd0aea743f3e1514000f73062345d1e696cee4fcc87942ba9e95eac67c","first_seen":"2025-11-22T22:44:58.719389Z","last_seen":"2026-03-15T14:54:59.796858Z","times_seen":4,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/daP7OLcxHoVC28ekNproe3ZrgwS-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/daP7OLcxHoVC28ekNproe3ZrgwS-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7891\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:36 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca18-1ed3\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=au7iIdWlyaAFm7xL0Jn1Li0eBKD%2BSVdA7PHVgzKcz%2FJaAs3J4Geh93lrFosJpyiAjqcxLOJxjZfoSInJU2iPE1QhsrRs8XTyA3pKHAkr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38aaf7d5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7891,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"7265b77f39b86dd69dbf525a261cbac1","sha1":"0dada83cf7fb5908b0710415fd4b4c8b5e1675ba","sha256":"17a308dae6d56177a0395df1e035d508e9e2588187933e923464526062868f8c","sha512":"eb6bc18db31236c8b71c9e7808709400f9b6c586ee05f360f78699f52f61ae4fe263a81c78cb16a86fc5005ddf7f297fee6b76c735290f774d37716074950727","ssdeep":"192:MgTcWnd233WrVsqo2wQ4NJUDWpzkkVuZYgpYfZ:X9sHWD7smOzd4Fpe","tlshash":"30f1ad82fdc828c4ec1cae76cee552948800a812cc5cad53807de182bfb59deec37064","first_seen":"2025-11-22T22:44:58.720942Z","last_seen":"2025-12-02T14:43:18.489256Z","times_seen":2,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Findex.html\u0026l=1463\u0026fd=148","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Findex.html\u0026l=1463\u0026fd=148 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/ehQPboTPaIMkMUOoNOh8e7pZ5Rp-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/ehQPboTPaIMkMUOoNOh8e7pZ5Rp-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4874\r\nserver: cloudflare\r\nlast-modified: Sun, 16 Nov 2025 19:42:06 GMT\r\npriority: u=4,i=?0\r\netag: \"691a290e-130a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZE4PVhxKMXWfzovnipV%2BYhB06cVz8qsgDzDKg0%2F8GJW%2FkaFlpbJqrAEDgLUG9u4zwDeNI20KfcNKDkUKpyovEgfyhfAWu5D1qTLuH82D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bdc0c5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4874,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 90x135, components 3","md5":"c3d6a27b758c336018cf3d0fd65f356b","sha1":"0106efacb81f1e2c251730b475992f633b5094a1","sha256":"14516ec8a97d9af17790a4ccd69522b440836f6218121084ea14b2e8167292e7","sha512":"6b25ce66fb0cc1f10ffe0da622b4ca93459a5e455c6cb33e9275a29f8f24d144c6c747b8debaba6c3662843aa7b7b13f4142e9a6fef10597c22eedd669ffc017","ssdeep":"96:MDLpb7G2OmP+3maxHPY58GmmLKzGRYjDghrfUgXFDF+azCHgcq:Mxq0+3hiN+zGR5hrcSDXCHgj","tlshash":"8ea15a3473c9ab23ec121e7e1e0b87868e09bc356a51527b2176cd954c6a0dbf7482b8","first_seen":"2025-11-22T22:44:58.722685Z","last_seen":"2026-03-15T14:54:59.734518Z","times_seen":4,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2024/07/favicon-1.ico","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2024/07/favicon-1.ico HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Sun, 27 Apr 2025 06:01:18 GMT\r\npriority: u=6,i=?0\r\netag: \"680dc82e-3c2e\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2FDr9F2TG8hYfkLKGM24A4Z0lCCO3VHLh9d7BL56XbpEw83LC%2Fviq7jYnzQSzq1ntjKglqzQWiBC5ixy3cy0UyyVybuMlUxIEp%2BvCVwU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37f8f395fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"d28ddc837b1e9a7c6c8fcacc45b4a77e","sha1":"ab5947889684a0a17c58d79436e24596feacacb9","sha256":"0ae7ef4a098358586a60c913c69e0d144a16e38d74e7b26e0b5cd97f780ce515","sha512":"1d1141b4e2269dd90374773a1357da6d3927340bc14dc79654a6eb46ea8323d8816445b1f1cf84a488e1418134e5ad765457a7e8eba0a68511299ec6d6da4031","ssdeep":"96:QJutguCLJqoAUJvGIDdyD0svFovpnsQP9OeZ2263G9/KI4HF4vYjK1gTacU55Ztc:2utgX6CQ92pREmvWSg2c4PDJftm","tlshash":"1c625342a3909b32c9692736d1fb4309637aee00bf966b0b1358f0605fb33856b5369c","first_seen":"2024-05-26T23:04:24Z","last_seen":"2026-03-15T14:54:59.770038Z","times_seen":7,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=b9f89189-b681-4224-83bd-dac53f7d72b3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=0418753ac95ca42f1d5fe6b2b689e1fe\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=22","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=b9f89189-b681-4224-83bd-dac53f7d72b3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=0418753ac95ca42f1d5fe6b2b689e1fe\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=22 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 0\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2517a63c3934b9548c440d73bcb22277\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":648,"timings":{"blocked":269,"dns":1,"connect":91,"send":0,"wait":97,"receive":1,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/8x1W0TR2VIe7ORaRI9zwDqeJn9q-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/8x1W0TR2VIe7ORaRI9zwDqeJn9q-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 14015\r\nserver: cloudflare\r\nlast-modified: Wed, 27 Aug 2025 13:02:58 GMT\r\npriority: u=4,i=?0\r\netag: \"68af0202-36bf\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zyyjIwjLSofggyOoSm5OtTbZLxBGbc%2BovpBndKiojbL1W5K989zVJs6x%2F9twl4IPMFfCMexqE%2FsSH0pd5jz07VrMsfzDP3MHUbIDOteu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38a8f605fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14015,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"8bef182ad0e093c70a8b181bcfb968b2","sha1":"42fa01672232287b888a521a49c056f691ff3aa9","sha256":"c94a8e30712ef68b666523528dcc1952ccee76be13a6b24599ce5e707a21930b","sha512":"6351e079a66d9656c5baae5abcc6a617fdf4e6733c7349ad38e21064093c09202235b948bfa67e6034f1e01f6033048c0edfc9f3e4ce444aa0e9560e4862dda9","ssdeep":"384:zWmF6cVDwUY+00eCMguMoH3hQrvqPQJUjYCu:zWmFxT009MJM6hQrx2A","tlshash":"5d52ae51be4b0257fa5baf71a60536303b82eeb15d68df87527cce2e09164dcb820e58","first_seen":"2025-11-22T22:44:58.726243Z","last_seen":"2026-03-15T14:54:59.719216Z","times_seen":4,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:26 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8673-e19\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jjyy3VrIdIuqvTgulwCNLdTAONMp%2B99RKNAoWHFgwTHG7V%2BqXIS84%2B4Dnmyr%2Bb985ekYMVDGoSFyKWiHOx9uFmYY1a%2FcEcjFWmAS0c8%2B\"}]}\r\ncf-ray: 9a2bf38d991456ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3609,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bbc4f23a6a8c6b1d6ee9a4b55873e9e4","sha1":"029970bd96ab7256746fc8ac6499963510c566cc","sha256":"31801ffa74e34e7f7eefede0edc06b781704fdb004b4dee1656e3c11d02d7584","sha512":"6a12b2a1651a54328adb5951173fb9d13d9ad505e7935cfabd069809f604ad5d685eb22f03303f0c2dbfb68c58f2f60d9e65c6abc281fa87d3a72322d21194f3","ssdeep":"","tlshash":"887120e53bb91a04b51ad5a738123b573b2981039e0fed745fe1341c9ec52a9c2a339f","first_seen":"2025-07-05T01:22:16.614565Z","last_seen":"2025-11-28T09:42:04.433483Z","times_seen":122,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":38,"dns":5,"connect":6,"send":0,"wait":476,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Fjs%2Fscript.js\u0026l=6997\u0026fd=480","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Fjs%2Fscript.js\u0026l=6997\u0026fd=480 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:26 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/pOUOwZUuUXa6bTBhvaMaEbLqBQM-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:30.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/pOUOwZUuUXa6bTBhvaMaEbLqBQM-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com; _popprepop=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11759\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:30 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca12-2def\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mG%2FLBQinkC2x1TXVvKSGka5%2BTS%2BoohiiTUuSlg%2FRGhK9W2lZ9GyCywLPwuR%2FJYvwqfzxgy1v%2BCypWEmipY8kSDqh4OT96iAvnO400Z0m\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3ad0afd5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11759,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3","md5":"0329409cdee358a0c002fc03f01ce493","sha1":"a1e8c23f2f87beecca32a1d392b95de2fb399f84","sha256":"b60be2eab547bdb63515ed349656e6dab1cf828d5e8f001a03987a7c77adb065","sha512":"267a097d720a4b85bfdd063a9886658898faf0f74b03eaac3436e1512a1f2148f1a70c6e16640545ec8c728402db77b62b58b119235ebfe61bcba90746e55eb5","ssdeep":"192:MkYyg5RicadNlXLjaFHGuC0OLnoBXRoGP8JQTJ68F5Ic4dpoXPZ6mh055:wQcadNZjEmThLWXRoy86T0EI7dpEPW5","tlshash":"5332bfc3e249a81be2930c75314f3259af419e80f22513a467b7edb39bbd1e3785013a","first_seen":"2025-11-22T22:44:58.728589Z","last_seen":"2025-12-02T14:43:18.42666Z","times_seen":2,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":79,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 18 Nov 2025 23:52:35 GMT\r\nexpires: Wed, 18 Nov 2026 23:52:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nage: 341507\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-09T15:22:38.78062Z","times_seen":805665,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":164,"dns":1,"connect":28,"send":0,"wait":17,"receive":5,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/2GHJGnF2jgnzeqT3XTHjHXgk5Fx.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/2GHJGnF2jgnzeqT3XTHjHXgk5Fx.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41424\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Wed, 22 Oct 2025 08:03:11 GMT\r\nx-bo-server: LA-294\r\nx-downloadsize: 67916\r\nx-bo-origindownloadtime: 169\r\nx-bo-compressionratio: 39.01%\r\nx-bo-processingtime: 18\r\nx-bo-version: 1.0.26\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1334\r\ncdn-cachedat: 11/10/2025 15:09:37\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: e6d9ac77132172ee2f71e1383f6da0e0\r\ncdn-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":41424,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"77bb958d8f21ab9af492a91b1c6d936a","sha1":"b8b6b44cf1d856017a1c8573aa524417f060bb69","sha256":"b3fddd15b8397dd4b4d2c72d16653085e320792bf4f5100545068e67792d7d37","sha512":"1da906f20bac51b4495ddca529a3b65482d79cf0fc569a42e472898dbdd538133b3d3c1f4bf4d4e2e341dcc0050b288581f36a1008b118ab4f8524ec3b2ce88c","ssdeep":"768:4+Kx3ix/XPxJUj/hOrp/Enk3R4XExZBbpdrF/zD9Tn97QioxiCnOm3zwPVn1:4X3c/UhA/EkhnrBbpdrzyiuiCnjz6Vn1","tlshash":"2f13f1cfae29525a6bc37e341490b4736262d2cd7d7ecc291e29e38c3051884595ffda","first_seen":"2025-11-22T22:44:58.730816Z","last_seen":"2025-11-22T22:44:58.730816Z","times_seen":1,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":77,"dns":30,"connect":24,"send":0,"wait":50,"receive":25,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4.adsco.re:2087/","fqdn":"4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":2087,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4.adsco.re:2087\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET, HEAD, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Origin: https://www.filmaon.bz\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: private, max-age=5\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":86,"dns":1,"connect":30,"send":0,"wait":31,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/mC6UHfSpKHQVYJPFpiOmn8DLcuT-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/mC6UHfSpKHQVYJPFpiOmn8DLcuT-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12080\r\nserver: cloudflare\r\nlast-modified: Wed, 19 Nov 2025 20:05:08 GMT\r\npriority: u=4,i=?0\r\netag: \"691e22f4-2f30\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bxJIhMz11iRYa2L8xJdOeW%2FozSOzTb6Rzipg82d%2FNJKjrrVKH3Drf%2BI80KvP%2B9JfpNkMZEIdjOfd7t5nPWz8ky4xLxTLR9XgOh9jLPib\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced265fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12080,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"8d3ee783f1702ba38c303d2a587d4a15","sha1":"ee11fb1ac296c0997e42ea09c45d912443a0ec1e","sha256":"691b75c846209590420df112a95b28bb8411b63c0b979ada48b40436d1a8ac2d","sha512":"2fc0f2e98119fa0b866041c4547a27c761d91f08b4dce76f244547e1e4dfc6483a4a9f8ec6a2c767d22f7b10a886ee52f4ad4e92489e2925872aebc0aba22fde","ssdeep":"192:MrJN3Tv9ea1foXGUv00sWZ7SZHdNvp/bLCArn6TG+U/17PeWYaigvJFN9kLbfesq:U1RtfoX/jwxdNvpDLCADl9BdYfesKB00","tlshash":"3242cf971ff2428692a625f398549c454b3add9bbe5852fb1274cec2622c2c2bd18329","first_seen":"2025-11-22T22:44:58.732905Z","last_seen":"2025-11-22T22:44:58.732905Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/fcy5988t/5wvf1.js","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/cache/wpfc-minified/fcy5988t/5wvf1.js HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Sun, 16 Nov 2025 19:39:59 GMT\r\npriority: u=2,i=?0\r\netag: \"691a288f-3b15\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dMfZoJBbOitbjAM%2BMpwCYYABOsgpyYWIkLgFe6nVTnca2CNvYB4RELI9k7pOMqtO3YtucmkhK9VfJFiAnTE2NS%2F5fpyfx2pr%2Br8nq3bk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3768fe65fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15125,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (15023)","md5":"0721db2078fcb5e542ac6cbefab18eb0","sha1":"6f40e09256a7caedc0cdf5384fc1f5ca1d541669","sha256":"9038a226d71c01d6e7b8c47edb99e333609ae0ef9ba1e6fe5af4763caeb515ac","sha512":"816776d10ef68197740359f8636c9f7de89379172b671ae0f56e2bee5bcd85b826a7e88281ba70fe5372ce9364f54361c62520ccfe6624bd85b3bd22882f22a2","ssdeep":"384:OWJ5xYXJ0yfMS103o3Y93U3k3A69uDxMJxtvpWF1x1mUgspVYopnpTI6I3MIk47H:xGXfM5MigwA69uDxMJxtvpwVNRpTpxIN","tlshash":"8b62645778869cc9027761a1306fd50ab2b33e51d9124a0af1b9a1ec5ffdec66033b1e","first_seen":"2025-11-22T22:44:58.734204Z","last_seen":"2025-12-02T14:43:18.409101Z","times_seen":2,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-length: 0\r\ncf-ray: 9a2bf37bdc115fac-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/13c98df4ef2d/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=E8uZjo5s2f4e0OGonRKQyjFucjHMZl3iDr8XoIz%2BgkafcCJUyj0Y24dbey7GcxNEkTmqj62fVQrfBnevZOaTiPcy175vSeEbwQv2xjcR8OWJVP7WE5Czc%2Bchi8dkckhHRQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1639\u0026min_rtt=815\u0026rtt_var=694\u0026sent=334\u0026recv=48\u0026lost=0\u0026retrans=0\u0026sent_bytes=357134\u0026recv_bytes=11380\u0026delivery_rate=65008275\u0026cwnd=204000\u0026unsent_bytes=0\u0026cid=97064d1719fccf27\u0026ts=1056\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10090,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/wm8vkpJmY7UbUXME8lXkxqIalX6-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/wm8vkpJmY7UbUXME8lXkxqIalX6-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13058\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Nov 2025 21:46:11 GMT\r\npriority: u=4,i=?0\r\netag: \"6920dda3-3302\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G%2BZjYFG1PDwJTkSgNHYBqW7FbnFo1brByXYD8F%2BCN3nRoBJEd0NTIyn68AGsc1wdrVd4Yjn7Wxgh4E%2Box60fbgGHbBrXFzGzeMiitziY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced165fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13058,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"8afb63b92df5f5ab67190dcab34ff5a3","sha1":"d275a9f01bfab28ee25e583e7f655fcddfd74d77","sha256":"c5411fce12c9afd0732c0028b89ba7f48336f6d2877db5bb2b411c99756dfd78","sha512":"970a22f4adf7c4bd7d54d98091182dfedb9d51756f748067e7748fb019241031bafffbeeafc34d2afdbaec6bcb5a19da267e6f1e31d944c74f7f7c5871599586","ssdeep":"192:M6tUIBLG1uE3tiff3IAqo5gtxO3LO9W1wewMnNwOSpUV2w2NDXf6rPrt8G:FGZ1jtiff3ajO3Lj1wzpUVwlvGt8G","tlshash":"1b42bf5763116e80c92a483805c8d18fff609a3b8dcddb06fe39d855af46cfa4809d69","first_seen":"2025-11-22T22:44:58.735682Z","last_seen":"2025-11-22T22:44:58.735682Z","times_seen":1,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/06/logofix22.png","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/06/logofix22.png HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 4371\r\nserver: cloudflare\r\nlast-modified: Fri, 06 Jun 2025 14:28:02 GMT\r\npriority: u=4,i=?0\r\netag: \"6842faf2-1113\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OGpXGgn3kZq7el8SRjOG1tVCOZIRNTv3SgFA%2F8C0%2B7hn5N6yEExbUpoJNkXpz7afkXfQs0fJgitA5Td2s7tjFzftviTX6keV4tXB6R3J\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf378d9c35fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4371,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 73, 8-bit/color RGBA, non-interlaced","md5":"0d29f2327197d4011c21f7d5b760a6ce","sha1":"bd4110a57e68e8ce0b290942d2377dda2369379c","sha256":"95f741052cf458be9593f5af138a9f8a6661fce42050a8ad78bfb10c8fa78cd4","sha512":"a43eaf4eac1af27e16ec70baa2b78eaa639c61a667d2c0fbed049860f0c84a7b3b472913419e5418ca37e0b1264a1bd94d10dfad1f87ff5c4f75101971baca4b","ssdeep":"96:+3JrSOa9JqtYLCzy1Dz91QFMxiZJwXZujQyGbDbJ3ndnM:+3PaDqtyCzyx91QixsJU0UyGbDbJ3ndM","tlshash":"d9917e50a3b6bdf395d415309ee4762304c02170d7ed86452bc2d12577ed7c6618b34a","first_seen":"2023-08-29T00:21:35Z","last_seen":"2026-03-15T14:54:59.740104Z","times_seen":5,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"r8kybcupde14.s4.adsco.re/","fqdn":"r8kybcupde14.s4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.780Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: r8kybcupde14.s4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":202,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/8Mckh3qJRTzXTQNZtpb133RHmO4-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/8Mckh3qJRTzXTQNZtpb133RHmO4-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12799\r\nserver: cloudflare\r\nlast-modified: Tue, 26 Aug 2025 18:27:52 GMT\r\npriority: u=4,i=?0\r\netag: \"68adfca8-31ff\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EbiXo1DJFWbtOuZO9FwM7Kj5bl5PwYLn6eh9D6PF1Px8aPeB66G%2B8%2BuHvUAVHHpHQNgoe%2FTALaJxSa9SdZe5CbqXxk7wSBVnM0tGBD9h\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38a9f6f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12799,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"5a5d8cdba2f10694e1aa668ac9bdc087","sha1":"524373259fbd21a6a41c18c7e235d08e85bcb077","sha256":"722ed60963a566528418e9cd03ce5bea58abd041fdc69a388b92b9225338c244","sha512":"2211f143ad22d80ff0203497f8089592c0cddff2c6b33ef42d65799fff3c853bf2177330ea2754be038dd8ecf56b5f22e0ac17f8a6f7f3a0a820c4873492b5cc","ssdeep":"384:UDmTNPMFZ27erbj95MGf0OXDjo0sv4tUYBb5cWLSBp1uqoL:4iNUrbbj95DpDU7SUvB/VoL","tlshash":"b042cf3c630aa84fdc0dfdb369e8066a7654864f9bc194d6b6bcced02826cf20f9d011","first_seen":"2025-11-22T22:44:58.738605Z","last_seen":"2026-03-15T14:54:59.81272Z","times_seen":4,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:26 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8673-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b5fwYCrHsNifI9VRxrCuTyzNLPDNxDtCK8aoTv0SWddeBXQslsFsic50UduNNsHStPbsDV5eJitOu7NKYqQP7vpLBj%2BNeq4jXjPkgqvq\"}]}\r\ncf-ray: 9a2bf38d890756ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-05-09T15:07:00.192081Z","times_seen":11190,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":33,"dns":6,"connect":3,"send":0,"wait":470,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2018/04/MV5BNTEzMjk3NzkxMV5BMl5BanBnXkFtZTgwsddNjY2NDczNDM@._V1_-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2018/04/MV5BNTEzMjk3NzkxMV5BMl5BanBnXkFtZTgwsddNjY2NDczNDM@._V1_-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15587\r\nserver: cloudflare\r\nlast-modified: Sun, 27 Apr 2025 06:01:16 GMT\r\npriority: u=4,i=?0\r\netag: \"680dc82c-3ce3\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Il1VDPLQ6nTZRVHb2jywrClD9egZxt1kOa7T6GxZbSWPc8MygFMYGck3ijAtP%2BNzoNboccGaCPDGj7zFdaZ4wi9UfNXXdzvzKV%2BnAyi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf388fdfb5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15587,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 185x278, components 3","md5":"b6b9e51605b1c7fa316d9b6fbcc5775a","sha1":"a687f7608b8cff027dd407236bd4292e3a6e28dc","sha256":"cfbac51465fead75de80cdcb0c4f73cacdad7bee60175ca767f3481fa7223ad6","sha512":"95ba48ca9961e5c128295511855f632c559754deba4c4f059dc0451e87af55ff0f03ada0f5a6024da60226f7400b6f5fd8e7eec633d18d68a4edc91d7a75bd51","ssdeep":"384:SU8cSXm8UG7U8AvPd2+xyY1OhxaJV/oUEX5812EX:SU8cEm8UG7UxvPAUWva8UX","tlshash":"5d62b0eda113904dd2082d37802a16122b59ff158d9b729a37f3eeed44a96d49fb01bc","first_seen":"2025-11-22T22:44:58.740578Z","last_seen":"2025-11-22T22:44:58.740578Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-22T22:44:21.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 22 Nov 2025 06:55:17 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AtbKWUhPxSkgYM2UO3TIXy7OZNBJXKcfNdwFSfTh1uEMXms98xvTiqXBEYgk49R%2Bb7U9XBLNiqwKFbN5Tr1wpTxLll3eOLOwlJQxnpQ3\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9a2bf3736b2eb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Site Kit:1.166.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Sign-in","description":"Google Sign-In is a secure authentication system that reduces the burden of login for users, by enabling them to sign in with their Google account.","website":"https://developers.google.com/identity/sign-in/web","common_platform_enumeration":"","icon":"Google.svg","categories":["Authentication"]},{"name":"WPMU DEV Smush:3.22.3","description":"WPMU DEV Smush is a WordPress plugin that allows you to optimise images without losing quality.","website":"https://wpmudev.com/project/wp-smush-pro","common_platform_enumeration":"","icon":"WPMU DEV.png","categories":["WordPress plugins"]},{"name":"WP Fastest Cache","description":"WP Fastest Cache is one of a number of plugins for WordPress designed to accelerate the performance of your website.","website":"https://www.wpfastestcache.com","common_platform_enumeration":"","icon":"WP Fastest Cache.png","categories":["WordPress plugins","Performance"]}],"data":{"size":102078,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (40321)","md5":"a988b9e471709cfe8ea033f9972839b2","sha1":"58643ac17c066234feec9884073654a2d287e3e4","sha256":"8947ef38c7e843841bf31ddb17d278ffc25847398beaeef0be60092b1210da37","sha512":"ac80a7a04d0253b04fbcaf9ce081288a2005b953d9a72ae6fdc9818177e52a88bfae885c8a8418f0591abafa7f9c5e2f08c27c47c0990cef79b8ad9cb4ac1f80","ssdeep":"1536:S+nA/Z43o9cyUqNUfERzc5PMeyHP6CCztHYf2QLkV+TyXQxgMjEutCcwI+/x/0:S+Abrvm0","tlshash":"5da3c7f6280d107b9267b5c4a579f72c72e7948ecf138a81bbfc439887c9e92676105c","first_seen":"2025-11-22T22:44:58.741894Z","last_seen":"2025-11-22T22:44:58.741894Z","times_seen":1,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":46,"dns":27,"connect":1,"send":0,"wait":303,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=GT-KD7LNFM4","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=GT-KD7LNFM4 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\nexpires: Sat, 22 Nov 2025 22:44:22 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143160\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":431184,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"74dfa5c7afd0d77d58bd941dc9d5c8f6","sha1":"9028ee644a1e562dd0944aebb11b4b458ba470e6","sha256":"4abf9f759e662aa93da51f8192744b8c6bbf06a6c8926f1b7da8f45af5f4d817","sha512":"694ecd8dc1b8bec8f2fd8e9fa04f3a12005949c2325b1ca4779ce37c0ec6d600b14db6d9a70ee3c350369c7c0ba99b9c8b7217f630c8add7bdc2f59790b06fc7","ssdeep":"6144:3UJ51BUKitJeUI2XVUULUVWo6O7GQEO7QZ2ElVFBoOr+Lu:3q53Di2UnVUUtO7QZ/","tlshash":"d5941ace73d674225396f078502f018ba57b28a2b45cc896f1c9cde42e74a9a4277f7c","first_seen":"2025-11-22T22:44:58.743349Z","last_seen":"2025-11-22T22:44:58.743349Z","times_seen":1,"resource_available":true,"data":null}},"time_used":379,"timings":{"blocked":155,"dns":0,"connect":21,"send":0,"wait":26,"receive":27,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cdn4ads.com/kuUM/V/sl20n.min.js","fqdn":"www.cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1037973644.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 14:38:09 GMT","end":"Tue, 10 Feb 2026 14:38:08 GMT"},"fingerprint":{"sha1":"A0:57:5F:15:42:AC:10:94:C2:93:0A:71:50:CD:A4:70:48:15:E8:4D","sha256":"18:6A:15:2A:B8:EB:FC:88:BE:D9:89:BC:69:B1:A5:B3:99:8B:A5:20:F5:5C:BF:69:F8:63:94:75:61:B8:80:0A"}}},"request":{"raw":"GET /kuUM/V/sl20n.min.js HTTP/1.1\r\nHost: www.cdn4ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: application/x-javascript\r\npopads-node: wb5\r\nexpires: Tue, 25 Nov 2025 08:44:44 GMT\r\naccess-control-allow-origin: https://www.filmaon.bz\r\nlink: \u003chttps://cdn4ads.com/\u003e;rel=preconnect\r\ncache-control: public, max-age=604800\r\nx-77-nzt: EwgBX63NDQFBDAG5TAoBAffKCgYADAElE8IuAbOHOgkA\r\nx-77-nzt-ray: 2a494a15542c470aeb3c2269a448a021\r\nx-77-cache: HIT\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\nx-77-age: 395978\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":41922,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1568)","md5":"5dcf3079fbdb292cd3649edf4489df0e","sha1":"2f63d935ace55cbd42880cd5314d290813234173","sha256":"7f87f0f571834cf6a611b2ab1922754365fd7eb739a024ea5584bf370dd40555","sha512":"e096ec0441a1b8e947ebfbb71973a746de94d7ba8b746e938cf6fe0380721840b9a2e12e5940a79edc5f805ae33fbd4c524faff90a59eb65200c947460b7029e","ssdeep":"768:bt9rqAYKKGrZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigCbKUCntlqK:bbhZzFQ9JsTgZvfzmMzhYrTscpMZw","tlshash":"76133aaab286282601e741b9513eb316b23305167812d458fcb9cdf96e3ddc6127b7fc","first_seen":"2025-11-22T22:44:58.744681Z","last_seen":"2025-11-22T22:44:58.744681Z","times_seen":1,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":47,"dns":31,"connect":1,"send":0,"wait":28,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/themes/dooplay/assets/css/img/play4.svg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/themes/dooplay/assets/css/img/play4.svg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/wp-content/cache/wpfc-minified/1p90a211/5wvf1.css\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 17 Jul 2025 10:28:20 GMT\r\npriority: u=4,i=?0\r\netag: \"6878d044-403\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h12AaHyguS3O6hR0xOhxaDmuOlu0TUM5KoFlf6m6VkF3Mor14jWhIvtJyAihlcOaQfJchHy81AC1dt%2BeCISr7Zk4UsrNErYD9Nh%2BLPw%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bfc465fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1027,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4b5c9f2cc1bbed563882913d74fa2750","sha1":"c7a7fe06d471f08f54dcba1f6921b326e1bc83be","sha256":"5199a54a9adddf2f0b5fef5b19e6caefa3dfd90852cc4435a3bca243b96ad747","sha512":"d4fd54d8debca163de93c3ce8bda750b743b776262e092dd9d7860911754c84daa0bfe39f29b8ad1502ea4818bd7796ee94ed3b500d4ec472920c75fcca0f45f","ssdeep":"","tlshash":"c31175c5eb62b77997db6bbc47b4ec54be17003631610b1c5034a87a40d2c564d08cd6","first_seen":"2023-05-09T03:18:41Z","last_seen":"2026-05-05T17:40:08.151784Z","times_seen":523,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/dHrjWI7MnKc1Y1b03pHzFvcAu91.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/dHrjWI7MnKc1Y1b03pHzFvcAu91.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/webp\r\ncontent-length: 38812\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\netag: \"67fb7319-979c\"\r\nlast-modified: Sun, 13 Apr 2025 08:17:29 GMT\r\ncdn-storageserver: NY-753\r\ncdn-requestpullsuccess: True\r\ncdn-fileserver: 860\r\nperma-cache: HIT\r\ncdn-proxyver: 1.32\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 07/19/2025 14:43:28\r\ncdn-edgestorageid: 864\r\ncdn-requestid: da5427f8f25f9bfb6e32c90b6326da39\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":38812,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"eecc3398a48ecec2408fffe752ff7ac8","sha1":"43d8893d9d00495244e35cf68bfb2f06eb095838","sha256":"ad7c4fca4ac27092aec92b6fe9d3754083db48c271e3b583f7fe1c111a93c23a","sha512":"a7f1c0ab582d50182844209c87d33ab02b1a7fcb01bdda77c7238fbcd0a02f20a84f0cd010cabe399b15b31e8f9b2b10b978b075303a5f9cb3e739fa3a6c9f6e","ssdeep":"768:BFOaewy6D9p7sjpIVXmMGBVyB5KbUXde+aRJcbIK/ElR4c2bRBtmaA:neLvOVXhGBVy7EFRMIEET4c2bLM","tlshash":"2d03f1860cad49fbc2174651ed999019b32168234233060fdee92a18437a910d7b2efe","first_seen":"2025-11-22T22:44:58.746632Z","last_seen":"2025-11-22T22:44:58.746632Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/bbZj17wezTscsrajlH54o13SKA0-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/bbZj17wezTscsrajlH54o13SKA0-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10680\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:38 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca1a-29b8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nqonAoDwE8oZARlZkJ6XZNTJmRbBTqPF5eAWmKAHpTufaTIEMjT8z4QXI4rlxHy9LlDEfLAAZ9c%2B7YuH0GiNd%2FNahsztSGimYvvS14n0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38aaf7a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10680,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"514212a6c5d1f4412f7274dda82e6047","sha1":"9bcec2e57fe6ecb117b3bbe442b4e92855307786","sha256":"70a423c28a7a1f9c347192dd2511aba460542b57d74022109283a43454388965","sha512":"106477e4b1a7068d42c3ddc24cb694342b66d8739445124bf0ad25433f84394bcc70a52b30e099b201953c1eee2322b0088b996bc18ea0714e0e48a66de3020b","ssdeep":"192:Mtzju6G9b69M8Bgj/JsGjHHUOYYeY2E1TOgGZYn668W2roha8m8m8FB3tuvu7h/n:UzM9b69M/JstPGybZ48WYohbWc/uvc1h","tlshash":"9622b02c68154a89c8984f63460ac529eb66443ede25c288fdb0e9a5f7f43f445a0d7e","first_seen":"2025-11-22T22:44:58.748496Z","last_seen":"2025-12-02T14:43:18.46136Z","times_seen":2,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/tKzmUlodvitj5czxH5yMXOhestf-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/tKzmUlodvitj5czxH5yMXOhestf-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8041\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:37 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca19-1f69\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZaALHtQsn%2FMFtNkDt6wDUIjJp1RFPQ26YKwdysdb71ExOY%2FKxCRXrpjBITvsV76c70ClXgDJZivghbqTmNwxe%2F9cbHsLvQLQbdcUebze\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38aaf7b5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8041,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"255f93efb0da9f563d76995081e97ebf","sha1":"f95d02d96f5d7aec58f97117befd2d1ff01235db","sha256":"4ddf30fef6dc6490cc519d6840dd108618580e2886e82c5fcd863549439efea7","sha512":"595581f38db0c7144afacf1c63efa574a58ee73e2b8060bb70921c66a14484fd977fede874a96cdb9754c2b1ccce3d838fffe608a772b7791a6839cb8ed859c8","ssdeep":"192:Mq/TW8EeGpe+fuRsZxoNETK5R02Fqf4EKvtWsCYLcNfB75UrwX2Xm1Qo:FBGYglZauwvqgEGWzj75olmx","tlshash":"50f19f708b6d961c8de64cb06b1b2045977134be9e9d261a947dfb4c0092ec4552da3b","first_seen":"2025-11-22T22:44:58.750405Z","last_seen":"2025-12-02T14:43:18.484909Z","times_seen":2,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn4ads.com/oxhoncwndhc?sabgWneL=BQOCAAAAAAAACZUAAvQIz9_DG5186JrpmqaQBuufVNCSWyFE0fYZVCE-h09Ardze8Dr7yKErN2VE7P70N1r22rJqV3RKciNBj-iVLFKNHX8bojFO2laWTLfeW4b2Gz-bmtxMiDetb0kGNyHhyE3ItNLqtu-qauD5EPpWsL8n-t6BTWtw0rhWxT-ZjpHYoSzBRPO_n7j2nE_ztAP7Bm6F_1eV5JkbHr8QTr-kb2xUpW7bneQAsw6xI2AuhVmV1kTnGnLwaeCMtUDHP_XmNp6wioItrPLmsCMEOO81UdozRnNSza3FY-qHe2yWB8_csiL_NrkLlPTiJJImb8D_wPSKSnavZys5OrQD8JgE0Mk3Od5CTYjowwOoOZ0Z4yhGPwpDLzLAfNVIse5UnNUoUJ7sWd552Hqma3e6AHqY0eV0Ji9rXxZMKK3R_aA1gfao2W0ngkvthfTloUQDJDH6UfmsFf3avtF0ye1Q-vtgEV5TNwgiw0ekclsODSxSqYDik3G1dOexvqUyW0rIdK8_hZHlqMBUsmUpcKM1l0cD5PBKAwO_n348zVPOUXTbGmETJmglEr9qlPWv-8NiBsF_BjwIMFQ5LkK2s7GM3kBlb2fH6Eh7gp2VCknfhInsHZR9AEUhBYRyJHv_4gusEjXUb-UVeXZMwfCIf_Zn1zB0iREvcC__vQ_qM1SzjMv7VejnIxeSPfPV7KRds-f1n1LuVASVRalTiOppyruC1y3cqeXWqWQ7yuVx2OTulqgKMVEjPZzLDDtWavHBGd8b3uwdIaEk6EDvSc6yyGxMzvxfJHrGDhoBQ4mdX571PzwX2QGWJ4u8a4q3501kncpto8dAS49rJogS0qWPti2gZya8uxgSuSWwJfGgLrW4-jl_AA9bLboagDoLti1uKS4yTEGXWPGVmHHVFEUc1J02sPWIaWNgQJIA5BjSjqNzcoID0Oj6s-wK-bF8pVChy7Dex2slLhkm-NFSdudZuMu7IjhKTHiv_bbS-Ht_uB030syWBN55z03rDl4qf7V1FPDPqNAcuGq0b3FoOpx7Crl8pK46w0vsUpScewXYGaIoa3yhGoP3rfOVvz_LfsU2z14oFy6gneqVFEK_1M9bobqcgLtAt_xJMFrPV_yYbIey4anypvWwdLdJurOOvBONa0hl1CfWLrZrGYgepNdk8STv9PtKMpbyLoeZZXzHGZjknbBrlyqp\u0026GbKqQwED=4\u0026tgkAjhVH=5213999\u0026AbcOZuPB=\u0026jJGuaXDp=0:1,0\u0026KdcaxJfe=\u0026KkvEFqLe=\u0026oDGuBlhp=1280,1024,1,1280,1024,0","fqdn":"cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"216.59.63.128","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cdn4ads.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 04 Apr 2025 00:00:00 GMT","end":"Tue, 05 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:E8:5F:67:E6:26:22:D5:AD:B6:B6:67:7C:38:20:45:99:C6:B1:7F","sha256":"7B:DB:ED:86:83:B7:92:84:B5:0C:52:DE:81:DC:EB:28:C6:80:A9:EC:C7:FA:B5:BB:A7:55:6E:17:99:E5:84:B6"}}},"request":{"raw":"GET /oxhoncwndhc?sabgWneL=BQOCAAAAAAAACZUAAvQIz9_DG5186JrpmqaQBuufVNCSWyFE0fYZVCE-h09Ardze8Dr7yKErN2VE7P70N1r22rJqV3RKciNBj-iVLFKNHX8bojFO2laWTLfeW4b2Gz-bmtxMiDetb0kGNyHhyE3ItNLqtu-qauD5EPpWsL8n-t6BTWtw0rhWxT-ZjpHYoSzBRPO_n7j2nE_ztAP7Bm6F_1eV5JkbHr8QTr-kb2xUpW7bneQAsw6xI2AuhVmV1kTnGnLwaeCMtUDHP_XmNp6wioItrPLmsCMEOO81UdozRnNSza3FY-qHe2yWB8_csiL_NrkLlPTiJJImb8D_wPSKSnavZys5OrQD8JgE0Mk3Od5CTYjowwOoOZ0Z4yhGPwpDLzLAfNVIse5UnNUoUJ7sWd552Hqma3e6AHqY0eV0Ji9rXxZMKK3R_aA1gfao2W0ngkvthfTloUQDJDH6UfmsFf3avtF0ye1Q-vtgEV5TNwgiw0ekclsODSxSqYDik3G1dOexvqUyW0rIdK8_hZHlqMBUsmUpcKM1l0cD5PBKAwO_n348zVPOUXTbGmETJmglEr9qlPWv-8NiBsF_BjwIMFQ5LkK2s7GM3kBlb2fH6Eh7gp2VCknfhInsHZR9AEUhBYRyJHv_4gusEjXUb-UVeXZMwfCIf_Zn1zB0iREvcC__vQ_qM1SzjMv7VejnIxeSPfPV7KRds-f1n1LuVASVRalTiOppyruC1y3cqeXWqWQ7yuVx2OTulqgKMVEjPZzLDDtWavHBGd8b3uwdIaEk6EDvSc6yyGxMzvxfJHrGDhoBQ4mdX571PzwX2QGWJ4u8a4q3501kncpto8dAS49rJogS0qWPti2gZya8uxgSuSWwJfGgLrW4-jl_AA9bLboagDoLti1uKS4yTEGXWPGVmHHVFEUc1J02sPWIaWNgQJIA5BjSjqNzcoID0Oj6s-wK-bF8pVChy7Dex2slLhkm-NFSdudZuMu7IjhKTHiv_bbS-Ht_uB030syWBN55z03rDl4qf7V1FPDPqNAcuGq0b3FoOpx7Crl8pK46w0vsUpScewXYGaIoa3yhGoP3rfOVvz_LfsU2z14oFy6gneqVFEK_1M9bobqcgLtAt_xJMFrPV_yYbIey4anypvWwdLdJurOOvBONa0hl1CfWLrZrGYgepNdk8STv9PtKMpbyLoeZZXzHGZjknbBrlyqp\u0026GbKqQwED=4\u0026tgkAjhVH=5213999\u0026AbcOZuPB=\u0026jJGuaXDp=0:1,0\u0026KdcaxJfe=\u0026KkvEFqLe=\u0026oDGuBlhp=1280,1024,1,1280,1024,0 HTTP/1.1\r\nHost: cdn4ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\npopads-node: wb5\r\naccess-control-allow-origin: *\r\nasf: 9\r\npopads-ec: ASB\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-length: 44\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"d5f0a25e4d3522d56d48ce7bc3e518fb","sha1":"86794caff58f7fee6e684c2ba7195f970a8d6f4c","sha256":"9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5","sha512":"a3a81801f516a4eb11f00d6f56dab0ed4b8a79219e6b4f5436993479f09dae08f14cffbab3327ff66fb39201d8eba1153ae7114f7705a01cc6f0edf840ef1616","ssdeep":"","tlshash":"789002801814116115d1500b8d5159d01259b1a4540801324446ca502dc7883a415774","first_seen":"2023-03-07T01:17:45Z","last_seen":"2026-05-09T14:32:17.000906Z","times_seen":23814,"resource_available":true,"data":null}},"time_used":738,"timings":{"blocked":313,"dns":2,"connect":94,"send":0,"wait":112,"receive":0,"ssl":213},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/w4ytu75uJ1b0AgPd0wLm7iZMsWJ-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/w4ytu75uJ1b0AgPd0wLm7iZMsWJ-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12298\r\nserver: cloudflare\r\nlast-modified: Fri, 21 Nov 2025 21:36:10 GMT\r\npriority: u=4,i=?0\r\netag: \"6920db4a-300a\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qw5EEFFAvaPhIFP5gr1taatattKjTbT0pd%2FkCHeT%2BjVCAsdPdrcurRa7NBi%2BKxiPGWbTiX0h3baZxUTD7RRkulZjGCBoDr5O36TGgwe%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced1a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12298,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"11f546f5a9ecdc98a9cc3ee59380745f","sha1":"080e07f432a34749764221832df724c7e5bbcf10","sha256":"69e609e43febd668189a3529a254aacd2320e81c6a86c63cda486f017a7fbec3","sha512":"13f58246641523deb0ad22b135a5d0112fa10fea9ec52dd13b329f09fbe9e6f85f8b32498e217318bca3d0596d3b3457f1102a3b52b73531d87372931892f620","ssdeep":"192:M0jUrX8OSsAU4VMkde+E+EtNkfvG2QV9My/UIkEPtZ1JDEwgF1I:fGrSe4ykdeyEHkfvv+y+UIkELDEJF1I","tlshash":"6142af067fc0e2a7d0ce1cba474cb63af611aec9aa4dee86f5b5cc5054641e508f1b36","first_seen":"2025-11-22T22:44:58.752705Z","last_seen":"2025-11-22T22:44:58.752705Z","times_seen":1,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2018/04/220px-Thickasthievesposter-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2018/04/220px-Thickasthievesposter-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16290\r\nserver: cloudflare\r\nlast-modified: Sun, 27 Apr 2025 06:01:16 GMT\r\npriority: u=4,i=?0\r\netag: \"680dc82c-3fa2\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kZue9F0Cxi3i0NQB%2FSKponY%2BG0QvYD3Q1C8dGOS%2Fwqror7fgwZSd9aJpNOYbSXCbHq3xEo7973ZBx0%2BUp%2FJfAhwKqCY1XqnrELdNdYog\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced1d5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16290,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 185x278, components 3","md5":"0fddcb2aa4c33d78a89501d92b96c72b","sha1":"4a2eb549e7cf7c01d916b0af3db6f56c57c92a80","sha256":"e1079cbe62796c03948ae332fc8fc132e3ea3bed77621e5b57e0f6ae0b5f239e","sha512":"88d28fa81091f26339b9fade63bcadd8c7beb49e6152c8d092b71d9a0f7769ba4476226b40bb43eea70c939bad360feaeddbda2806cd20c6f46a9f7763db9e08","ssdeep":"384:T7I0GGbBikimNo0K8UqOegL9Uo5qcI6VJNsXGMsXsFj08x5EjHev:PGeikim2JqOJxUOqcI6VTsXGH8F4M5Ys","tlshash":"af72c02b626ab366d4be0df82f750b1fa5497318742e5983b032833629fd5ed0bd8121","first_seen":"2025-11-22T22:44:58.754319Z","last_seen":"2025-11-22T22:44:58.754319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6.adsco.re/","fqdn":"6.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.43.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:24 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\ncf-ray: 9a2bf386f85d7127-OSL\r\naccess-control-allow-origin: https://www.filmaon.bz\r\ncache-control: private, max-age=10\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 2592000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":19,"dns":4,"connect":1,"send":0,"wait":18,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/10/qu312pwM61NPTr7nexvovCClDNP-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/qu312pwM61NPTr7nexvovCClDNP-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7783\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Oct 2025 14:40:02 GMT\r\npriority: u=4,i=?0\r\netag: \"68f103c2-1e67\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9UWEmPcOhAqLLqJ2QITeRjphW3zvoibfelkm3xHV2qwtCNRwF9vsoMt3hP4L%2B7rOBVqsjPmjWfJaUk1JS%2FRaWD5gYMXFrR8fOUoU6tjQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3890e085fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7783,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 185x278, components 3","md5":"19ca5ebae17d6f1711956a45d7e64019","sha1":"76db43df74cabf1a3a1c03890b2f302a4a1517b1","sha256":"f9ecfcf46b09bd714af1cb905b9e9de6cb3139d9ca2fc51aada7e156bf61dba4","sha512":"e05e0886e854cdbaf6c0b9fa234069ba4256350f7a2d7f64f2397f165121009056a1ce56fce18dc480ac7f1d82eda2e2054f7c56c2a98e38be99899445286399","ssdeep":"192:M/7PK4uVE65V9RmhyJIjYXKHcuXVHoEOKRW+qHzomsB3UQt:quVl5VbOjYEPls9+qfK3U4","tlshash":"a9f19e4a0f000b1de1120dfaa353475976410127e8f2dd85ae76fa1e7c6a2ce9e68b86","first_seen":"2025-11-22T22:44:58.759655Z","last_seen":"2026-03-15T14:54:59.759266Z","times_seen":4,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Fcss%2Fstyle.css\u0026l=3609\u0026fd=531","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Fcss%2Fstyle.css\u0026l=3609\u0026fd=531 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:26 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":88,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"r8kybcupde14.l4.adsco.re/","fqdn":"r8kybcupde14.l4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"185.200.118.62","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.l4.adsco.re","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 09:14:30 GMT","end":"Wed, 11 Feb 2026 09:14:29 GMT"},"fingerprint":{"sha1":"44:4A:2D:C5:7F:AC:E8:4E:70:9B:91:5D:F6:AE:99:5F:66:18:51:46","sha256":"3B:1C:F2:20:1E:BC:6C:00:04:8F:3E:30:B9:AC:DE:26:B1:D4:73:CB:C2:6F:2F:F4:1C:E8:C4:A5:FD:38:8D:68"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: r8kybcupde14.l4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:24 GMT\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlast-modified: Fri, 02 Jun 2023 14:03:32 GMT\r\netag: \"6479f6b4-0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":113,"dns":38,"connect":25,"send":0,"wait":25,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w300/y8ZhhPDBWO9crJyocKx2Qh4XgGU.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w300/y8ZhhPDBWO9crJyocKx2Qh4XgGU.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8890\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Fri, 12 Sep 2025 23:18:29 GMT\r\ncdn-cachedat: 09/28/2025 03:29:40\r\nx-bo-server: LA-290\r\nx-downloadsize: 12791\r\nx-bo-origindownloadtime: 151\r\nx-bo-compressionratio: 30.5%\r\nx-bo-processingtime: 3\r\nx-bo-version: 1.0.26\r\ncdn-proxyver: 1.34\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 864\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a416d2979482928bd1a0b96d8fcc02bc\r\ncdn-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":8890,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x169, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"51b536adf595d91a08cd0eba0f2e528e","sha1":"d321d2f62195204d11ab026d974cc71d54539172","sha256":"07d09eae9f157c5cba4bbc836ba809cad1fd87c33e88bbf74f20a2af0c651c6c","sha512":"31fa2325210b77818010be8fd3c0e1115c1189472935a1168d59e44156b1c0fac204090a67feb61b2fd3fb507725230282b6f4f45fd00f54a1449206f132bd8d","ssdeep":"192:OdDrOdhkXJWliK3QgACz9sqOGGFJbfD4QVzOEwi1:OlO/kXUfvVz9HOpfD4CaEL1","tlshash":"e902cf28ddf118bdc7c59582afe4a27906e882a6da6944d0d24f77e5462d731f33e041","first_seen":"2025-11-22T22:44:58.761747Z","last_seen":"2025-11-22T22:44:58.761747Z","times_seen":1,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/10/vIgxUeQRtnspj0BLm3H7rawSqPK-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/vIgxUeQRtnspj0BLm3H7rawSqPK-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11346\r\nserver: cloudflare\r\nlast-modified: Tue, 07 Oct 2025 18:30:57 GMT\r\npriority: u=4,i=?0\r\netag: \"68e55c61-2c52\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EUK9CtZA1EV4H3Ztq8GK8xLFv5nCj90EShXosUQDCMa5IWKVGvYGANHeI6%2FxBcWpnPpFeZjxxOjcjf0hiM8In3MZYuPthXo3fhA5C1Hk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3891e0d5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11346,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"2c39d81f765c6a80370154a987744be7","sha1":"67efd380b143b7da4dc777f0fda691ceee92a934","sha256":"a002dc9a1884805e7e9da792ca541e6d0b70988555c5f1be8f48ce50b043cf64","sha512":"c4f2c43ba9788a6fc8f2c3a73942ce1c431da9e9ef378cde179e1152a8acc2e20cb7638fd7f9752adbb9700ee57dec3e5e4155ea97d1a717a29c89da5dd9ddf7","ssdeep":"192:MeTJCjUkC1uHWc2EuyAHmn+zm/w0X4qto+UxvnV/K976ch/r5SH+MdEfjF2TVO:5AjFC1yWHPGn+S/w+4xRV/I76qzIH+mm","tlshash":"43329f3387a1e629de121e382689d1c10d48f7797a861a8b1af6dc566d19ad100ffdcc","first_seen":"2025-11-22T22:44:58.764933Z","last_seen":"2026-03-15T14:54:59.80873Z","times_seen":4,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/cdn-cgi/challenge-platform/h/b/jsd/oneshot/13c98df4ef2d/0.3110097088282736:1763849483:dQwVvWr6Hpndl65mJlLyktoew0ry1RuwOo7rhIyTwWo/9a2bf3736b2eb28a","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/oneshot/13c98df4ef2d/0.3110097088282736:1763849483:dQwVvWr6Hpndl65mJlLyktoew0ry1RuwOo7rhIyTwWo/9a2bf3736b2eb28a HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12083\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12083,"data":"SWHGrz4UrKHr+AE4Q48oYGz3oCioJgJIIzU46lobX3VXDHoebhdEXK4jo+QHZkWWoCsIoOoI3IH4oaI4wEtGsKW0B5GbXFWiCPj8AZ1GwIoT4rqdG-Fxo4da7GhpPruiy4P741ZGzhoejfboEx0JzWGVB24HdM0sj37oYqvo4MiqGjDqFWGJo4Xj9uQoq2UCooqloFmMzoo0nGosAz7AoGo1jvUzO-WqIi7ob9vKZGhS4FyTci7AozvvDMHKorzlE-HAxS83jODU74gSGr246HoHjEfaaRJq7z9$X5Zy-D45sT$dG5ZyVy4qQ$48wq3kUVOt-7oz+pv4DG44C7QIT$o4zt84x70-67e60rgaD6aMX$V3aG34WYh47oWxzIo4wpCfEbzbyjJMXGok8YgqVOvli3gzHSDl7yOYiS80sXOFYaZg$l7o+uDsE+xqF9cJCvooqgh0d5SfZzjq0+dGWnOT+8w2G4ki9O3PP-66oZTaa-4jUyeAVnfsPJGksM9zuKM2IoOcwo3qbgOW2db0dB4-vW2omM7WlXGzUBqIlrKSGojkHbSRh1YjiY2+XHroxRpb8+6Od1ccR+6weQhfqbhn4BzKIw0XX+cQhwU1HvH$OIH6Z-Op2jv+9g-jTtf7URdFxRI8D26e8cyJJHVyb0-RmJyQJGiQ-jyucW-Pg+XVhiiFEIqo4VchbrpD4OCq+GjAoXP28oqbaJ1R+Xo+DGpr+1kmJsFP+bIeigzmY4RIOpAOrGZGAoWS4M4mCIaroQxUooH8GUzKZkToKAbF4vokfGazICIhCHf7FAWf3iok+FvC9bIgYIFHbZ+RGP4mfiFZbhzbrwRxujmeojbIdIAzXjJKoeSoGGC44OAClsfEdS+3OqDzqzzS4JXICizsIExyHml4FbhjiPYkIYPSFKrUzURGh4h4oIkviJ+mIUYWjW-qWZvg30oJAYUrEhW8Ab+mWApZiZOU68VEn-3-rGUYsoH4fXBzhmPAX2Y+nkbzeEQCivwbzGFwoknzvIziRHbkKDwqEJObdITbxhdIwO9BJbooFQq4JXrhzib4pfvWo+XFOooK3dXFIHCc1tkOW28xmD3S0Q$ber7Yg3vIT-vAbD+Y9004cBaeTl0$VM-9U+IaCW0+HOiwGCEmGYU4CZGCYwPo1Zai4bDdG8vz3xTUadFIovIWiQeWBCbALEwJbx0oKCan1bv2cGXbEhMUbEHKLbqzFdf7S4zGUTIXCHdmXoXvG-uHmi9EdEmOHmaTPEQ4nQ42eiZmI13POEtphb6y4PR3HQ3Chsor+k-barWCwe4mUWixmoWTm+XQIAU9fd4m4KdrwADFTopZaCHCG2aHD4OSr$ZUZiAodzUAoiPshlUzXwOW5fe4iuIffkMtk7JCI1mXymHDJXQ-Dgt7Ekq6ne4MiFFBWIGXFJ6F+mybtkwm81j2H912x$L1magKcoaOymay9ejkaHhQHhx2ZQau2iAaKC-dvFwci5UCVjGFjPYuSt7SaXzspc5mnzG8yoIpdrDeLMh5v$cLViLwrDwiguWAHi2e4x9RTH7UYHpCRi8ooKjG4oLWq2ueho3lGSoGCvAO0oV$mesKnp-oIfvEdIThcte1UpGrGbYFerIHQ43F4b-7b1l41XeqKCHomI$H3pbq4LnG4J9eq3tJHA7SJ9XQvhfKEVl7S4JMAGIDHv+-uTCJHUurHGB-aCGJdJvAF5AuGXZmr+FH3i2rz8GokcpasUoCqEaUrpK48AYZdJocgLuCMpOEbbEIJoZCpDoOWu3mG5AOqzAoweIFL3z8qbbv7Mv1oH4JCGS0SSmeXAXZoF9hDvi$FWzm3oSuBA97koHH3DvXrzopktfp$srZCZOHDqguAvzuiJccZ2J4QoXJbPMCw7uUru4HDWHQXd$q2d9mGHHCos4mrkRdw3a4QGPYhfdydXSlzYDpl2S+C3gTsHIHE+99XoeoCebzuuX0W6biuSqYAhIH-9w4o2JIdkE3Q5JJzRSCPXqIrbAodXt0W$GAH1uOqoI3Ce3i0n3lk+dwGIElxhpPsIA+fGQv1ZhjoRGV-FzSF8vbkDviAu$ZOqv1yoon4xnumKnpqFWeG2qemy7Q52SgW8Dj2A7oPRG9sgDpD9K6Z2K8GdpC1nJVhTF$pL-XnUKhBy5uHxCF8f+IF6sbC2oUpFARIu79CvyUp4odzKnzc96oE8a-8EWs7oOInrdYpkmk7wa8YmJAXxeMD29QvCxXpm8C1JOeeC-4kKgj6Aj7sIOYc$QYSG-qQudVoSD7TvomAVESPuUzdx$iHI6uF9vw9pf+3IQqEpYS4az$bI1PH44mnznD+3JrI6Ojet69XwdnEQq6lDJbmCUFs5ksgZq1rhsI4vw7B9m1UdSUpio+Ys4IDHbiAHqhgdSESfJZCJ7gCYECoOLxDoIDbzrKwnQ3Fb1MJKaDU+5fMz0-fszPSp9VxaIIHeZG$f6j$u1pGTdSExTOzMU34JB1-9eAbSxzTHsv4S9Fd4SouFmnyESTcD454Ae50-zR-KaqWeDSGXYf2$nAe4HoHx1JK1wB4Wg8uHfpTkDxq25x$ppHkeHegqoZD8Pw8+D4b-VxxOKf3Y2C9mdpTbYRC8jw5IqvmloWulmX4kD8HH84m2E3W$KaJ3oD4SkpfJhWPbT9$lsdkFSkZ-9nnWYFHiJoUl7R7EUXy62x1kAoKMbr84dKEBtq6zIGZtCeOielFHFqLz-ZZpKW7+EusGOXLUsojYvmp4vS+z0sJPrUToSq07xXfzeDmoby-WA0vmqjazn0lRUpiDkDWg2fCnYGJA9pJm2fOzuiGc7J8KcVAE5BUrTgPPMKcJRuHFHX1P9C0JO7d2fCOKsbWZjfS+cCzvrh9GDsA+nH+bnxkJTX-8e6qccK260ovpmipO4RGXSgz+rL-PI17QCeYJp6HDoUoiMtqbeE82rjvvsSzJkx7JjtBQEO6MdDP9HAraHXPvOaXboAJp$e$p9wIFuJij42yAvjALkml-i88K53XrGDWtD+KJzIR7oyF3zc5P8AFHGEKiY$+++96zeSSKUuhcjFo90BX0v+xF6AUMbCSc38T3qVxHoVk5E0PXzg5gz1Bc6-Gk9OzAnemlIdV3kfR1zrGqj+ZaYesbzghIFTLserAbjROnrlMfEW6H9x5D6jGQA6k7GlgGJip0nClu6-zog5OYRLybyxTqMCXhCpMmvu5MEFIoIa$of1cI8Kz1MOKpw6eTwoGdl-ZJ4JIyvPUsp53+tESR9ygHMYmRSpFjBPF2CqrOi1WQpXjeCLGmYRMQ$nUQJtpRYjme1E+qttjcqAAa89j+IYwG2J4q1kopwSOu94HdDqi4zEYdGTEsYpl74xkjUz21oxf$00rELTt6e-2R3CJ4r6vUPFoG7arLv28JYCIMXadyml$qRxXi+v9F52IrcSzBRxcr4AptlS+7Tta++ZoDo2EI4vC+cr4JJPztboDuZ855rmYmDtAt+SUo7YlWlRc5EoV3fuDq1ycy1J+HDq-QpFl7UwR8lQoRl71mK5lgIKAio$dLJscpaGJ2CZI6KVJAf+Iu+uJ4TKqyc$RycBq2IVYwboqIYGC+ccFx5VDu+lCIo-oroypT+7+sAtRLc3-wD++LalIldIqLdsdiSYIBELf7OxD7Kg58lGkKpBE8aVJ8S+Dl54Dzc1H3aJrwTLUXoSdzCeTL4+RD+IHg+ZKVE5d2z5cIySJv13+Z+MpRSif2A+5ZzISYlY+Bc2CG+lrnCxafAKFTUIWoB6+GaGVpcSR3SdK7WZpDZ2E2dVluchUIZ2+IqQ+Z47ix585LHHrInIsoeoq4DbbiItlAaWKHsZz7SME+lgfG+r1Jz0A-1mdnCIc0FjIp+pSJa5Tl5-T5z7KVo9UFbG1xomjsEBSVO+Do5fZ2C8zo6bHAO+VImHdvHZSWQ8DgJ8FllhKP1DEcT8KWitZ-SQD4bGq5dvHgUoBAUXlw-YCoe+roH3Smm3dmhT+GuHMWvoB4o+Agou+ZbP+7qboW35Ao+WVYU7WlaJFJ-YUokBf2Umccdka2J1Uoxubzlg5Dd+xucTd+t3ZVE0+eWnr3q0fGDQlfHL1C4ZHrEdheWG4v10Y+hncsO+bH8GabFTC4RG+mfvC4O4ERz7oDoHx1b+TCbZRd0xYucc1mJjd4RTEtJvI+gmXo6ySogH6BlhSYlACWtbW7ab5G15FoRcz0S1Emf1foFqRGq4qmIn-VRVJWhlSjJfd+KO5D5VR3C4SmZGDsR+yqAd9bjYZsJmsyI+xe7toH+IDgcXMnaAZbsLcoOPHVfQYtb+rJFnYmAnE+AI824K+XQQzGHaYVZGAkiPRuqXwWkk6TTLJu+IJVUAHHC$YvI6UXOxOI1MJ5TG-G5rDmBuYmCVOUuuI7x3p7jG$7$xD7xx4MTlI+ilZIykPuE3Uogy4IdU9ekY-LFoUm2dy+ECAoDkvcAb65cI8bWzSJ-t+ZR7v8DWt3aWDod2Hk5hFkxBJ2p5OowVlHx7qWnQzEs1q0KEj1Okwe-2AopBlA49HGchCeasp4bIwH8w19p9SkMGkllm2hyxCsHaK-EZI+Qvt++I5-IdwxFbjHLc1q5GDDIDUoQh0LTqdkDzTEyviHfQEGQqzG$wfQJksX$bT41vAJj5FuRz7gpvx1avwDl1DgCknWmzjBHJlBKQIwFcruCwIKAKTE7+QiD+YuRrd+n8Oqc6RXWmL7PJfRoRA+ORlooJ4V-K+MoHSmAHKetV+lzgFJl5SoBvRmlGqGnEB1UJoJL9FTI84oFSDGkfRqBvJf1GKfDWeRH7+rOo+VYaSv9sIBOWkiImXyfIhCO+Z0KgcIhI03bSEbLD46OdPUhbcG+IErzGFLa61CSYb93SabAHHQTt5pUot3+7TKo+TLCWvGOwzIZOK-lwZcO+g8OfqAA8D+zGDPbbx0I++75FIgroYHx6fJUoVIq7ToK5p5Ke$evIbYbXh7yE0HeqtdoGJ15Um3dU8RSg$JyELUqIAWPg8QclHpFCLH$779aYrChwOfc6ryTEG9CIH9b9Ig6U6fC+UwUmm1fB-o42BACHp9GsHYOexJZH6hk7qu4zja-pc3UC0bXDTHl-Dqhjb2JTRSTJb54DoH9JfGcJb1pSzcKIig92fJ0cr997upWl1XGpx3++S6pFcSbeQK8QlAayUw-zWDdDEgMmVjTLFndkAo4ACCW7UzM5osR+4ICH4HzCuhYIxQ9mpQwezbsQZOHdeh3T+7pzsqQHumX2OmwxHUyx+Zbf1RH7+GHGkEL5zXkkeGCmhcK-IO1mf5rXkrAAUUvQepwYosdCMCPYKDJOTfl7sQ3KWZdfUIt2GjTqLg5W0hQ8HYqIKgxgqrEmDjRdnCZhXd2Rl$J6o-qIWGqcq2TgW5bo+Mr5To+uTpggXqWGT2dhv4o+r05VO8TxAVfqkJEv+qhogmCkWIpjpvYYoQv75eIdzgcO8qMTqL+m5-1QHKAoHaUhklIBA7GIxZ15KCdp9JAHHHsd7S-WmzeevYqRHkgOBucGDOTySwBWzlTyIKvXwOy$yHKO+2gK8d6bDQubLKXKPVl$4JYJ$bYuaMHiU97+Exzg45ZOU+GRCMrO-l5oVWLDfp9GwGOyCiiw5d3xcYHYKkxg42yASVT+RARWggoMcb2VOWhWjOl7l7I+UsUw5V4Oe2aI7pfKD1I3Xj+czo0+Jb2oVbxuZKXkzW21O+X+n073TdYi7aeoEQjhTl4i8GHQdCcBa+WtDn+lDF6Ad+qwppPoEWQFZOdU8+vWGkk$yy4e8cCx+7l7aChXsgMCyC6CgxqjUAToRorocSEJQZzXviXv+kUqsTK1O5d92Cz7TKx1cXLz9EM1HQSOSY+MdMSiOOSoLXE2txX+BX0ivGd7-oKGUj5XcTEWVcFWsq$zWKLcUwZC-9IHSIjhAmhwUIna-TUIvCiiGEst-j1DSEj7825VrOyh-GLGgGAQFELgOoyKFoX+D9coD$tCaO5JhgDfOD9U$483pn-T7fcUu1CoWaXa0JSJIImw2Bbkvos5qzVb$g8yDtCwldx7U9mpV3abB+KC1mh8H4QijnSVOTgx95bgtGqQeGrX0J7xjzjCkw$YphPJ8OVRlv5R5DAG82m7XChfqkWuSrfvwG5yx07x+d$d2R4z2q2BOO7trAsq2-C4BmIbk+O3bQTDXccGJlKqA1Uo2-rsz75CnCtuXwhwX9Cs-Js4exSg3TaWlDhowudxUxrKCSFBf+afrfJU8DKEPA4VKCfu1ubLaLSCjOoDo9fm1mAogKw7UzTd0jbdVbt3lMf7IgBjZ5Y$BAEHLcakhbtQRCkdwUmJYtSVReirdDdIexV6hEm7JE7vBxtGaWbjSx4E9X9vm$B0XIaSMoVJ1ABBpifmAOEKm5o6-gs94odFns1vVIX7zIaj+ZAeWmplz02jaS1MKqJ2pjUza4ez1q0o1JY-0480GRriM6MmaTC0tdv62AQgV3cTmGHcr6q3CSXTdHqIqJT+J2PSC9hJaaW62C5VUqDzpu8oc$L$hpI4mafrqAO0WZZ0mGDHbG+2LVaaM43JzC64LDtghT1CQ6$YJwithOWkupBAdwtGRT1MJvI-R3ioplfppslOswo0G6eSw1R8dSc7215kiJJS76KrnoEYbEMbvSKmcaVSaSoGzrVhaaWOFH+FBoV3be3dmWsjK2xZCX3-KTZUutx3DuTtZ7oL5fqSFhy3OFxoCgxQYony5t20-tUowxV+epq2iD1FxD8g3TGbrjJSbGr32tkxJm0tkFjsTQ0d0w0MKgdQBlK6eBO0fwl$E+lldkZ0nwsf9RT-E2JU2T2uvGlvG$dy0xLP5eY307HGYYW-e8xTL9+X05K88-e+p4QhxMAMU9M0LZRrPYZJB9n+GKVof6kS16Xx$WZcH$RBzfiuyLCx3TdR921pwLCx-2EmKCoE8QG+E3+PweHQtAEgis4vVbBJPse2SoO1rroD3L4LAtby0vbvG2kvQBdUwGpOi2Uj4sk9cHMC+LzO+uJmvMsq2pvIdinIcF8sSi1biRx6go3IYspamyHpd8PnM-PSbhvTqTDauaP--8JReZepGPrGsVcbwsBia4M2mekj2jRfUJVbgO4IRcpZu1ey8+J-nlFIpOnxWpweA+IJbv5PQ8ZQ0nsxiSD1lGwfYd2gKFXTh6eOgMPg8neUyfEyK38teoIBcSoD1FyXQWVjhXY6T+YsPtHHqbTf9qVytYrSSYZEjT6etegZ+jHa-bcGD1-JfpSrG+KPZsnmls3JqqWi+feTTPTXjG+lYSqqDiui2g++CgZZwIMmfuokPawRB3$PlDoRyEXU$-LVZlva6sFoAgRDw3xPq3G6MD-DjOSDrDSjfhVOr2wGa0xEMC0HjleBscM2XHl27gYfx5Zfu5S5zo$FW8v7+M+lqM76IXxLRQ2JyBLgEC3O7+6rlg28GDOfhcxSDgTHvCuwhJa07CWzcnMVjsTB+IArVbu5wcJUx3s0bGD$k2d+GIHHrQXryydT2+yi+LbRm6hf-ooHSsxY44M9EjvwxDWmrweIE7w$iJoSwTAIIboy9hzcolMGkyo-Vb9oV3S1zQJ14RHr6D1sQ8J8y4OGrbFW9PZgzemIEGJKOzP4w2yohGTefx0S4mryojmBnoGjWZ7TFyUo$IJHq0sIo8bJooJTGceod4sFdISEcv42F+b$PPmytO7x7SXsyo8H71a7qgJMYSTi4gUdizIZj9dFaHUoU4uffmbU39GR3aJnIEw4wFmeMoUqlDiIra-Fbto2jxfikCuGM4rGGWbbC04pzidnG2$HxoUZarj4g7UqYPC0oh7eHvgJ+4bql9ar7iOADz4GlTWTmGqXIiHcAzif$WXiV2+KDWAJAf4Xi1LRqBLVKfv7G4i2J+OtCSDTzhGJQa7CG49b3zXkQImKDlgfo3zwXSFFW9E3KAHF29zoF9k6cKZxrV2kWf$eh-2bH4$OdeTdx7Juo3rxiaop+cMvhADG54U3-7+bqf4kIlJXIwbmWlL4yWriF70oYkYgoLiQoqgOvSUZvFpIqUL4KWEtzKfVr2U6omBmhDHgTUFmL44qGsgbG5rnhY7V-Chgu4lzBiaILGebbKMPEVUoHyWRhYCscTZ4$elAi4cdGbke7eIU4oPQ43MzK+OUKHT4IXsp3RHe7Ab-UiDbVz69j2+94vuzrc4HGX$1mZoorfh4bkMbDElbvAGpkmJ8tCWphqY3-IkavGJWRrb7fPrmEf0lvStrqGpkWFHabofXYg4GvYHmTFxbCFd3JG8H9m9fewo0CGhxijo+6PUA+Z1IrFzGwWdqiuCaoyFjHV7RKSPAKsAoOudedWYIzQ7dGeODGaXqgx8mBF6m3m12OWiGWo3SsKHdCDG7qtI3CBJ+bhGn4fIe7KeaEF+YgzI7MJFLC+4IbGs3zUisgoc4udwCare$TMfQDEo2rRmIFuG$KZ1oKAis8iieYHxwq1J0vzoBgRXf8I3AJGe3goCp4Gb8bwsJ92+3k1EoZA27E3HWxEbpoUnxD+mWI0pZMsnAC3ugJ7Cm5X7kT74o3+eHzbeEsA7+z3d7IY9QO0oSSfmLd4iGDZAxJGf3Ld471yp2rgHe7Fkdsv-ABAvoaQe7D1qLf61BPF3IddcP$SYAyoLHBuJQHvu6rsow7zGOoAIu74tsS+o31wStg+W0zKoZi5DER48vODsXBWbIzIZO8q+ED2drza6Cw85TzD0oJvZ7ZHeGoa9lu-iYWumuztUG$lFGP8ZJfYodzruDWuzwTKGk59ZxzkEBdf2nFOGaxoXnojLrCe-H+5rGrX81+3udDAwIjzujwgX4b910+u4RojnPIz$1COKD-JIoCslhzo3L4ErLDOHXDC-JvEZZHxm3OHSGOzfIoo4JII1WYuiFqY7iXFUCIC9SiJERaUA$TiGmzIFRRLOqebTl1C+bvs$bToBHHDECICfA44IlM0pzPMyoRUwMHhR7HqrwAlwz4+jYovJwV-LHIMJlEHEEo3SXdJdevzVvlGoukx3dXICuFafzrMUxXDq54H8JOrYDAIBHAdqAJoUxIU6ILH3u3Ay4eb7yKWDEviglsCUnmVp4MCtAJGExpM-XIsjKjcolenm9fODARAP4OpDdK5PUCu7+4m+nmxEcewQw+hQdyebdRUogrhotg0DJ+qEzpof-b3yKDvTEb6izv1xnmwvrGlzAtsTGQ+xEoDr+Jsti3q+VcDnCvFIgGTf+QFltEbvatGTXE7gqkrFjXiuI3b5+1IOgvqILQ8ooGZWZO79A+FQdnLo3z8ZVkzFaICIYJlWeEs5onH7jlJY6Cd4ddtH+mYzo2z$HSG$X39OVu64DdbHh+8QZ3rKoDPR+04ItDYEUWW3jOGjOpIBwujI7YquwTKCfqUvnI$HgXRx93zI4EIpH0olvrFC0Cw8mW3IAHr-E$WGo$HZkfxb7rkys6YT9eO89gdSj0gRUZUfoY7bV1vRMTmb1HnnSoiSTyz5bbvCFArwJrOUpbnQ5+zZvFgPmTIFBwMSRu4gqofbpQFZYCGTxrTp+nIowE8uRJma4UsSoTApqp8zynPJYvclbzK357AGJpRSIYjGFYE9ULOH1O67LSK40v45ZVlWvnHJaikGGlTXPeboC+uoIQ-uuYzHzlJ5bpadhvWA48TyLdIQ58IVjfUVUHhgQ58fR8nx8JZEYadPe1wi+GyVGYUBlESwcgAog7zpdGABwpIIEmUx$pODBevtv+Ah8$ccYWil86yukLhE$dSuv4s+Hzm9rgvre$geyZks0zyJG-+E4UikXGTVSduhIm$8UxoAA4mqpgZxwmeTDDfxgrgwaRpSgArzKguiOG1pDWvZ7IoB6rTRhjLOBFr2$fUAj3-4KZE1eMyvA324Bo70$8DsrTnXiol6oWqi8fQ$wri+1EovWTwAMJbop5E7-IfkJdvgQTFbfv6W$HdEKmzIZRjEvIAzBbGS5EPjKqmaoz94++9biLvrAOvLQTGPEce7L3OUYFT+BBjOqMOuvg0KZSRxuDYALzCVABE6GOYRAFH8kcLShoE8$oLb6FRLDhzFq2FkIRtwZbSwcIakjXlFJ5grwxqCgl+uDKSf77EbKAXU5DI9v1uzqG9$JrD5Gxmg-yVJ0JPFFdk$GJ7AySJeoBeedcJYBhwSbxpmeZudg5hv9SDc3zAGe44x5b5xRX9CpuzguGznxpCeKct84yDoTDT1SbrwoJoeeKJD1ERudxSufv4QFQDbclTx0ikvWFG4v-hFRU9o5diHo0pl8EwKz$y+5QppsE$HloOIOtqrwcYCmWzvIZQH6yKqQmxXxoF+9vD0SeAzoSclej377yvAqeXOFk4i-Ahjodqsqj3oQz18YTqUH8OMVy+SHqTIUMAK-dLAC3D4onouTECCueYZ42zPgxFvCG3YDG4gxQfPljJ6+yifq2OOkn+foUQ-+bru-EZovIF8HBqW2puCQZhFCTmIFucerSuJnbuYg0wJWPk-PJT-g99Zw6E-ccok9Hf5q5-iud788H6X9TOqquzhocXdI0qT+m$MI6jxtE$-R+bPpF4pTMHwQukAucdzrTb9WQd99ZepgxIak2QfjO6-C8ru+hsOTg0twagD-dKVQFGZtekoI6K9kO-XZeqFntiJKG5kYZSgTnioIhJSJjDruD9H6Z9nOcoCrdJ9KyHKw05dmr-ygvy4SJPFcDxi-g26SUx3Rpm8IRqw6-bJPaVE9-A9D-lUQ4zwEpdd9l-ZgcacpBrc0niuE$oiqOkI9jDsARKxadGmu-n8GWjq8AcpBVe93g002MaFIblufnP6XV1Pcp95ennO-fhP3JC95uaYM6HBR$Fq95u5g16lh7zab9VYwYO-Izm7D9EypGq4-GqnUvC0GcG1pJhzmr+GmH+J9dAG20PFGxrc+YT3b9B4JCn7p6nO-DzsY0I0MDdq$gBdQi5IBI6CowAK5ZrJoE7VkYbSOCswS7k7Qhqi+fCuikcEyczYFAu+s6FH9prD9TA2TJsF20dcpIY6-CPdaenmXan6AyACuFWPk--Y7Suv2tF20zdJ7P69wg3J$nn-91V6wwQ3FQmu-9KM6Fw83JQneX$q6SLvsJzCxiq$qASmJ0fTbZvcFqxSWJ0DI2B6+nq26QJs0cVeoXan5S$J1r+Ax2dsq6w3CWx-EnbVJKAumb58JCBGyPYlmHpsjZA0KpDKWPEphTcE9zXx1QSZ9vT+Em1Yi14x52VYfX0g6HovPJpBU+kxr-KnPiqAbGr0O04v4i-SItnKSYP-lH9AVQFfb3CG6yovozJo1Isvb6AGQGJH2WD8wbDmI2WkHaDK20mfk4l2CeaB0uHmog4x$vMU7a-YPGLySHomQG5erWitPSxjwM3ER0Te$oc-mIE7fIO04C7U28eaeq7rqfk4Hoooav$VLGLPtEw+HdrWssJ5okHRp-0VxrzorIf+faHFrmJ7iKbFbcdDpGHr6T+IqOyiS4A64d-nToooiJ4FiMI37b$YzAO6UoKgtHE8kmIzi5iKi7G+ICkrKz4rzHXdeFqfnxVz4wR0oldZerozW2ooAoH4Moo4qRjdwlJHPfRIyoDobaZTX$gXoyTcdAfBWzvoBPlOBj580uQHrQo0OmWYsm1zh2ooVYs0uXj3sRqIEV1smxvI4CGrHYeY80AQWM-XTXZGAt9i4GoC7Z0sV1sn7FOoKHqIYM11BP6+I24py+GojrXJ2ijRxXzz1oZJwh4pEo6cdEGoozXt7Y71f90dmo1uu+TldGrf644koMbfld2i8Q64RI$kxgDoz+vcF8mdWlLbwCCwpR$4qHaeDUjZ7myObdWcvA0YeGKxRICHTdzjkLojidyi8zWxOpvbZEAoM9wRfyQp7CxRIjOYMK7bhzE30tOj569ulx4L1L7oO0obrBgoEFIRdWOKmdoHrXiKGC$jGHRBnzSoVRdHSV14r6zW2mIdHJoAgzyzIoWHBHI6-opvmsn0T1XTilJuvsPWx7OA+UnsjxrBq9bx$3qzGzI4IAUt0odJdkHhifGXra9PgSoR6zhG2iWeSVYkwAb642Ioo+v1X5Wx7eQBVOrra6sRlPlQV55BklXG2BPBH+2omZeF6oooBeoo"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:24 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 9a2bf3850afd5fac-OSL\r\ncf-chl-out-s: BKF6zbOq8i9DZ7RgeATTxQ==$owu2h6tD6HbCZgwkPBDxtw==\r\nset-cookie: cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=filmaon.bz; Expires=Sun, 22 Nov 2026 22:44:24 GMT\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4V88jpbx2segmUOiog4EgOmyVAB2pt0CsZRRCgpSusONwwIggYrcPJ8TsdwGNEv5vbJZOG2An9nF0yOE%2FsF5KY4%2FFhb3Mszaz6G9tg4fEYrwbiYUOY81rI6mXiR7bmxgoQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1566\u0026min_rtt=815\u0026rtt_var=543\u0026sent=492\u0026recv=90\u0026lost=0\u0026retrans=0\u0026sent_bytes=517918\u0026recv_bytes=30695\u0026delivery_rate=65008275\u0026cwnd=204000\u0026unsent_bytes=0\u0026cid=97064d1719fccf27\u0026ts=2512\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/5KmLPZkOLKNgdFxBsQUwlc8RBBD-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/5KmLPZkOLKNgdFxBsQUwlc8RBBD-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12478\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:28 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca10-30be\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fOlbcFWYnlmLZcNK7bYojiawqTyFXggIoNo5YrAXKaaddr4JjfBaX1aH46jZDYCnUVur08DqZe7qum9RdPFd3WtsjhYf5gu9tCdQK2W9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3890e055fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12478,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"119a765c78834d4a628c5ffa24014551","sha1":"868ec0b80d4b546c5d473e2c15fac73c078665c6","sha256":"55c96e924d42e46c0a10f12d608ee4a08ee0fa2d1884394afe1f69c4b00bdf8b","sha512":"333eb0b904257ad326344c7b501deede4c4e57bab0d1de2e41aa893460dfc7d8bb18b09a4f349b96c7428d563c61c436598856fc2f0f37c9124a883f515f3fce","ssdeep":"192:MiBfExVWIwkPsAa8RsJlnvDOZayh93R5gHiBMfBHnQ97oACAbFbLi8yMSNR6U:HETwkUAtavCZZHRvEH4kz+xSN8U","tlshash":"e942c04b0b95a9fffb576d7069945b6fa2e17a04aa202023747ddee214fe3cc0480b51","first_seen":"2025-11-22T22:44:58.767172Z","last_seen":"2026-03-15T14:54:59.761297Z","times_seen":4,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RSPW8cVRR946QiBSJEUCENiCKIeDOzM_tFkCJMCETkiyQoRRre16wfOztveG8-1ltZWEIp1x0givFZOxYmQlAihIjWNMgSkpfKRUzBH0ACUaO1V7K4xb3n6rzinPPuZxv5IQmQ04PbN_RQxTG92Kh57vn7KhG6tO7Ne67v1bxL7n2VNMNL7mDWTPGGH4Q17zX3Xcl7-mLd8z3P93z3qjIy0oOLRyxU-rjj1zpeLazX_EaIgfn_bnMHljoQxSE5CyWmz_4ZPYDiEyT9765I28t0euGdfh7TTBsUYvvDpJfoMkH_BEbGQZRsz19D2ykhny9AJ9tzB9DF5swBmJqShReegiXbc5lgxdaxUhZDJmDiDMpiAhlPoOgEXK9BiX0CcIGbt5D0H93UpqQrxyydsVNy-t-_ocopOf30HJL-t0uxGrh3dZxnSicWg6iCGkyguhOk-S6yoQNV7oJnn0KJ34j34hkk_Z33dKF6biFND0ocvMo6UbvjtzuLrNn2F8N6PVxsB0wsCsobQdQSrToLjoJS0QTULiC3DnLlII8c5KmDvjhwQ68dcp8GzagjeMsLaRgKybxOu-55tMNbyPnMwQhZOgKPR-BmFalZRU-t7zfOwuRPYJcrWLEAm02J88EqClGhlASlJSgpQakIyoygLKotEdu6rR6J2ObMn8_6fAbVWGfdDbqls65MCKgZwYhqU6Wf2DXw7NR4GFkx1rNGWVaNKRPVRnpInptl7Gw-WEdPHrhe6LdbjYDyToPTsB75ohHJJquzZrsj_UjCqgrKLoBaB0M1JTfu_ohU7V_IwegubLwLrhzQ_CXQsgJdrjBMdiIV96lOamwIoSuk2WlkK85GfEieH9-5t_Tk6Js_uvIyJN8j8wI3FVJT4WP1C0E3fji-o0uyeUeXlnx_K81UXw3p7ATuZjSTzs77cqXURly7Ykdfv8VnxAw-vidtdp0mQiVdS75ZUkJIc1UbLslP1-x9yW7ndnkpN0meXr_99tVr_dRIa5VOJqBqSp756nVwNSXnzl8-Ou_GP3-Ap6uw6d7lH76Y1ZewmoClDmJFEMsT_ZRVsHLv57_mOzvBG_YhusYBzdaQ9CsUpkIRV6DxCDY_Nc5Ss3f59-CowGJnzGLjbLLYxOvHOVl14EaBrHPPa7eaftCOpB-EgkeNdtgRTeoFgURmp-qVN3_9LwAA__8H1mi8gQQAAA==","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSPW8cVRR946QiBSJEUCENiCKIeDOzM_tFkCJMCETkiyQoRRre16wfOztveG8-1ltZWEIp1x0givFZOxYmQlAihIjWNMgSkpfKRUzBH0ACUaO1V7K4xb3n6rzinPPuZxv5IQmQ04PbN_RQxTG92Kh57vn7KhG6tO7Ne67v1bxL7n2VNMNL7mDWTPGGH4Q17zX3Xcl7-mLd8z3P93z3qjIy0oOLRyxU-rjj1zpeLazX_EaIgfn_bnMHljoQxSE5CyWmz_4ZPYDiEyT9765I28t0euGdfh7TTBsUYvvDpJfoMkH_BEbGQZRsz19D2ykhny9AJ9tzB9DF5swBmJqShReegiXbc5lgxdaxUhZDJmDiDMpiAhlPoOgEXK9BiX0CcIGbt5D0H93UpqQrxyydsVNy-t-_ocopOf30HJL-t0uxGrh3dZxnSicWg6iCGkyguhOk-S6yoQNV7oJnn0KJ34j34hkk_Z33dKF6biFND0ocvMo6UbvjtzuLrNn2F8N6PVxsB0wsCsobQdQSrToLjoJS0QTULiC3DnLlII8c5KmDvjhwQ68dcp8GzagjeMsLaRgKybxOu-55tMNbyPnMwQhZOgKPR-BmFalZRU-t7zfOwuRPYJcrWLEAm02J88EqClGhlASlJSgpQakIyoygLKotEdu6rR6J2ObMn8_6fAbVWGfdDbqls65MCKgZwYhqU6Wf2DXw7NR4GFkx1rNGWVaNKRPVRnpInptl7Gw-WEdPHrhe6LdbjYDyToPTsB75ohHJJquzZrsj_UjCqgrKLoBaB0M1JTfu_ohU7V_IwegubLwLrhzQ_CXQsgJdrjBMdiIV96lOamwIoSuk2WlkK85GfEieH9-5t_Tk6Js_uvIyJN8j8wI3FVJT4WP1C0E3fji-o0uyeUeXlnx_K81UXw3p7ATuZjSTzs77cqXURly7Ykdfv8VnxAw-vidtdp0mQiVdS75ZUkJIc1UbLslP1-x9yW7ndnkpN0meXr_99tVr_dRIa5VOJqBqSp756nVwNSXnzl8-Ou_GP3-Ap6uw6d7lH76Y1ZewmoClDmJFEMsT_ZRVsHLv57_mOzvBG_YhusYBzdaQ9CsUpkIRV6DxCDY_Nc5Ss3f59-CowGJnzGLjbLLYxOvHOVl14EaBrHPPa7eaftCOpB-EgkeNdtgRTeoFgURmp-qVN3_9LwAA__8H1mi8gQQAAA== HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:26 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+d0a005bac1839f73f7cb0d94e30360d1=6308897; expires=Sun, 23 Nov 2025 22:44:26 GMT; path=/; secure; SameSite=None\niprc_l:6308897=1; expires=Sun, 23 Nov 2025 22:44:26 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e631d0f2070d7fadc687fa3ba022d5aa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/x5EUEv1N9g4BCX9GQXKvv3nqMVo.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:39.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/x5EUEv1N9g4BCX9GQXKvv3nqMVo.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:39 GMT\r\ncontent-type: image/webp\r\ncontent-length: 40258\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Wed, 02 Apr 2025 05:12:02 GMT\r\nperma-cache: MISS\r\nx-bo-server: LA-296\r\nx-downloadsize: 64908\r\nx-bo-origindownloadtime: 279\r\nx-bo-compressionratio: 37.98%\r\nx-bo-processingtime: 38\r\nx-bo-version: 1.0.26\r\ncdn-proxyver: 1.22\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 04/02/2025 05:11:44\r\ncdn-edgestorageid: 722\r\ncdn-requestid: 4e6a1d00f418cd6e91171b8f9d94ff00\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":40258,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e0eafc5154d2276408508f3df1a70a2b","sha1":"dd03a1a918156c42f63d3138d22f9b1c77417143","sha256":"107951b353296dce81fa58c87b094c3850d81dcdb813b70ffa19118f959687f6","sha512":"b80e764aae92e9316f375814a412be557bee404bd9427a8e5bc43b9043fc2e7464c5b14cf9f6cd3e30ec43147eed477c75947f73fa3997d612c47f01c00c5462","ssdeep":"768:FfHlErFV1HL7Le1NcB8zWBaHW15tITtd3QaIwdg1688IkxoDDmd5igWt5DcgDA+R:FfmRV1aUB8zWQHW152b3Z/Q6889ouWLT","tlshash":"350301d5e018018991ff930c3734d419b1b79a1a52b91e2f431d76819bbde78c8ab0ea","first_seen":"2025-11-22T22:44:58.769214Z","last_seen":"2025-11-22T22:44:58.769214Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/2c/93/0c/2c930c8e830e5f1ce7932b5ad082e873.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /2c/93/0c/2c930c8e830e5f1ce7932b5ad082e873.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39862\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: acbf3b4c07000fcbd1a0f2464bacfb94\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111854,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3849f8a816e8c47540c0a370c938834c","sha1":"b712c9f882680d331fdfe1c6012b42777c14743e","sha256":"b5cb12134df98029ab9649433df108f6e5a9bfb7669f6de44aa92f595fdfd858","sha512":"8c621e10bdf2299b306565319822dffacfc03d1c0e4850f39d4d7c1b256695c3480d84f691b9849c620bbd3622f73407a555414b5ad317f9499e333affb79231","ssdeep":"1536:/l64PpZE7gSqZXqJNplkBiBXFxYgm0M/J49rClQuIwy9Lj6qdEIGZi0hj6mgSdZu:o6YXLaJ4sQusEIGY6ciJnQ","tlshash":"41b3ea4cbb50f0ad41a67077623fd90bf0690d90109cd968e5c7f8f86e5872be63da68","first_seen":"2025-11-22T22:44:58.771447Z","last_seen":"2025-11-22T22:44:58.771447Z","times_seen":1,"resource_available":true,"data":null}},"time_used":841,"timings":{"blocked":316,"dns":26,"connect":102,"send":0,"wait":102,"receive":99,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.1652981340230.js?key=f7a00868c94990fc6417d7abcbb3f85f\u0026kw=%5B%22filmaon%22%2C%22bz%22%2C%22filma%22%2C%22me%22%2C%22titra%22%2C%22shqip%22%2C%22hd%22%5D\u0026refer=https%3A%2F%2Fwww.filmaon.bz%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /watch.1652981340230.js?key=f7a00868c94990fc6417d7abcbb3f85f\u0026kw=%5B%22filmaon%22%2C%22bz%22%2C%22filma%22%2C%22me%22%2C%22titra%22%2C%22shqip%22%2C%22hd%22%5D\u0026refer=https%3A%2F%2Fwww.filmaon.bz%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:23 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://www.filmaon.bz\r\naccess-control-allow-credentials: true\r\nlocation: https://skinnycrawlinglax.com/watch.1652981340230.js?dev=e\u0026key=f7a00868c94990fc6417d7abcbb3f85f\u0026kw=%5B%22filmaon%22%2C%22bz%22%2C%22filma%22%2C%22me%22%2C%22titra%22%2C%22shqip%22%2C%22hd%22%5D\u0026pst=1763851523\u0026rb=\u0026refer=https%3A%2F%2Fwww.filmaon.bz%2F\u0026res=14.3095\u0026rmtc=t\u0026shu=d69c4eb05aec771589f4eb9868e63047dd6cc1d121dd8e6fc1524abf33a6811dcfdbd2fc748a44739dd150d20db2e080172a82ce6130baa0569c4a678d79d84df134bd4ee287f7e4e6ed1e50493874e74bddf444a1ff188b22ab4a\u0026tz=0\u0026uuid=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzAxOTc1OCwiayI6ImY3YTAwODY4Yzk0OTkwZmM2NDE3ZDdhYmNiYjNmODVmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MDY3NzA3LCJwaWQiOjExMzgxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InBybnN5NzJ5ajQiLCJjcGtzIjp7IjI4IjoiMmM5MzBjOGU4MzBlNWYxY2U3OTMyYjVhZDA4MmU4NzMiLCIyOSI6IjA0MTg3NTNhYzk1Y2E0MmYxZDVmZTZiMmI2ODllMWZlIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuZmlsbWFvbi5iei8iLCJhciI6W119fQ.GGShGirQHo36h5EZ6F5ndaunKpPAT9-t6DYEUQroQTs; expires=Sat, 22 Nov 2025 22:45:23 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 41796195455163cbd4455f329f33e440\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4578,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/10/3O2UgEszp1CVbL8p9XnKkFDkbk3-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/3O2UgEszp1CVbL8p9XnKkFDkbk3-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13697\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Oct 2025 20:24:46 GMT\r\npriority: u=4,i=?0\r\netag: \"68e96b8e-3581\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xv9vUIS95L7bftKOi5sMO16mFvaWw77UXWiMeC9%2F8nXLagAoT%2Fa7Ti%2BabXNGeBZ5ytvRMQNIiSeFiFw6BuOIF7030qwd534wF7d%2BDwvB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3891e0b5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13697,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"43b53c1eefa2df20919d4a3002b1003d","sha1":"19dcebb83dcd254a0c90642ef76dc4bd2a19d3e2","sha256":"5c2aac5414e8387888bda59fb57de43229817d9c82553ec179b5fdd39a963d13","sha512":"1c7517bde44163b71b283bd095563c85c9ca831b77f51331564b49753c10c7e0fca64102dce100b4b1a60c0e0c94e4af6b06cde59d42828b24f2758ef15c0544","ssdeep":"192:MFi6kfko5SNLzXX7xlD/OAQVFMw24MvW9tn7yUy98HGshsZsS3QZFnMkMPRVYLii:F6Poc9Xrxh/WyjWj7Vy98myrSuMkMGp","tlshash":"c652c0f6f3615863dc7a1e7c18057a22a25a3c7de962034f7a73fc885ce64e52b1e005","first_seen":"2025-11-22T22:44:58.776191Z","last_seen":"2026-03-15T14:54:59.803955Z","times_seen":4,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 23e69a811be86ab4a6b9eea16f6f6b12\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-09T15:13:20.105431Z","times_seen":15701,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":62,"dns":2,"connect":17,"send":0,"wait":22,"receive":20,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"r8kybcupde14.n4.adsco.re/","fqdn":"r8kybcupde14.n4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.778Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: r8kybcupde14.n4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":0,"dns":132,"connect":87,"send":0,"wait":0,"receive":0,"ssl":-1},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gqm48Hvj2oVoGpTw%2FYYnL3t8VC5lx4waqew7KuCiKxRikpCrhyvRwTL12MW3%2BOL7rYQB%2FDxYoQyoQO%2BxkHFqQi3M4FJ8jLFrJr2qbmLk\"}]}\r\nage: 289967\r\ncf-cache-status: HIT\r\netag: W/\"65aa8673-51b\"\r\ncontent-encoding: br\r\ncf-ray: 9a2bf38e199256ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1307,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8f75dbd8b8345c77d95b826d539be084","sha1":"2dd9a9b47f672e71becaa2577dce88dd2fee255a","sha256":"22ad934b6706859dd3a14c9643e32ab3e67c820bd89f98eedc87636aeca04e3b","sha512":"00843a2f884f853c20f7204d1a54e3c70a0198703b4c6f6e1d216c1c4fd0f9c4cda6a78e24f2734f983f62b4d97e75ba51a572fa61da1b4a323eec8164364892","ssdeep":"","tlshash":"5821e8cc458f223ef724ff71897315606ba523f6bb09c5bcb199a8117e1cb910c48e14","first_seen":"2025-07-05T01:22:16.633507Z","last_seen":"2025-11-28T09:42:04.47313Z","times_seen":128,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5 HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Thu, 17 Jul 2025 10:28:21 GMT\r\npriority: u=3,i=?0\r\netag: \"6878d045-12b2\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dKoqTMxXnadOLwCO23dAGcCuusu8sAaZMZ9YgZdmRpkVYQ4V0RV%2BVuBx4Cg8ItSZfbm0ua%2FYEDfWdTSOANxIcxgf%2F88h1sMOdqO5uRwU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3768ff05fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4786,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4784), with CRLF line terminators","md5":"2731772e163f205b1c9e24a5c6c7b470","sha1":"81bdbbc6fcb56e622ddfd6a6d28e72493e3f2329","sha256":"55974bc676581db39c8e596c87ebd046b4439fdb6c381e4270b43f6065393623","sha512":"4622fa5cf1c9120c4bb5439ac1f8b97ba81df1ae3b2a0093ae9f00e6a13e223e535ead27cf999d7621d8c3ea057591c9f379dab920e38877fd6caf338ddb6787","ssdeep":"48:gqhZsZGRO2NQ5XM9gMy5U8aG0vxBOCOo7JMcvTNqfQNuJoH+p58DPJEpE751KhZD:gUTn8aGExBULEen851FEBE7NPbWqi/","tlshash":"2aa1542b3222b0dd10bf2371752fa45416276d59da05498ab8b8c8da0d3fcc621a7f3f","first_seen":"2023-03-07T01:03:55Z","last_seen":"2026-05-08T04:13:16.133709Z","times_seen":1727,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 18 Nov 2025 23:52:35 GMT\r\nexpires: Wed, 18 Nov 2026 23:52:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nage: 341507\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-09T15:22:38.78062Z","times_seen":805665,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":133,"dns":0,"connect":16,"send":0,"wait":15,"receive":10,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/c7JGfFgMnNuyF2Q4FSu7Kgip3mK-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/c7JGfFgMnNuyF2Q4FSu7Kgip3mK-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2444\r\nserver: cloudflare\r\nlast-modified: Sun, 24 Aug 2025 21:09:34 GMT\r\npriority: u=4,i=?0\r\netag: \"68ab7f8e-98c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tfRb02v2Pf3H4fw4lKWwPXHMcQp15O%2BV5SLxuOdwdTKDdU0dTQkdGEpn1Sh%2BJmw9OtbUssEHBuSFAwXFr9I6M%2F9vnCP%2BD%2BCThAP7rcNs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bfc3e5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2444,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"003c72afa02aadd8f3937cf220342602","sha1":"f033f906eb9ca3e94b2dbfc618dee932451bf83f","sha256":"607d8174a64fbb40900510f3879e41c4987c78d9ea17c7d6c588d6d9194e5c4c","sha512":"df24c5edd48433468c158cf4cb057718cd1af0ed841b4b3298ded01cc222ec2cc1b7d7327ed3a64f68c470406dabfbac607337a0ef08dfa4add2a375cda3f054","ssdeep":"","tlshash":"b35107b391eac117f6f06fb82c76d291c218c6123f816b0f4e32d6c479207c82a86698","first_seen":"2025-11-22T22:44:58.780628Z","last_seen":"2025-11-22T22:44:58.780628Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w300/11ntwVAan2lanM38vDEDzz4XVgk.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w300/11ntwVAan2lanM38vDEDzz4XVgk.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7084\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Thu, 25 Sep 2025 09:44:55 GMT\r\nx-bo-server: LA-292\r\nx-downloadsize: 10104\r\nx-bo-origindownloadtime: 804\r\nx-bo-compressionratio: 29.89%\r\nx-bo-processingtime: 3\r\nx-bo-version: 1.0.26\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1082\r\ncdn-cachedat: 11/17/2025 19:37:50\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 2dbfd1ae4ed715fed3bfbd852da068b6\r\ncdn-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":7084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x169, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7b35cfbea51f011c8f963d7661a172a0","sha1":"cc75b7a758d7a4d0bf24e585999b8e6c83230121","sha256":"3addc675fee909173cccfd4ef219de6dcced672757a1b7cb89bd98f1d3ef81b8","sha512":"231d536c7b9eac367033b85fc15f38847900a345b1845ba008fbf60231609cce7ebbaee3d160df769eab7315781a5feff67b74d8c72f115d58d37594b2a2f6ee","ssdeep":"192:W8WSmHWY/PF5+5sRLr1gN/2kqvecLF06Thb1pCU:ZzY3r+yRVIK/+6Thb1gU","tlshash":"99e1adba6eec972910d40ccd17f2cf5f628554433aa6e4bbcb8a033a42997382652840","first_seen":"2025-11-22T22:44:58.782481Z","last_seen":"2025-11-22T22:44:58.782481Z","times_seen":1,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":71,"dns":31,"connect":22,"send":0,"wait":26,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/xqdtTCl1xoLgWnzFCBQ0vv4iSmR.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/xqdtTCl1xoLgWnzFCBQ0vv4iSmR.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 37350\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\netag: \"67fe40e1-91e6\"\r\nlast-modified: Tue, 15 Apr 2025 11:20:01 GMT\r\ncdn-storageserver: NY-703\r\ncdn-requestpullsuccess: True\r\ncdn-fileserver: 858\r\nperma-cache: HIT\r\ncdn-proxyver: 1.29\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 06/13/2025 17:54:35\r\ncdn-edgestorageid: 874\r\ncdn-requestid: 95518723b6bfbe3a386f84d049f812ad\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":37350,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e378915fc3b5fef4365645480cbe5547","sha1":"30827582aa81653d83dc7f9a7bb1ca08fe6407d3","sha256":"46bb2383db481606a52230b7cd1365e82853c2658f571d1cd31ddcffc39d51cb","sha512":"c231d6c76e43e61c6f030cad317cdd617bdea998ab8fbc0fddcde979b426a652c1724235e5cfeeb7298d7021161d27d7ca802cf8a195587797d23c1a1acfcf9f","ssdeep":"768:3Qg1FuF3Hh/m0M0cx5XQexn/o+AFEC80WT9+vcVW:gqF+B/m0bcxpQ0/oxmh0WJxA","tlshash":"f5f2f1d999bf39f46efc0caf0188342c07e95f8549b19b830712b2b25572363d7526e8","first_seen":"2025-11-22T22:44:58.784502Z","last_seen":"2025-11-22T22:44:58.784502Z","times_seen":1,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":81,"dns":30,"connect":25,"send":0,"wait":73,"receive":21,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/7s25OHjyqVuNUNJcUlzhx5lgzJU-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/7s25OHjyqVuNUNJcUlzhx5lgzJU-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11917\r\nserver: cloudflare\r\nlast-modified: Tue, 26 Aug 2025 19:17:44 GMT\r\npriority: u=4,i=?0\r\netag: \"68ae0858-2e8d\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qOaz6jfMqEjOPs3ozVgRHUZjZG2XGsr%2F%2BHDw3%2BajmLCFYJu3OOWpdZIZVgQPMKCiER93LE5NWRJHFh0jGrasBLmziet0dVpN3jqtCvNG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38a8f685fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11917,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"f0a997accd2f46ec615f3a68fcf940b0","sha1":"065efc7100c44b36146dfa356f43225f3d6d822c","sha256":"073bc9b6497791effc5450c936aefc09ba004360612a9f89c01755e61be7181c","sha512":"a194edcdb0bd2f2c5ae7bbffcdebce21490bf2c36dc49047d1653341536a902586c09c9c3cfe483b5aa82dcc6145a2e984ab50497fdaacdfdc14503b47872cd9","ssdeep":"192:MMHTBKiV+jlilJK5Dpnitq5YCDIbuALpmyW9MU7d7TDye/iKtaMMwUVIg76CG6RX:TIi65EtKNDWJ8yW9HFXyeLta1ZqKX+b4","tlshash":"8432bf60ed02a392d861ce328a784e6e7b24d2a96590f5cf24fee4d34c124d58a6c79c","first_seen":"2025-11-22T22:44:58.789484Z","last_seen":"2026-03-15T14:54:59.740724Z","times_seen":4,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5 HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Thu, 17 Jul 2025 10:28:21 GMT\r\npriority: u=3,i=?0\r\netag: \"6878d045-1285\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZUnc7F4RW3fibO9HwN0bjvtkQKnAwvTqyRSQF9191xa6AKdAHlOPB%2BZzmL%2BYLEDDQwG4vLvI%2B%2FaosyhtRjY5Hcz9HXsEDJdLUHqj01EB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3769ff75fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4739), with CRLF line terminators","md5":"0eea0408655c01545c25f142ecd898fd","sha1":"1bb9d98a7fee41318007652d0723141704a658e6","sha256":"5991b17b41002817f208207448eb82392a618a9b6bf9f4ca2c8e84815769a722","sha512":"da2f11b1a3b21b0d9d5bf0da0dd692adeb76910cd115264ffdfde7b4b61bc2526f3849b8f77f9e85537acd000cd14a25068715b5281bfd9267d6e180a482a63f","ssdeep":"48:TajZ6/nJN73IMTGnJNfqdaX6DlJB/KvjFd43payvh6Y2OnJNAPn2DjL/6vtnooO:T+Z+J1YMYJZqdk67B4d45nHJa2n6ne","tlshash":"4aa1564170815dd7023b23601e3bb60ba2937faad70a9401717ed1e50fa6d8a353671f","first_seen":"2023-03-07T01:03:55Z","last_seen":"2026-05-08T04:13:16.174724Z","times_seen":1732,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/9BrXyyrd5amNmpbZNc4gSblt6kQ-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/9BrXyyrd5amNmpbZNc4gSblt6kQ-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6308\r\nserver: cloudflare\r\nlast-modified: Tue, 18 Nov 2025 22:12:17 GMT\r\npriority: u=4,i=?0\r\netag: \"691cef41-18a4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ykR3xfK%2FQpL4BWMQypFwGYg1PZrphQ0V%2FXiT18qDNonTuKKuMMiDa8n%2FqP%2F1UWbB%2FsQfna0iAdCxkLqtw2rmt2lPT9CsVTM4hzFcIL64\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf388fdf85fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6308,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 185x278, components 3","md5":"f5f572bb83b3137014d2ffaf6aee31dc","sha1":"6a544e909364f92aed3f640cc85ea5ae20b93685","sha256":"585d52b6fd01ce93c752770493a3579c65fdbde7979110e0a7792b4cc55abb1f","sha512":"c3bda784db0a10df327d0dd0fe5ea33a95d423e14af730c48f5a2f986e14e486adfdf5329928cc7b399fe939f925429818f40e683f85b9d87e148b94a08b43c3","ssdeep":"96:MD7wBwP2i1P55lY2AY9CBT2Ys9DW1V7ZzauqXGmwcucHmES20212/5lpCECuz:MD0BeLoICAYOewB5w5cHJSL1/nKuz","tlshash":"3cd19eae05ede621dd1c7df1dd73c3845373ef60090d66a2abb1e24b0b647e24454897","first_seen":"2025-11-22T22:44:58.792624Z","last_seen":"2025-11-22T22:44:58.792624Z","times_seen":1,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/9h2bw1x4/5wvf1.css","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/cache/wpfc-minified/9h2bw1x4/5wvf1.css HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 16 Nov 2025 19:39:59 GMT\r\npriority: u=2,i=?0\r\netag: \"691a288f-2b8be\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VFHgIG4gjSK890HFFW%2Bd1Scb2Qf8LXLnFIHQp3nE148yeaq0O5rKwfMuoZASj%2B%2BzvN74U9pdG2xucitMlfGLm5sAoQu96bO%2FSf0uh%2FkV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3768fe15fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":178366,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1b6f85b0d7f77758fef92048d5a80ae0","sha1":"c11ecfc1b7701f9f73a2801b14b1857501de285d","sha256":"c4e08ed0d09e3c76217880c9ce48036ba603b479e165a73f3e06c90b1a650750","sha512":"6b97aed09191ce9306f213b5041182203a2a77d32ea54863a6083aab01428239bedab7a2e616d91c17fc83ddd914da34e9016e0b7c44b115a343e36020b8420d","ssdeep":"1536:4wv1E8SIZlJ/Zg9ADlnIZ+mqX56fdWGFIibJbiC8IYiy6BFAXq6Y18GMF63kAmhJ:z1E1IZ3/g2ln++1gTbqMAXHz","tlshash":"8e047db4d41e01da7726c60fab41b27a99f6f338d5410e4ae0cb4d1e1de2b9811c9bed","first_seen":"2025-11-22T22:44:58.794766Z","last_seen":"2025-12-02T14:43:18.43924Z","times_seen":2,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 18 Nov 2025 23:52:35 GMT\r\nexpires: Wed, 18 Nov 2026 23:52:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nage: 341507\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-09T15:22:38.78062Z","times_seen":805665,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":104,"dns":1,"connect":17,"send":0,"wait":15,"receive":19,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6.adsco.re:2087/","fqdn":"6.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.43.28","port":2087,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6.adsco.re:2087\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:24 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\ncf-ray: 9a2bf386ee4156c1-OSL\r\naccess-control-allow-origin: https://www.filmaon.bz\r\ncache-control: private, max-age=10\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 2592000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":2087\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":13,"dns":3,"connect":5,"send":0,"wait":12,"receive":1,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 19 Nov 2025 00:01:07 GMT\r\nexpires: Thu, 19 Nov 2026 00:01:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 340999\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-05-09T15:24:02.543541Z","times_seen":246436,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4.adsco.re/","fqdn":"4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET, HEAD, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Origin: https://www.filmaon.bz\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: private, max-age=5\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":77,"dns":1,"connect":26,"send":0,"wait":28,"receive":1,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/img/update-icon.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/img/update-icon.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/png\r\ncontent-length: 93398\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa8673-16cd6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 289967\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=83iaENgmm1NyPKEFPG8zsa34Vdmmxbc4%2BVJTvri%2BWU85rOodFhund18OFbhu%2FtNNPSljs%2BszOrObUEc562yQi9XXhD3Ig8Wh49fzJvl8\"}]}\r\ncf-ray: 9a2bf38e199656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 441, 8-bit/color RGBA, non-interlaced","md5":"1906b39a20dd088b10975a6784001698","sha1":"f7df922310c993ccea772cf8aee17221a14c1f20","sha256":"1257a33a60f01ee022e05f586fc50c5d2062f708cb5ca5c4a86d413a35a125e2","sha512":"45fd326e078872eb9dd7b15393c6545a8575badf88dac695318c6c1ff9de47a88aa7d0cf1a5215682d4ca2cd7427fd4c94d62f63a39ffbef68550d02f3a3c53a","ssdeep":"1536:TmS6hEVLpRhn+OIDnLhTCSw2hBnOjl8AGHhRuWGauwQdjAwO+0SgkZ0dONxno4qg:TMEVx+xDnFcKFHhRvG2wO+0SN387+3","tlshash":"ba93024af0163e205eeb7ec1b7d781c182f2e62c69c4fd19f946941d54a6bf8acc7a04","first_seen":"2025-07-05T01:22:16.629162Z","last_seen":"2025-11-28T09:42:04.461477Z","times_seen":128,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/jg9zZr4StFrLDvbIPO2QEq2OEew-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/jg9zZr4StFrLDvbIPO2QEq2OEew-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13215\r\nserver: cloudflare\r\nlast-modified: Sat, 08 Nov 2025 20:03:31 GMT\r\npriority: u=4,i=?0\r\netag: \"690fa213-339f\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jn2Ujpd9rg6TBOwuyhwagmy65jGfRKmUyWaOyGLFcNn3wkTyyFtQLefvE9SXWxKnTCzvXzwbhkLmEKmLJsaEuCX6cVaBvXY4U%2FoHs9r8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38a9f775fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13215,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3","md5":"e21a5f6f425786a7f0f8a8d0231b724b","sha1":"8ca08c600af10184f66efbd7b29a97f80bef67e8","sha256":"070203289505973204f9a920ae08089fab46aafe28bda486be19a5e391a2de70","sha512":"f2b834c962b01407054cc1f559c9fa45786656d190732ba8d77461b60de15f0ab576eb84268385c2c10ca4a7f99c684e5c75fc310895d9154a0cfb639de445ea","ssdeep":"192:Mttq7kWtGt5gcbdUK1CtLx+TcMetJ8NZzYWdaWTynY1/JHAm6CtfgwLzQkZabmEu:Epu9c0lx+yJ8rbdNTWY/6jw33fZ","tlshash":"4552bf582719d1cdf8620f3869feb0166d0034661a7e5bf22a7bfc3252325e46e5f2a0","first_seen":"2025-11-22T22:44:58.798446Z","last_seen":"2025-12-02T14:43:18.503897Z","times_seen":2,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/ren.gif?sid=H4sIAAAAAAAC_1RSv28cRRiddVKRAhEiqJAWRBFEfNlfd74lSBEmBCLyi8TIRRpmdmbPw-3tLDP743yVhSWU8twBoli_s2NhIgQlQojoTIMsIfmoXMQU_ANIIGp09kkWX_F979Ob4r0332ebxRHxUdDDu7fUQCYJvdxsOPbFZZlyVRn79pLtOg3nir0s01Zwxe5Pmy7fcP2g4bxmvyuirrrsOa7juI5rX5daxKp_-ZiFzB6HbiN0GoHXcJsB-vr_uyksGGqBl0fkPCSfPPtn_AAyGiPtfXdNmG6uskvv9IqE5kqj5Dsfpt1UVSl6pzDWFuJ0Z_YaykwI-XwOKt2ZOYAqt6YOwOSEzL3wFCzdmckEK7dPlLIEIgXj51CVY4hkDEnHiNQ6JD8gQMRx-w7S3qPbSld09YSlU3ZCzv77N2Q1IWefXkDa-3YxkX37vkqKXKrUoB_XkP0xZGeMrNhDPrAgqz1E-aeQ_DfivHgOaW_3PVXKrl0K3YXkh6-yMG6HbjucZ622Ox94XjDf9hmf5zRq-vECX_CYfxyUjMegZg6FsVBIC0Vsocgs9PihHTjtIHKp34pDHi04AQ0CLpgTtj3HoWG0gCKaOhgiz4aIkiEivYZMr6ErNw6a56GLJzArNQyfg8knxPpgDSWvUQmCyhBUlKCSBFVOUJX1Nk-MZ-pHPDEFc2fTm02_Hqm8s0m3Vd4RKQHVQ2heb8nsE7OOKD8zGsSGj9S0UZbXI8p4vZkdkeemGVtbDzbQFYe2E7jthaZPo7AZ0cCLXd6MRYt5rNUOhRsLGFlDmjlQY2EgJ-TW_R-RyYNLBRjdg0n2EEkLtHgJtKpBV2oM0t1YJj2q0gYbgKsaWX4W-aq1mRyR50f3lhafHH_zR9dehoj2yawQ6RqZrvGx_IWgkzwc3VMV2bqnKkO-v5PlsicHdHoC93OaC2v3fbFaKc1vXDPDr9-KpsQUPl4SJr9JUy7TjiHfLErOhb6udCTITzfMsmB3C7OyWOi0yG7effv6jV6mhTFSpWNQOSHPfPU6IjkhFy5ePT7v5j9_IMrWYLL9qz98Ma0vYRQByywkkiARp_opq2HE_s9_zXZ2ijfNQ3S0BZqvI-3VKHWNMqlBkyFMcWaUZ3r_6u_-cYEl1ogl2tpiiU42TnIy8tBuesxvtdstEbd47HPf83nYdEQY0LAVhEETuZnIV9789b8AAAD___u--GKBBAAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSv28cRRiddVKRAhEiqJAWRBFEfNlfd74lSBEmBCLyi8TIRRpmdmbPw-3tLDP743yVhSWU8twBoli_s2NhIgQlQojoTIMsIfmoXMQU_ANIIGp09kkWX_F979Ob4r0332ebxRHxUdDDu7fUQCYJvdxsOPbFZZlyVRn79pLtOg3nir0s01Zwxe5Pmy7fcP2g4bxmvyuirrrsOa7juI5rX5daxKp_-ZiFzB6HbiN0GoHXcJsB-vr_uyksGGqBl0fkPCSfPPtn_AAyGiPtfXdNmG6uskvv9IqE5kqj5Dsfpt1UVSl6pzDWFuJ0Z_YaykwI-XwOKt2ZOYAqt6YOwOSEzL3wFCzdmckEK7dPlLIEIgXj51CVY4hkDEnHiNQ6JD8gQMRx-w7S3qPbSld09YSlU3ZCzv77N2Q1IWefXkDa-3YxkX37vkqKXKrUoB_XkP0xZGeMrNhDPrAgqz1E-aeQ_DfivHgOaW_3PVXKrl0K3YXkh6-yMG6HbjucZ622Ox94XjDf9hmf5zRq-vECX_CYfxyUjMegZg6FsVBIC0Vsocgs9PihHTjtIHKp34pDHi04AQ0CLpgTtj3HoWG0gCKaOhgiz4aIkiEivYZMr6ErNw6a56GLJzArNQyfg8knxPpgDSWvUQmCyhBUlKCSBFVOUJX1Nk-MZ-pHPDEFc2fTm02_Hqm8s0m3Vd4RKQHVQ2heb8nsE7OOKD8zGsSGj9S0UZbXI8p4vZkdkeemGVtbDzbQFYe2E7jthaZPo7AZ0cCLXd6MRYt5rNUOhRsLGFlDmjlQY2EgJ-TW_R-RyYNLBRjdg0n2EEkLtHgJtKpBV2oM0t1YJj2q0gYbgKsaWX4W-aq1mRyR50f3lhafHH_zR9dehoj2yawQ6RqZrvGx_IWgkzwc3VMV2bqnKkO-v5PlsicHdHoC93OaC2v3fbFaKc1vXDPDr9-KpsQUPl4SJr9JUy7TjiHfLErOhb6udCTITzfMsmB3C7OyWOi0yG7effv6jV6mhTFSpWNQOSHPfPU6IjkhFy5ePT7v5j9_IMrWYLL9qz98Ma0vYRQByywkkiARp_opq2HE_s9_zXZ2ijfNQ3S0BZqvI-3VKHWNMqlBkyFMcWaUZ3r_6u_-cYEl1ogl2tpiiU42TnIy8tBuesxvtdstEbd47HPf83nYdEQY0LAVhEETuZnIV9789b8AAAD___u--GKBBAAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0bd0a2c944353992d8172f117086dbc4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/notifications/software/multi/mac/firefox/1/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iTPqQmIM5O4qYxd4WwqTvsMOy2cRtgMLFQQH0IWSiPqACMd7M0IsVQydO1dgltAf0ykPoVMyxgczj1AmD36%2BVtp5xXJjX6HmLrb6CIU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a2bf38c3910b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1463,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6cc0ccba279374a1de231cbcb4bbc493","sha1":"87aa1307e0652bf3f89923135e133e8c01fa9262","sha256":"13aef1634b103c27a4abe1b30c1ea654b3031dac68a16da78bbb059532b14165","sha512":"702064983a076b516c181324494835b409b88ca0f4e8cf88f77ef51668bb86e674a09113e8c278f12745f011734c37b93e25ff349307161e7cae63505f53a907","ssdeep":"","tlshash":"e5319b86bdea85a62083d0d3ba313f56bcd2d90f9c460440f6fe0960cb9ab848e1b107","first_seen":"2025-07-05T01:22:16.625288Z","last_seen":"2025-11-24T12:02:14.320813Z","times_seen":66,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":19,"dns":1,"connect":1,"send":0,"wait":120,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/04/18/75/0418753ac95ca42f1d5fe6b2b689e1fe.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /04/18/75/0418753ac95ca42f1d5fe6b2b689e1fe.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:23 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 31797\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 64257ef9129aae660b448ccbcd3911c9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":81590,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"47c8c070d2bb7246630a10a22f41087d","sha1":"c9bf077a9d33e0a947ebbeed7f169d2db3d9ee2a","sha256":"4f920e381f82ad210c95da54b68f24c186ce5027014e88e9abd7eb623c446aba","sha512":"51c9b4797e435b0734ca2f4f04ed723740752a92255079f9d90db3075145f3fc1207581852cdfa37d71d18c648f8bb144b80eb5f3c81484130562c0636bac06a","ssdeep":"1536:g6atuYKb5yrHvXp2mbVKBw591hyGo2tf68hK3vZEvF:gvMYKb5QEmbV11hyGztinZE9","tlshash":"3f83e6883f51b09903d76077222feb8bf12edc10109ee444d623e5d97b6834ae5bbe65","first_seen":"2025-11-22T22:44:58.801168Z","last_seen":"2025-11-22T22:44:58.801168Z","times_seen":1,"resource_available":true,"data":null}},"time_used":817,"timings":{"blocked":301,"dns":23,"connect":92,"send":0,"wait":98,"receive":111,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/6zDYFigohwncqFL00MKbFV01dWb-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/6zDYFigohwncqFL00MKbFV01dWb-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 14212\r\nserver: cloudflare\r\nlast-modified: Wed, 19 Nov 2025 20:05:07 GMT\r\npriority: u=4,i=?0\r\netag: \"691e22f3-3784\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ew%2FqDbZpefu1nvMNKO1gWONaAOS1Prvxyy7Y5ZoFSLnISPyjkceP%2FzcDIU4QbTXZwLDD5Fy5TPtYHGAUwx76IbfMr7ea2F7iXpEDbMc7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced2a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14212,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"3cc349d2b4d4eb4eba9cb896e41c0eb3","sha1":"e8130dcc78b5f20bc296854108b35de0df3cabd7","sha256":"42f7e89d8b158c8d964e907f197c5b11e3604d783cb9766b320aabbd25d63313","sha512":"9d2dd8a1b7e3516f09fcf1a113a92ced51c101bbcb6327c6a18fd3dd07639c108a194083e55500d7f1ad7d9afe6b22a32346138fad8689a68091860b691b1752","ssdeep":"384:xpyfj9uw8F2Yo3IQpGBbEe2jp4r7fbOnpU9q+khDjbHC:ik8BIQpGNEe2jp4rbqpUG/e","tlshash":"b452cf8326d57207d8865ab667f44a28821ace0be65d23317df9e685f40a0c1c5b11fd","first_seen":"2025-11-22T22:44:58.802753Z","last_seen":"2025-11-22T22:44:58.802753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=518","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fmac%2Ffirefox%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=518 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27548561=1; slec0418753ac95ca42f1d5fe6b2b689e1fe=[6308897]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:26 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700\u0026ver=2.5.5","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css?family=Roboto%3A300%2C400%2C500%2C700\u0026ver=2.5.5 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 22 Nov 2025 22:44:22 GMT\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21548,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"7f90d4beffaed14513de83d19251839c","sha1":"4bd1df37d99cfc70e75b6ad0e99c85292dac4744","sha256":"9a1c60310270c15b41063e11841c4efed4dc17c2b43bc3f3530a117382d25a6f","sha512":"80aae6fbbd65b978d49ef733e09d87bfb77e94266c25f4f05f98a133b25e4c269b50651b2ec9e9efa4b57d59b9b03b584dcb9b50b8020c97513e433bbc8940a1","ssdeep":"384:3KfnK+KhKdKySK/qY4oKmKGK3KfaKDKwKkKyfK/qY45KLKrKcKfFKYK7K/KyEK/y:38XguBSivFRa1KRzBfiiMgFK1GIBEiN0","tlshash":"faa20fa1041b500057834ce223cebf34fe1f52507142d0b5abfdab6badcbc6652693ad","first_seen":"2025-11-19T00:20:37.671029Z","last_seen":"2026-02-19T19:28:10.308926Z","times_seen":3942,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":78,"dns":1,"connect":8,"send":0,"wait":18,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4318N3FV40\u0026cx=c\u0026gtm=4e5bi1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-4318N3FV40\u0026cx=c\u0026gtm=4e5bi1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: Google Tag Manager\r\ncontent-length: 1608\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/10/28mjgY8UHW96JtOmpgc9lZt5ZFq-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/28mjgY8UHW96JtOmpgc9lZt5ZFq-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3660\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Oct 2025 20:14:47 GMT\r\npriority: u=4,i=?0\r\netag: \"68e96937-e4c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3aq1qfLoOZXwc%2BCkRUOCuUb4Mw8rvwlh8WzWCpIFeCwz8%2FPlE9feqE9sUIRhP6Kpi7JZVjNA9Z87LEGeBlvEc471fuETVbfSZwvBf7QC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bec2e5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3660,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"7660ce7ee66cf175ffe3488227e76be8","sha1":"dee3df9d563ca3a6c01125db451fd228bd8ce1f2","sha256":"bc52d4d5144bc7873adc91d79492f568aa2287d5bc631eeff867d0de2764ed84","sha512":"ecd7d20994d03656dbc8e572e0a6217b23015b4daec28210d8d48e60d181141fdc74d97de1c52e5f617a6b70d1bd1376d791bbf5bee14809574b4f891e53428f","ssdeep":"","tlshash":"5b714d0ec759c062eb591c311664bf256e1c3e24c812b667b033fbbd592d4d10e1482a","first_seen":"2025-11-22T22:44:58.805409Z","last_seen":"2025-11-22T22:44:58.805409Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2024/07/favicon-1.ico","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2024/07/favicon-1.ico HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Sun, 27 Apr 2025 06:01:18 GMT\r\npriority: u=6,i=?0\r\netag: \"680dc82e-3c2e\"\r\ncontent-encoding: gzip\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mfVohBYPrxU1yNId4Qg0LHBLe%2FJFrzXqeFCeTfog2VcdbnlLSwbO7ar9kFKZym4KMTw%2Fhn2Lo1XzE2l93cx2Ptkf48nG%2FI8vbHjNIhZu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37f8f3a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"d28ddc837b1e9a7c6c8fcacc45b4a77e","sha1":"ab5947889684a0a17c58d79436e24596feacacb9","sha256":"0ae7ef4a098358586a60c913c69e0d144a16e38d74e7b26e0b5cd97f780ce515","sha512":"1d1141b4e2269dd90374773a1357da6d3927340bc14dc79654a6eb46ea8323d8816445b1f1cf84a488e1418134e5ad765457a7e8eba0a68511299ec6d6da4031","ssdeep":"96:QJutguCLJqoAUJvGIDdyD0svFovpnsQP9OeZ2263G9/KI4HF4vYjK1gTacU55Ztc:2utgX6CQ92pREmvWSg2c4PDJftm","tlshash":"1c625342a3909b32c9692736d1fb4309637aee00bf966b0b1358f0605fb33856b5369c","first_seen":"2024-05-26T23:04:24Z","last_seen":"2026-03-15T14:54:59.770038Z","times_seen":7,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/themes/dooplay/assets/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/themes/dooplay/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/wp-content/cache/wpfc-minified/9h2bw1x4/5wvf1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 140996\r\nserver: cloudflare\r\nlast-modified: Thu, 17 Jul 2025 10:28:21 GMT\r\npriority: u=4,i=?0\r\netag: \"6878d045-226c4\"\r\naccept-ranges: bytes\r\nage: 6489\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0O7op48we%2FLWt2bvLAXxcou6HiTtAecU3si%2FZ0GMDpqN%2Bu8uM1%2BcOas8AalfQvV3gQCM%2Be2k2nTGbLzW7O%2Bqknd6C%2B%2B1RhoDpX99dFL6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf378b9b55fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140996,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392","md5":"25d740d42658b6e2c293ce7b3322aac7","sha1":"41cc9ae4b5dd70fd3988059dfb864f20f99ae371","sha256":"8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2","sha512":"eb92dd22d53765b44d918ecec0105cbaae08fd5e0c7fac1ec8494a32bb553ded03e8b3826a230161ab791d6169eba1d3b384451e002ff0369760206b7775c768","ssdeep":"3072:X8Y40kER3HLOKqHj4HYwoR9G8iSjt1FrLl+JeMU:/4GZHLOtEH3wVdjtyLU","tlshash":"13d3123a6c8961b6fd2e9870bef1fc0949db7852059892c6b3565f6cd97a0031873f09","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-05-09T15:07:01.755814Z","times_seen":5942,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adsco.re/p","fqdn":"adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"POST /p HTTP/1.1\r\nHost: adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 7280\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7280,"data":"!247;1763506803;#43;5213999;;;;;0;0;0;r8kybcupde14;!4;webgl2;99;;;-1;0;!4;;;44100;suspended;;;!2;01,11,04,14,05,15,07,17;00,10,03,13,06,16,08,18,28,38,09,19,29,011,111,211;0;Infinity;0;Sa@https://c.adsco.re/:32:413\nBa@https://c.adsco.re/:101:218\nAdscoreInit@https://c.adsco.re/:132:351\n_adscoreDeploy/h.onload@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:61:464\nEventHandlerNonNull*_adscoreDeploy@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:61:413\n_init@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:60:211\nsetTimeout handler*_waitForGoodWeather@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:71:6\n@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:76:392\n@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:76:415\n;0;1;!6;en-US;en-US;en-US;en-US;en-US;en-US;68938d5cc121cb3f3b3a105be283d62a;!9;1435463610;-103603082;1034807674;739489711;;1528216568;-526350342;;1567935209;!8;2;2;2;3274;3274;3274;69;2;filma the tempest episode sep gjitha shiko nov oct jul aug robin hood seriale lake jesup bonecrushers revenge normal family merry little exmas thick thieves;;1/1/1970, 12:00:00 AM;!13;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;8611,150;6a36cd586af9af49b504ffe67c4af8a5;!13;96;33.8;27;1280;1024;2;2;2;3;2;1;1;;!2;!2;application/pdf;#6;!2;text/pdf;#6;1;!2;;;!23;https://c.adsco.re/;h2;23446;23446;;25675;1095;1218;1204;1204;1196;134;1218;1229;1224;1209;;script;;;;;;!23;https://www.filmaon.bz/;h2;102078;19292;navigate;19889;;71;53;53;25;;71;402;373;57;;navigation;;;;;navigate;!5;!3;PDF Viewer;#23;#6;!3;Chrome PDF Viewer;#23;#6;!3;Chromium PDF Viewer;#23;#6;!3;Microsoft Edge PDF Viewer;#23;#6;!3;WebKit built-in PDF;#23;#6;1;!9;!2;window.SecurityPolicyViolationEvent;function SecurityPolicyViolationEvent() {\n    [native code]\n};!2;window.FileSystemWritableFileStream;function FileSystemWritableFileStream() {\n    [native code]\n};!2;window.ReadableByteStreamController;function ReadableByteStreamController() {\n    [native code]\n};!2;window.PerformanceObserverEntryList;function PerformanceObserverEntryList() {\n    [native code]\n};!2;window.SVGFESpecularLightingElement;function SVGFESpecularLightingElement() {\n    [native code]\n};!2;window._googlesitekit;[object Object];!2;window._pao;[object Object];!2;window._F_toggles_default_gsi;545259520,219920;!2;window.__G_ID_CLIENT__;[object Object];0;undefined;undefined;object;undefined;undefined;;https://www.filmaon.bz/;0;visible;0;1;1;1;1;1;1;object;;;;2;2;0;;;;;;1280;1024;0;0;1280;1024;1280;1024;0;function hasFocus() {\n    [native code]\n};;;;landscape-primary;0;0;0;0;1280;1024;1280;1024;24;24;;;1;Mozilla/5.0 (Windows NT 10.0\\; Win64\\; x64\\; rv:134.0) Gecko/20100101 Firefox/134.0;5.0 (X11);Mozilla;;Gecko;20100101;;;20181001000000;Win32;;Linux x86_64;48;0;;en-US;en-US,en;;;;1;;1;;1;;;0;0;1;;;;;;;;;1763851463149;0;;;;;;;;;;1763851461593;0;0;1763851461618;1763851461619;1763851461645;1763851461645;1763851461664;1763851461649;1763851461664;1763851461967;1763851461994;undefined;undefined;number;[object Window];#37;#37;[object PluginArray];function eval() {\n    [native code]\n};function animate() {\n    [native code]\n};[object Screen];function open() {\n    [native code]\n};;function close() {\n    [native code]\n};;;function log() {\n    [native code]\n};#39;#39;#39;0;0;function IntersectionObserver() {\n    [native code]\n};function alert() {\n    [native code]\n};1;string;;function toDataURL() {\n    [native code]\n};https://adsco.re/;adsco.re;#16;function RTCPeerConnection() {\n    [native code]\n};function mozRTCPeerConnection() {\n    [native code]\n};;function XMLHttpRequest() {\n    [native code]\n};UTC;en-US;1;;;;;Filmaon.bz | Filma me titra shqip HD;;1;0;;;!5;0.3045792296162051;0.2689072246209855;0.6051474717418059;0.5093094908513957;0.8295266900439234;!9;;function toString() {\n    [native code]\n};toString;function toString() {\n    [native code]\n};function toString() {\n    [native code]\n};function getOwnPropertyDescriptors() {\n    [native code]\n};function getPrototypeOf() {\n    [native code]\n};Function.prototype.toString is not a constructor;AdscoreInit/Sa/e\u003c@https://c.adsco.re/:63:356\nSa@https://c.adsco.re/:64:317\nBa@https://c.adsco.re/:101:218\nAdscoreInit@https://c.adsco.re/:132:351\n_adscoreDeploy/h.onload@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:61:464\nEventHandlerNonNull*_adscoreDeploy@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:61:413\n_init@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:60:211\nsetTimeout handler*_waitForGoodWeather@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:71:6\n@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:76:392\n@https://www.cdn4ads.com/kuUM/V/sl20n.min.js:76:415\n;0;!3;-1;-1;-1;7EkcHuOSgZyFOq1TXVH44s5xNtP0ycmT;!6;0;0;1280;2526.199951171875;0;0;!8;function getParameter() {\n    [native code]\n};WebGL 2.0;WebGL GLSL ES 3.00;Mozilla;llvmpipe;llvmpipe;Mesa;10;!3;f7315393;bf87ab55ad7e24aa6fdfdb8912421b01;35f47bc534bd8dd3f6e9e8c94d8cbf06;!2;7b14c5539f806db9ae9b59a0344f4c63;2659a052ef8157a94816771a03a58492;!2;AddSearchProvider;IsSearchProviderInstalled;-3;-1;-2;-1;!3;-3;-3;-3;-1;1;-2;40.535191196263156;!3;91.90.42.154,c7ec905848c28ac8941c37820359facd;3142;3417;!3;91.90.42.154,c7ec905848c28ac8941c37820359facd;3142;3418;!3;91.90.42.154,c7ec905848c28ac8941c37820359facd;3142;3417;!3;91.90.42.154,c7ec905848c28ac8941c37820359facd;3142;3417;-3;0;!5;d41d8cd98f00b204e9800998ecf8427e;d41d8cd98f00b204e9800998ecf8427e;;;;-1;-1;-1;!4;#0.41379718932479503\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\nage: 4132\r\nalt-svc: h3=\":443\"\\; ma=86400\r\ncache-control: public, max-age=2678400\r\ncf-cache-status: HIT\r\ncf-ray: 9a2bf3876cdb0b69-OSL\r\ncontent-encoding: br\r\ncontent-type: text/html\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\ndate: Sat, 22 Nov 2025 22:44:24 GMT\r\netag: W/\"0C/aGf2vjU1vt3782UjGTw==\"\r\nexpires: Tue, 23 Dec 2025 22:44:24 GMT\r\nlink: \u003c//adsco.re/\u003e\\;crossorigin\\;rel=preconnect,\u003chttps://6.adsco.re/\u003e\\;rel=prefetch\\;crossorigin\\;as=fetch,\u003chttps://4.adsco.re/\u003e\\;rel=prefetch\\;crossorigin\\;as=fetch,\u003chttps://6.adsco.re:2087/\u003e\\;rel=prefetch\\;crossorigin\\;as=fetch,\u003chttps://4.adsco.re:2087/\u003e\\;rel=prefetch\\;crossorigin\\;as=fetch,\u003chttps://0.l.adsco.re/\u003e\\;rel=preconnect,\u003chttps://0.s.adsco.re/\u003e\\;rel=preconnect,\u003chttps://0.n.adsco.re/\u003e\\;rel=preconnect\r\npermissions-policy: ch-ua=(self \"https://adsco.re\"),ch-ua-mobile=(self \"https://adsco.re\"),ch-ua-full-version=(self \"https://adsco.re\"),ch-ua-platform=(self \"https://adsco.re\"),ch-ua-platform-version=(self \"https://adsco.re\"),ch-ua-arch=(self \"https://adsco.re\"),ch-ua-model=(self \"https://adsco.re\"),ch-device-memory=(self \"https://adsco.re\"),ch-downlink=(self \"https://adsco.re\"),ch-ect=(self \"https://adsco.re\"),ch-rtt=(self \"https://adsco.re\"),ch-width=(self \"https://adsco.re\"),ch-viewport-width=(self \"https://adsco.re\"),ch-dpr=(self \"https://adsco.re\")\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\ntiming-allow-origin: *\r\nvary: accept-encoding\r\nx-firefox-http3: h3\r\n;3144;3323;3418;-2;-2;-1;-1;-1;-1;-4;-4;1876;!2;0;1055;!0;"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAS-P-1: OK lon123\r\nAS-P-2: OK\r\nAS-P-3: OK\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: no-transform\r\nAccept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\nAccess-Control-Allow-Origin: https://www.filmaon.bz\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (1212), with no line terminators","md5":"dae3bd51e3d11ede8f663e5f4f3cdef2","sha1":"a699e7ccc7ea4cb377350c42b35e658aec89b10f","sha256":"0ce351118822caae2253e064141a17c5f09b85ec8617b0ccc3d125b761008255","sha512":"ff20567c4df39e65a82646501ab3de9f459112cb9a82ca361c96168961078814fb336e5476fc2b52c96d35daf5f078f0034b07a470896a64c1d93436eb96da44","ssdeep":"","tlshash":"5a21b4a6299c8739bfd2e01314c834112cb973be616506395a8ab9641f4f13eb41bf99","first_seen":"2025-11-22T22:44:58.807734Z","last_seen":"2025-11-22T22:44:58.807734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":90,"dns":1,"connect":28,"send":0,"wait":50,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/09/qB9PBQMyKrp8diKGxVpfayKZbgd-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/qB9PBQMyKrp8diKGxVpfayKZbgd-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15222\r\nserver: cloudflare\r\nlast-modified: Thu, 18 Sep 2025 19:35:47 GMT\r\npriority: u=4,i=?0\r\netag: \"68cc5f13-3b76\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eVIogvVVvudsOFFKYzgCjP77j4GjkC%2F4m%2BYP1eXkh4FuVDnDau4gLobRKw9cAKYUTdNil0Yxw881dUYImqrrs%2FfOW6jSAlkPXA8ptXH0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38a8f5b5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15222,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"57da77cc8b0aa3430fe438a8e0229dde","sha1":"d527a342fb3d3a8a3791480e680edb04b437008e","sha256":"cece8f6ecd3aab8cf3e7bb7b55eef7028bb83cb8a1113ad6dd2310e654097246","sha512":"280d00aa797795db13913c5b74b2fff0fb75eecedb9ea65118ed429607cc584cf73e948b4425c0abb4224933823152a0c93fd0f43d676a426489ef7f6ac104e7","ssdeep":"192:MvAclG/P1Kb9Lfl6cl9BZ+M/hd/HyWcWTmMbYolHhCnei+kR+54nu2fZeQTZnqyw:C1lG/u9p6CBZ++3fnnl5ZiV+2lZ3q+BI","tlshash":"4a62c0f3873e0950e2d92e3943e804364759dd92a9f987da82e0fd2c7fe60ee4b95140","first_seen":"2025-11-22T22:44:58.809171Z","last_seen":"2026-03-15T14:54:59.789234Z","times_seen":4,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css2?family=Open+Sans:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 22 Nov 2025 22:44:25 GMT\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30070,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"114952dd07a7ce02ac094d21c0d9a4ab","sha1":"a503f68cac7e67def0d62fb1eb674dd217526709","sha256":"ed36995aa36badcbc7ac09d31c1e3ecc69b7e3052d0b7fffeb9c9d6b02caa242","sha512":"87450b539594cc789d88a71e841d6d2f4542281a33b0e02a2d738ba39dcae41480b5ee164e5cdddc41e706566234b1a16d1a043d20ecc81590b3faf5ab83bab4","ssdeep":"192:fCPPa2Skrq4nbqGIwV4G5zpDCKKf2XdrqJnbqGIwV4jozYUChhg242rqSnbqGIwc:6SqqY49t5qY4tMgqY45f/qY45uOqY4P","tlshash":"31d21ba000171850ab435de633ce7e34ee0f92666044d07a6bfd8b9bdedad6963b431d","first_seen":"2025-09-17T07:45:46.455041Z","last_seen":"2026-05-09T09:32:29.503377Z","times_seen":982,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:26 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZelwsiZWTR0aK7x0tfpKHsouFC6oDwrunyxSsUU4tquXKCHxErfnFfHpcDhD9h44Afbk9hRCgm%2F4YLDz3Jg4szm6mOwqldJCB%2FODfJOS\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa8673-1fec\"\r\ncontent-encoding: br\r\ncf-ray: 9a2bf38efa5456ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8172,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"b653e468ec8f7e9e2a26b56fd519ce8a","sha1":"fecc9f92c296760728a8503c7555f0aafcb99ecc","sha256":"bb7a2fd8bb1a55ebc6e1e3afc6fce20cfb08cf93b5b0cd7876ddab39e99ff4f3","sha512":"a37a07ab1840957de2f7d54f220d7cb120d9c09fb44937fec4829076e67242b19e8a6eff4a1b0ca4f590f5f964cd2018840da4bc1b57846c51ebaae673a5c195","ssdeep":"192:S04crcYmZo6fRFrfgAIgeklyPBNlkDd1AsUpFMI1mm5oRsNUBf1WWXToc:S0io6YtNkoPFPqkmm5oRsaDR","tlshash":"1cf1cc14c0ee5069d108d01d22662838f7e80967ce2479e1ff99a15a1fce6bf313967f","first_seen":"2025-07-05T01:22:16.618774Z","last_seen":"2025-11-24T12:02:14.321872Z","times_seen":63,"resource_available":false,"data":null}},"time_used":475,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":474,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/k0oy09U93Qye2odlIIzEZljDqJS-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:27.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/k0oy09U93Qye2odlIIzEZljDqJS-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com; _popprepop=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7436\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:31 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca13-1d0c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NEih8OuU1PyPrsPE0pAHlbC%2FrI3UVc8%2B%2FlD1QQ1pxilfxnDM8oXGC2OUIryFie3gNvpQIK0NADL%2Fmf%2BrzWcvTrXdT%2FFiNUc76PZtmpWu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3957fed5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7436,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"5e3246d14c9f2630146a66fcaf550b70","sha1":"640a9aa636324839c3d254eb04472db5face551e","sha256":"4e20feeed35893f399f354f88f38a43b7e949c30941e64f57c0b2ef308e70765","sha512":"4fcd6bd133a13eb5a88260648268cd4d721266bb8526f41a1308ff2e45ff9872f7c36783e3c392858375b193988d434ec1e9a17e27c512a39f83242d14de9ee1","ssdeep":"192:M/4XNtWtRqKAlrtgM2Bp+qCmklNftqqMmjOnyR3iaU:/2RLAFtgVBp+mQdMmjBRSD","tlshash":"a3e19e0d5b4f7af3872a0df8ab9a300adf052960f740e7c0823ee66b77515d6dc1145a","first_seen":"2025-11-22T22:44:58.812603Z","last_seen":"2025-12-02T14:43:18.414986Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/07/q5pXRYTycaeW6dEgsCrd4mYPmxM-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/q5pXRYTycaeW6dEgsCrd4mYPmxM-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3447\r\nserver: cloudflare\r\nlast-modified: Wed, 16 Jul 2025 18:13:01 GMT\r\npriority: u=4,i=?0\r\netag: \"6877ebad-d77\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SCbmndVrHGQKRD6eSYah2hM41Z7AAXFYbsDYwKk1fU%2FzVWsqYv23%2BWx3bqQuKnM0K7l2Y3m%2BHiANJEFPxLbY6rFdyGStefk33UpMhEb7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bec255fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3447,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"2b0aedda2a23b92e02c99375660f74ff","sha1":"efbb8934963f00263b45304c2cebda1f1e8ab91e","sha256":"8f433cec1aa50717cd0ddabfbc2f6d78368d30a2ea654e0ca77625ed35187cfb","sha512":"784359a4c5a933a97d3ed71dc294449ac48ffcdff9a4a4a40c6ac7d503fa015a999cdf6c3f84712c8a9999ab9dd03eca36e1a4794db9773b04c5e8cdc5379fa7","ssdeep":"","tlshash":"84614d6b5641efc1d8284c3b5029c9bc4d96de037db18581667ee03d0ea66eedc71a50","first_seen":"2025-11-22T22:44:58.81428Z","last_seen":"2025-12-02T14:43:18.474301Z","times_seen":2,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1734\u0026rd=1734\u0026fd=567\u0026bv=25.11.7856\u0026tmpl=136","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1734\u0026rd=1734\u0026fd=567\u0026bv=25.11.7856\u0026tmpl=136 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":719,"timings":{"blocked":310,"dns":26,"connect":92,"send":0,"wait":99,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ec/7f/f2/ec7ff2e318414de6e717e2fe1b9622cb/1756656608.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/ec/7f/f2/ec7ff2e318414de6e717e2fe1b9622cb/1756656608.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32182\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:10:09 GMT\r\netag: \"68b473e1-7db6\"\r\nexpires: Mon, 24 Nov 2025 22:44:25 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32182,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 13:32:03], progressive, precision 8, 320x50, components 3","md5":"8575ac38c5934ea9a63d580cfeaf6701","sha1":"565ad16e0f9be85c7a27300cf77691bc1749720f","sha256":"5bb0b74926afd2fa39213a15219590f8309a88b1928afd229cfca682e1b4e208","sha512":"c159a1119a758f0560dd140bcf7f49473f7d952729ea8766f55daec4c903b182187ca6f6b01ad5a6df253a5f1d4e8bed2ac6f0f2257e9015f1f765187eeab2c8","ssdeep":"768:uMVxoiUMVxxDxwMYy98Lsz1dZKAD2BHyVyl2ThcB:TxBxxD5jDZKyCy4B","tlshash":"e8e2be76f781cd11fcf08b7804e7d7c2a2a2db28aae3a548bd4c7545b7643d58c8d286","first_seen":"2025-09-02T19:18:23.984573Z","last_seen":"2026-05-08T08:00:20.960169Z","times_seen":274,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":49,"dns":1,"connect":19,"send":0,"wait":38,"receive":7,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/tcMjx3BT7UuQMAtdCT3Cto6ILYK.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:27.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/tcMjx3BT7UuQMAtdCT3Cto6ILYK.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 63246\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Sun, 02 Nov 2025 21:06:52 GMT\r\nx-bo-server: LA-295\r\nx-downloadsize: 84540\r\nx-bo-origindownloadtime: 158\r\nx-bo-compressionratio: 25.19%\r\nx-bo-processingtime: 22\r\nx-bo-version: 1.0.26\r\ncdn-proxyver: 1.40\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 755\r\ncdn-cachedat: 11/16/2025 18:04:34\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 973bb07481daa6640c8c92b8af022d3a\r\ncdn-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":63246,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c9a34c8e61fb9b4559c63220682316f6","sha1":"f89f3a24232285bebdcce8ad4f6054118f9efcdf","sha256":"aa0481c982a4a7aed4afde947b13a21a4829537bc16dbc05fffc4b28316146ff","sha512":"761a9a419060e548303d81e00eabc183eb976d9cd63a0983c44131d3c5b5efcd2a7d67ab933e1b520c042cec969569eded174c659046e051a6d271629ac70217","ssdeep":"1536:yKOt9i/mAI9UdV43Ip8Gek23f8IMlCseo7P4cKlzxxjQu1dr:J+/v4Cvb7K7AcSFQu7","tlshash":"7753f186b980f0bf36617816924927c5a78c34c2363e54f96b5d36130e3c37bc697d2a","first_seen":"2025-11-22T22:44:58.816538Z","last_seen":"2025-11-22T22:44:58.816538Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/10/2NE7yN45zo19o4LJr6JFxDWmh2b-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/2NE7yN45zo19o4LJr6JFxDWmh2b-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2485\r\nserver: cloudflare\r\nlast-modified: Wed, 22 Oct 2025 18:24:39 GMT\r\npriority: u=4,i=?0\r\netag: \"68f92167-9b5\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8DoEKoPXHEUkU7biXYhRKZUztEay7UbQes6T%2FyM%2Fiu4tj6rEOOBQH73aPzBsSGP0VwUFoDNYdCuOlLCnnKm0097DrJmT%2F7slajy36REn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bfc3a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2485,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"662c71b135a83ad98d5d17dfd1bed9d6","sha1":"4a37a07645b725ab7958003e939f49924d2514be","sha256":"36461d287a46fedd7585c38a2d0018c51ce0db926d8a333ab122cb0f4a698faf","sha512":"d9daa0064979bd338eb5b5a2bbd749e55ec95013d71367edc01bc836c35f04eba00adae8143aa9976889e8782b5189a30e444ed85699f0ec4264dcf5d88cc9d9","ssdeep":"","tlshash":"21513b62c2bd30aff1fdad7dad892b24c649be18b6149e051d71d5aca731fdf0412418","first_seen":"2025-11-22T22:44:58.817974Z","last_seen":"2025-11-22T22:44:58.817974Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 18 Nov 2025 23:52:35 GMT\r\nexpires: Wed, 18 Nov 2026 23:52:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nage: 341508\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-09T15:22:38.78062Z","times_seen":805665,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RTTYgcRRSu3gQP5iAmotdGPKhkN1Xd1d3VRhDXGF3MH0kkB_FQv5tyerraru7pzZxCAhI8LZ4UPPS-2WQxBtGLF1HCrAchIOx4cQ_Zi3dBBM8ym4XVd3jve_011PcVX32y0e6hGFq-e-m8G9ui4KeSJRy-fM2WynU-vHA1JHgJnw6v2TKlp8O1eatHr5GYLuFXwne0HLhTESYYE0zCs7bWxq2d2mfBVg9yspTjJRotkYTCWv3_3bcBeB6AGu2h42DV7Jk_zAdg5RTK4bdntB80rjr59rAteONqGKmt98tB6boShofQ1AGYcuvgb3B-htDnC-DKrQMH4Eabcwcg7AwtPP8YRLl1IBPE6O4TpaIAXYJQx6AbTUEX22D5FKS7DVbtIACp4MJFKIf3Lri64zeesHzOztDRf_4G283Q0cfPQTn8Zrmwa-EVV7SNdaWHNdODXZuCXZ1C1W5DMw7Adtsgm1tg1a8Iv3AMyuH9d93IDsKRrgdg1e5LIjcsJyxfFCkjizSK6CKLhVpUXCaxyVQWiXj_oqyZAvcL0PoAWhtAawJoqwCGajekmFFJeJyaXMkMU06p0gLnLMKY5zKDVs4drENTrYMs1kHWN6Gqb8LAfrZD9naS41C3D8Ff3_1epbmkWuCEa5llJGG5oVrkLGU6jTHNlEqlJIpERCmmUyNJElEuTBzzlBGipFFCRUZmlHFKszhXiiRYRViJSGOGSRZxFkmdkhgLznEyP4-nGVNZrhhVhsRUKKp1xDKTaapTrYhOMM1jllGdUaGUoZRyYgxhTEQRF5SDVwH4BsFI9dBpBJ1H0HEEnUXQNQi6UX9XFT7y_T1V-FaQgxkdzLifuGZ1g991zaouEfB6HWrVb9rqY38bZHNkMjZeTdy8cdH0Ey5Uv1HtoWfnyQi-XPkTBno3NBnHmKVM5jTPsZEpJZnKuJBCxIYlBrztwfoF4D6AsZ2h81d-gMrunGxB8G3wxTZIGwBvQ-DdJI4w8OuQYBiX940thtyVS2IMyvVQNUehuRFsFHvoxOTy1eWH-wn98PdboOUjdFAg6x6quoeP7M8IVos7k8uuQ5uXXefRdxerxg7tmM_Te6XhjX7q_nv6RudqtXLGr3_1ppwTc_jgqvbNOV4qW6569PWyVUrXZ10tNfpxxV_T4lLrry-3ddlW5y69dXZlWNXae-vKKXA7Q0__9SlIO0Mnfvpi_2UmrwLI6ib46lCndwhEhaCwCAp9-J2LHvx_dnGIN_wdWK0D4M1tKIc9jOoeRkUPvFgH3x6ZNFX96I3f4v0CUQQTUdRoUxT1nLe7oYl1JDFmWUpiZjSJqZImYTRXKcdxrKHxM_vi67_8GwAA__89siOQNwUAAA==","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTTYgcRRSu3gQP5iAmotdGPKhkN1Xd1d3VRhDXGF3MH0kkB_FQv5tyerraru7pzZxCAhI8LZ4UPPS-2WQxBtGLF1HCrAchIOx4cQ_Zi3dBBM8ym4XVd3jve_011PcVX32y0e6hGFq-e-m8G9ui4KeSJRy-fM2WynU-vHA1JHgJnw6v2TKlp8O1eatHr5GYLuFXwne0HLhTESYYE0zCs7bWxq2d2mfBVg9yspTjJRotkYTCWv3_3bcBeB6AGu2h42DV7Jk_zAdg5RTK4bdntB80rjr59rAteONqGKmt98tB6boShofQ1AGYcuvgb3B-htDnC-DKrQMH4Eabcwcg7AwtPP8YRLl1IBPE6O4TpaIAXYJQx6AbTUEX22D5FKS7DVbtIACp4MJFKIf3Lri64zeesHzOztDRf_4G283Q0cfPQTn8Zrmwa-EVV7SNdaWHNdODXZuCXZ1C1W5DMw7Adtsgm1tg1a8Iv3AMyuH9d93IDsKRrgdg1e5LIjcsJyxfFCkjizSK6CKLhVpUXCaxyVQWiXj_oqyZAvcL0PoAWhtAawJoqwCGajekmFFJeJyaXMkMU06p0gLnLMKY5zKDVs4drENTrYMs1kHWN6Gqb8LAfrZD9naS41C3D8Ff3_1epbmkWuCEa5llJGG5oVrkLGU6jTHNlEqlJIpERCmmUyNJElEuTBzzlBGipFFCRUZmlHFKszhXiiRYRViJSGOGSRZxFkmdkhgLznEyP4-nGVNZrhhVhsRUKKp1xDKTaapTrYhOMM1jllGdUaGUoZRyYgxhTEQRF5SDVwH4BsFI9dBpBJ1H0HEEnUXQNQi6UX9XFT7y_T1V-FaQgxkdzLifuGZ1g991zaouEfB6HWrVb9rqY38bZHNkMjZeTdy8cdH0Ey5Uv1HtoWfnyQi-XPkTBno3NBnHmKVM5jTPsZEpJZnKuJBCxIYlBrztwfoF4D6AsZ2h81d-gMrunGxB8G3wxTZIGwBvQ-DdJI4w8OuQYBiX940thtyVS2IMyvVQNUehuRFsFHvoxOTy1eWH-wn98PdboOUjdFAg6x6quoeP7M8IVos7k8uuQ5uXXefRdxerxg7tmM_Te6XhjX7q_nv6RudqtXLGr3_1ppwTc_jgqvbNOV4qW6569PWyVUrXZ10tNfpxxV_T4lLrry-3ddlW5y69dXZlWNXae-vKKXA7Q0__9SlIO0Mnfvpi_2UmrwLI6ib46lCndwhEhaCwCAp9-J2LHvx_dnGIN_wdWK0D4M1tKIc9jOoeRkUPvFgH3x6ZNFX96I3f4v0CUQQTUdRoUxT1nLe7oYl1JDFmWUpiZjSJqZImYTRXKcdxrKHxM_vi67_8GwAA__89siOQNwUAAA== HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzAxOTc1OCwiayI6ImY3YTAwODY4Yzk0OTkwZmM2NDE3ZDdhYmNiYjNmODVmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MDY3NzA3LCJwaWQiOjExMzgxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InBybnN5NzJ5ajQiLCJjcGtzIjp7IjI4IjoiMmM5MzBjOGU4MzBlNWYxY2U3OTMyYjVhZDA4MmU4NzMiLCIyOSI6IjA0MTg3NTNhYzk1Y2E0MmYxZDVmZTZiMmI2ODllMWZlIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuZmlsbWFvbi5iei8iLCJhciI6W119fQ.GGShGirQHo36h5EZ6F5ndaunKpPAT9-t6DYEUQroQTs; uid_id2=b9f89189-b681-4224-83bd-dac53f7d72b3:2:1; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; u_pl27019758=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b2e2324515078e8ba0e8d22fbaa33d96\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/zIeZFzCXfa205gAxnJoBQYee4Fa-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/zIeZFzCXfa205gAxnJoBQYee4Fa-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9161\r\nserver: cloudflare\r\nlast-modified: Sat, 08 Nov 2025 20:03:30 GMT\r\npriority: u=4,i=?0\r\netag: \"690fa212-23c9\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3A6d3ctP%2Bdrn1TtrXnpY82fJ2joKEhfM%2BVhi31HYriHrm4HGR0WtmN2bkjYjggNm34uyprlbrQyApJ4MG75OU%2FHxTp4MXzRMlKdB%2Bgt%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38aaf795fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9161,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"e3ec1500500cf40e627a950c7978c690","sha1":"4e31144abf1de707466d7611cda506b4defe4c53","sha256":"66404c9891552308e41d040b116af2b141e2f024dded57ca7f1a303f54f5275e","sha512":"5406e4e480b29f1a1fb8646e878b6522cbeafbd01e8d828ce32b896d193adf2582f41220ea8148b2d9c0df5dc4c371f5ccf2c0ea023cb45db4fdaba3dd0dfbe6","ssdeep":"192:Mv6r4nQR39Qpk2oGYIqa0hrNizgyob1lajGb+qEyYcEcfLU62Gbcjs:M6rg6NL2oBIy5NJd3aj+WyXL0Gbz","tlshash":"e612ad03c6678e4da8527e3d0471634a5fd0f5d2d181daf786fece8146015eb42da09f","first_seen":"2025-11-22T22:44:58.819264Z","last_seen":"2025-12-02T14:43:18.434703Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f7a00868c94990fc6417d7abcbb3f85f/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f7a00868c94990fc6417d7abcbb3f85f/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18620\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 25288fc9a89fd0319a4e61aab5fef261\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46623,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46623), with no line terminators","md5":"10e12f9d7312bbb26e4cd529d773f995","sha1":"efb2f885dd5d046fa2d4a0227f87298cdaeb0f8a","sha256":"21ce0b3d73d216d5d8ccc54c850d6e57585b60935eecf38152d32d42765ed22f","sha512":"1fa43c14d4ef19d8663304dd46085764d69130d33bf168d450bd80cc2c2152b3e79b393908355a34d72903c3b6d9cbedce7c291927272a0082d0ba942f4efac3","ssdeep":"768:+t9VtXvZi5DpYscQ7V1FQeUMa1Y/D56JCO+Vgt:c9VtXvZYD6s/7V1Kela1Y/oJCO2gt","tlshash":"c323e88a3f91f09d83da317732af600bf85e5c96618cd044e543b4b4efba36ae536614","first_seen":"2025-11-22T22:44:58.820673Z","last_seen":"2025-11-22T22:44:58.820673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":800,"timings":{"blocked":299,"dns":32,"connect":91,"send":0,"wait":95,"receive":91,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/uis9PJkI6WHRczCumsfPFaaUAxm-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/uis9PJkI6WHRczCumsfPFaaUAxm-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2920\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Aug 2025 15:28:33 GMT\r\npriority: u=4,i=?0\r\netag: \"68a49821-b68\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jlgjniNnLAZoxj4dtS6jIaF1l3MXWqzWtVfQHuGZ%2FVT1%2FWic4TllrIq30K8u7SlAy%2Fa4xJ6C7horDYxD4TsBVB6UNdc98CNJ%2FsZyG7uR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bfc3f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2920,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"3b9bcd4b7c76ca2bbc2936a53cd36262","sha1":"3b07c7c3e197c9fd4a3511a3205ff273f1a8b3aa","sha256":"8c4c17ef47a2c29267036fa7caee265de60c25e93f104bdee28d50cf76b669af","sha512":"a2c6272d68a52a0c847e06243816e53e958b53b5b0e9ba506de560f2993b7635b34cff68f6536560bdb2e5159db3b80edfc71251102c0ab52b6c7b4e99ae34c1","ssdeep":"","tlshash":"18513a29c030cefaeca90d3cadf60a0cf2358bc15a9bab92c571d845ee449e5dcc18c5","first_seen":"2025-11-22T22:44:58.822074Z","last_seen":"2025-11-22T22:44:58.822074Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2024/11/wmrk6mLWDjz3jb210y3QisXUAcr-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2024/11/wmrk6mLWDjz3jb210y3QisXUAcr-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6383\r\nserver: cloudflare\r\nlast-modified: Sun, 27 Apr 2025 06:01:18 GMT\r\npriority: u=4,i=?0\r\netag: \"680dc82e-18ef\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uQmofoXgYQGU2Vsupvf6T0HEjzhn6UpQJhEIK9eiR6Iv8yoHxLRgBuf%2FLPCHGLcqJZ9gQXk8w2AzzFeqz7yFMmgxDVYT0RuS6pU7szjD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bfc435fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6383,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 90x135, components 3","md5":"92ed86c312e279f838784f763c99fe1d","sha1":"874c06675b9ed4ea8d6b6a411bd01188ee69956e","sha256":"6f9b999d1760618de798283451e8f171aeeaada0c16d1adbf6ecda42d7541493","sha512":"980aee33e6921ee225c3c06555f2b4c34abcced02882f57acf002507611b7f2eb09d29aa174699d4e70e21d5a1ad13e85cc49ca088536a89d823bb54236eabbc","ssdeep":"192:/u15yAI/cnFKfGj0uP+5lRbJpjP0tOz1/Cn:G1LIEFK+ouP+5lRbJpjPq41qn","tlshash":"5ad18e1eab0084da4e868d77565a6233e398d39034f637d07771d2fec9e09de40a5680","first_seen":"2025-11-22T22:44:58.823466Z","last_seen":"2025-12-02T14:43:18.478347Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/8VP9hEftDd9VhfrtIvfRIVf3gPP-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/8VP9hEftDd9VhfrtIvfRIVf3gPP-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8878\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:34 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca16-22ae\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yOqqf0ydOnBNu5yEI2JbXujPQSJ6A38I%2BfZhCHJwKXreD3G3y13iw5Ye9bzGeLQRIctQAy1s%2FCWej9tCrSCzAgl8cUvJpmZgGEY4lVPv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38d69b05fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8878,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"cbece9edf9174785fc51e24a9d635450","sha1":"234a0f0d668a03475114a3342e62a554b68d02fc","sha256":"ce4e7f30801a9cc3a450afc5bdb6d6e2ea2d54f3c7de334169ecfc4c7d317f0f","sha512":"5558043abd2860fb3bae39c03083be7a6242e51ff640776ed6edca1a9211aad7ccdb8883897a84135ff6e2d956e6ebd605461e7d7af3b30436cf6c6ab086aace","ssdeep":"192:MhaJzXPJKuXp9dRnz8PZuXeLY4HQAFkZMgwfzGcGGcHv:jJDPkadRS/HNKMlzXGGcHv","tlshash":"a3029e96a782961ca88d5c7796c336184b538c8aca2b8fc60937c9e029ec5cb406d17e","first_seen":"2025-11-22T22:44:58.824779Z","last_seen":"2025-12-02T14:43:18.462928Z","times_seen":2,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/qtkhoe2a/5wvf1.css","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/cache/wpfc-minified/qtkhoe2a/5wvf1.css HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 16 Nov 2025 19:39:59 GMT\r\npriority: u=2,i=?0\r\netag: \"691a288f-1c572\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TrmUI%2BYsefpH%2B5M%2B9v9XpDdTWs0QZAKzzgV5Hi3lQvuWb4rvFzPBFxJYzSIWnfbC80Gahq2oZskj5UNo5F5Uck3QSntWY3O9zyeNyDE8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3768fe05fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":116082,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65518)","md5":"fdda566ddb36075d507f7635606714c8","sha1":"88b25e2659526f8768292c1e20a699e23a036689","sha256":"a726fb423479e46a29917aa678893005ff2669400b96d44ec0ffbe0339df038f","sha512":"93967e6368f226a4760647c493964eaf7cc9fce1db9fe1ce9a0d28b975c74bd9e9b3d01c1c4805f4234bf733bcfcea3075c2a1ca89af6f263e05f1f8ad9c9ec5","ssdeep":"3072:meeJu1GQg5MgJx+qehvP0x2pck2qkA3Pu:B1GQg5MgJx+qehvP0x2pck2lA2","tlshash":"5fb3621417b4dcf935ffa73a5e4ee258a503aa41c68a57ebe066d190618ca490cf3f0f","first_seen":"2025-07-21T04:44:04.517971Z","last_seen":"2026-05-09T06:27:28.721482Z","times_seen":1006,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/cache/wpfc-minified/8k8xzldk/5wvf1.js","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/cache/wpfc-minified/8k8xzldk/5wvf1.js HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Sun, 16 Nov 2025 19:39:59 GMT\r\npriority: u=2,i=?0\r\netag: \"691a288f-2e5dc\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yW53CBBm%2BmggliuCePYGwFanL4uzMPFXaOCchDt4vhktnPEFUd7X8A5tE%2FrhPOym5W8lnks4EYsIm%2BqyeOf8ALd3Av2QYvBroHrUlEOS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3768fe55fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189916,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65363)","md5":"a286ebf0be67fbf3eb36b592dc593734","sha1":"de15cf5fb284b44a10d5d7e59628865319e89e51","sha256":"bdfc8b9229a4d6d0fa83a804541ce9672bf02c22ac10c4fc4d4c1cf19615af4e","sha512":"71652b6365e55f8e9a26243269f58bd002a0d2c535fa66dae9acb2d0ece49699a4a3af07f72c6d4aee04de6a628d4608fe9b2836582deb390266567745755d9f","ssdeep":"3072:mHNwcv9VBQpLl88SMBQ47GK2rPU+ESXc7d9hGJtT03O6t+NQYMAC:mHWK9VC78UBQ47GK2rPU+DXc7d2JtT0/","tlshash":"170428de3255706347eb32b9402f110fb2365999a80e8414b1add8e9bdbd98e4237f3d","first_seen":"2025-11-22T22:44:58.826808Z","last_seen":"2025-12-02T14:43:18.480601Z","times_seen":2,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/gsi/client","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /gsi/client HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nexpires: Sat, 22 Nov 2025 22:44:22 GMT\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncache-control: private, max-age=1800\r\ncontent-security-policy: script-src 'nonce-CBfnXeqytb83TXtODRTQVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_dd7de8473bddc59c6b748810a67a39b1\"\r\nreport-to: {\"group\":\"coop_dd7de8473bddc59c6b748810a67a39b1\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":241734,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2265)","md5":"b1fab577d4e8e0fe8d16d153f9d11cf7","sha1":"7de679f9d028808108b80dc9f24c50b48764f0e4","sha256":"87efe3e9d731ce55fb868a75f06c9b684ea4eab877fb050c0260f880e945f4bc","sha512":"768a5a2f7be1bc02233a17a2dbd7a4655d75d8d66e7609c94d306330181e79a0cde653009a93d5b81aba25c7a4472e5eed39e29c4b8ba26bc1907c0e9c8ef880","ssdeep":"6144:5Ki68mx15sh1LS8t/CJCU/dnwq3pftas/pmLnBLQ:5Fh9l/CJCANLZftas/p0BQ","tlshash":"ef344bdcb6e270365613f8b5c43f410ab076a678f0498cacf695c6f5acb09890167f7a","first_seen":"2025-11-18T21:34:57.56713Z","last_seen":"2025-12-10T22:23:35.514079Z","times_seen":3828,"resource_available":true,"data":null}},"time_used":468,"timings":{"blocked":207,"dns":0,"connect":32,"send":0,"wait":36,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.adsco.re/#0.41379718932479503","fqdn":"c.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.42.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: c.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:24 GMT\r\ncontent-type: text/html\r\ncontent-encoding: br\r\ncache-control: public, max-age=2678400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\npermissions-policy: ch-ua=(self \"https://adsco.re\"),ch-ua-mobile=(self \"https://adsco.re\"),ch-ua-full-version=(self \"https://adsco.re\"),ch-ua-platform=(self \"https://adsco.re\"),ch-ua-platform-version=(self \"https://adsco.re\"),ch-ua-arch=(self \"https://adsco.re\"),ch-ua-model=(self \"https://adsco.re\"),ch-device-memory=(self \"https://adsco.re\"),ch-downlink=(self \"https://adsco.re\"),ch-ect=(self \"https://adsco.re\"),ch-rtt=(self \"https://adsco.re\"),ch-width=(self \"https://adsco.re\"),ch-viewport-width=(self \"https://adsco.re\"),ch-dpr=(self \"https://adsco.re\")\r\ntiming-allow-origin: *\r\nlink: \u003c//adsco.re/\u003e;crossorigin;rel=preconnect,\u003chttps://6.adsco.re/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://4.adsco.re/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://6.adsco.re:2087/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://4.adsco.re:2087/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://0.l.adsco.re/\u003e;rel=preconnect,\u003chttps://0.s.adsco.re/\u003e;rel=preconnect,\u003chttps://0.n.adsco.re/\u003e;rel=preconnect\r\nexpires: Tue, 23 Dec 2025 22:44:24 GMT\r\netag: W/\"0C/aGf2vjU1vt3782UjGTw==\"\r\nvary: accept-encoding\r\nage: 4132\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9a2bf386cc880b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70291,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (797)","md5":"d02fda19fdaf8d4d6fb77efcd948c64f","sha1":"a171c17c13dc66bdce8bdf61d90efe241df2dd0c","sha256":"3ea799f6e10ba6105ba8f292b670a5051eb2219d2e8ea584d1b19fd85fb51296","sha512":"4346eaf8bfa01a08cb4b05b9ef6792ce709fee314ece814abd83a69fc6352a0bfe1402c9e3f1ef99dabda0e1f1fa10f9f29021ed396d7b2e8fc56bba733d0590","ssdeep":"768:da/KJnPxjXnY6PnHAj4d14StkKDBAPBzSz9jsedR3mrkQqNolr668AYv:cSVxjXnfbtkySNSz9jtR3mrkQqNoJUv","tlshash":"76632ab97672303842b119f95a3f9311b1b95ae02c4690f193bd85503d34e9b933ffaa","first_seen":"2025-11-19T00:46:58.080234Z","last_seen":"2025-11-24T19:33:13.455737Z","times_seen":398,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=b9f89189-b681-4224-83bd-dac53f7d72b3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=2c930c8e830e5f1ce7932b5ad082e873\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=22","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=b9f89189-b681-4224-83bd-dac53f7d72b3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=2c930c8e830e5f1ce7932b5ad082e873\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=22 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:25 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 0\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8ece6158f95af44d7ddfdfba0fbe633b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":664,"timings":{"blocked":277,"dns":0,"connect":93,"send":0,"wait":99,"receive":1,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20408\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 18 Nov 2025 23:53:39 GMT\r\nexpires: Wed, 18 Nov 2026 23:53:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 19:00:14 GMT\r\ncontent-type: font/woff2\r\nage: 341443\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20408,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20408, version 1.0","md5":"e8730678d4610fa908d3cba1ef0b4ddf","sha1":"1efcbee909ce74bf04878d74867f12a1e41ae7a4","sha256":"e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461","sha512":"d7c3f81ad11ac5b3e6f454fbbb9be0940b3e8da93cde0b80f9a91a8259966be466b4d6a0fd5527fcc6c8f218aad8ffd0124bb29dfa08f6ca658ce49fe9e37e6c","ssdeep":"384:D+h1xN53scre+kLtT5+wpcR98ffVvdSMyNaHAUvLFNPBtn2aotFn9mTCAKDi055c:Ss/XRT5+wpM98ffxd6uZZRXnemWDj5WL","tlshash":"fa92d1cdfc0e5797a8e14ee93c0a7a4dd76f438af366a94b25e66122e67a55c040320c","first_seen":"2025-01-09T02:30:28.977279Z","last_seen":"2026-05-09T15:13:16.694534Z","times_seen":57520,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":159,"dns":0,"connect":30,"send":0,"wait":15,"receive":3,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/lFOkcoEzVX2VAu0OaDn94seP2gd-185x278.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/lFOkcoEzVX2VAu0OaDn94seP2gd-185x278.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12133\r\nserver: cloudflare\r\nlast-modified: Wed, 19 Nov 2025 20:15:06 GMT\r\npriority: u=4,i=?0\r\netag: \"691e254a-2f65\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TY82hUeVCumX9pUF%2BGHPhjM3bY4EEqXurmvzGT3LikxUbMWzvxaDGFvV2tensXehz6BTLm8LtOwhGXlpwQPZpN5ZFagkzBe8HNFuYHYn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37ced225fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12133,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3","md5":"0d8789a9fe069f1ab781f130a7962736","sha1":"fe71fbc29079f071546f678799b7c075a6787d99","sha256":"a204250e07e6c9e1b20b4650bed6b01db40d8a244a6f7485c018cbad39afd968","sha512":"fab1be83235a66ac902a4eb52ba1ee77a413750e8ffa8b73b0b8192ba5982b823e329c4fcfef4a716eedf998cdb7812ee19b191b6204ed6e1a81adfe97320524","ssdeep":"192:MQnRaiAI/u04BPEIbsdJN5v+J7GdDKycCSwOJ78QZfBVrdYNWCLj/lKbEr3:QiAIhnIQzNkJ7yvxQ7Y8CLDlKYr3","tlshash":"7b42bede575ab864ee902e304e92f33d4e75f849d8145390e9b0f809a235cd6c2908fb","first_seen":"2025-11-22T22:44:58.839503Z","last_seen":"2025-11-22T22:44:58.839503Z","times_seen":1,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/11/vgUwrxlOznP7XwmSIIygRRcnGI6-300x170.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:25.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/vgUwrxlOznP7XwmSIIygRRcnGI6-300x170.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b9f89189-b681-4224-83bd-dac53f7d72b3%3A2%3A1; cf_clearance=cABr6D5R3C_inQ30nCqVA8OCP8JDKwe198ZNpS7Gbrg-1763851464-1.2.1.1-fa341p13hI1Gtexm1Ll876.ilcUMTgzKcfMiCtib.u_DAuFpNNUAFaeXkvFbV5FGJZChBgnjdZMgn_zwkzuFpTFVyvfTXwJU7u7L4R5Ffw9iUdV31VDhFosuZjnTm5985ZGDGk19SN9U5NPM0d_TOzEysWcSUEZGUtT1gm9RE.CLKDNO27S4TMxUo93ZnZ5Ik_Z_Eva8Nrxc1iaxxqR.pSSAKm6orCT1pezCggxagkE; sb_main_0418753ac95ca42f1d5fe6b2b689e1fe=1; sb_count_0418753ac95ca42f1d5fe6b2b689e1fe=1; pp_main_2c930c8e830e5f1ce7932b5ad082e873=1; pp_idelay_2c930c8e830e5f1ce7932b5ad082e873=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=wayfarerorthodox.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8952\r\nserver: cloudflare\r\nlast-modified: Wed, 12 Nov 2025 17:55:32 GMT\r\npriority: u=4,i=?0\r\netag: \"6914ca14-22f8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vU5FLVaZ2B%2BjIeLuTFz%2BaFrRKGXEI3XfemkJZfKqp8JUMjqtuK89DO0hG4KEKsICrHXmxVzF%2BtF%2FWOJ3uH7sd6o6K4Ejt9Old8XRBxot\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf38d79c15fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8952,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x170, components 3","md5":"86837b0b8a354af194d0b060505a7d8a","sha1":"0d1fb17e2380f929a1ffe781a335723b7f90d92e","sha256":"7873a26ef9880a0674d73b47e8e2e0ed410268d451163e5d91912b2dd888856e","sha512":"01f3ade42885002d2fdc079a7b087b07800e2aba15968bf2d13ee784efbeb0944a83171c07b4b97a6cd641aacb7870b291b0836853f909ab5a46b8931d9d61c1","ssdeep":"192:M/9CQGB7X0L7inmFT3K8EqOiNts243gltI2dlh+ceeb5/bC9n:uEQKXUFT3KjqOiNts/UJlh+Zeb5/W9n","tlshash":"8f029f56328a72bddd5e7d7d0180582e9f2da50a87931eedee38cfb712640c1665005f","first_seen":"2025-11-22T22:44:58.843904Z","last_seen":"2025-12-02T14:43:18.496167Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":73,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.filmaon.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 19 Nov 2025 00:01:07 GMT\r\nexpires: Thu, 19 Nov 2026 00:01:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 340999\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-05-09T15:24:02.543541Z","times_seen":246436,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2023/01/uKvVjHNqB5VmOrdxqAt2F7J78ED-1-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2023/01/uKvVjHNqB5VmOrdxqAt2F7J78ED-1-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3927\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Jun 2025 13:53:30 GMT\r\npriority: u=4,i=?0\r\netag: \"6851735a-f57\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mtNIPtDDIlxz9QSpm8IK5v3WT%2FiwvoFHfMe9BlSN8guLiC4L%2BMqu2g6mIisYkL6ApwK8b6XAbN1EC7jVTweQKNd5u0UMQ7cJ6kDmp42d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bdc0d5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3927,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 90x135, components 3","md5":"d6f745df747f685e3e67dd18207e819a","sha1":"bc9e5ff4d691f9c2aec6d9956830f831a7d59c39","sha256":"ab79edb8a9292dac303fe650d83e3a7d8db2eacd6bfa68e9fe93a4225e18ac08","sha512":"492296e592c1c054c935e54ac8c2320aeed27c4bb64edf1db7bf300cfb348ee2a53fb743c19e63dfdf2742f75ce3314b860ea1ea02b736e8ba4ecf425c3b5e8e","ssdeep":"","tlshash":"bb814b63495bd0abe692cf325bd10e05b98439422d09b3473cf9fed491266c6cfa71e4","first_seen":"2025-11-22T22:44:58.846005Z","last_seen":"2026-03-15T14:54:59.773078Z","times_seen":4,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/09/rLv3mXh8TA4ipvLZjG1xrMB8Sm5-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/rLv3mXh8TA4ipvLZjG1xrMB8Sm5-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4528\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 20:44:48 GMT\r\npriority: u=4,i=?0\r\netag: \"68d45840-11b0\"\r\naccept-ranges: bytes\r\nage: 6483\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bWxnOXozYRyJO7k1Y9O%2FHOzvz1zUiuOsJFaSnopxgYEY5N2uBWYL92ZKuVPnu8IiIU845JpA%2F7P0e0OF6OnluWWq12xevBftPAmSTfB1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bec2d5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4528,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"6c6de093adcc0f1b848869080ee456c2","sha1":"3e354c5989a76454120953ee735db5949f9ebe6b","sha256":"c7d4ed132eba692405aa28c2885509ed4936a9d3fd53726a3c08f83be9a2fec5","sha512":"9b04aa98fe714c926830dd35889359451f980a7ce8bf405f8dd5bb527347e69cd3c379854417ebc1f2875d55371fac89b3b7661ece3f5d802f1b935d1aef0657","ssdeep":"96:Mhkf8BHH6k/OAazfs2XHRewKynz0gB4Jx0iKZFraLfwEjVgNU+7215:MG8B6mOrp3snRgBKiiKZFeLrYb72","tlshash":"16916d080b00ba46d27d4d380d5b0adf59dc556c60d5cdb07f7ae5ad52ad7ef08ba005","first_seen":"2025-11-22T22:44:58.847837Z","last_seen":"2025-11-22T22:44:58.847837Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:24.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:14:37 GMT","end":"Wed, 28 Jan 2026 01:14:36 GMT"},"fingerprint":{"sha1":"5A:67:AA:88:D5:BE:C4:00:42:86:CC:4E:FC:E7:73:FE:CB:85:71:60","sha256":"F5:6C:A4:39:AC:04:F6:11:7E:DB:94:93:4C:93:FC:EC:A2:B4:4E:A4:FE:19:8E:22:C0:D8:D4:84:67:37:70:C0"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 22 Nov 2025 22:44:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 480460b6fc6c5001b69d08e6d21e748e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":61,"dns":1,"connect":17,"send":0,"wait":20,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.22.3","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.22.3 HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 18:32:54 GMT\r\npriority: u=3,i=?0\r\netag: \"691f5ed6-5772\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0CsryvR0SfL9yKTMeSNjf%2Ff13JnKJLT9qvFo3%2BqEmA9L3rMcgvIg6yAQM%2FUI9YmEgxczRpdYQJa%2Ff9NHNSckm%2FGdaoea6caP37zFpKo0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf3769ff95fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22338)","md5":"93b3720e7695d8028cb86f0e618ada73","sha1":"f450880dd098d857d9dfa38430ba2fa7ede6551f","sha256":"d82122f0fe9f7a7190f929e05b2f026e20cc5df64bd294204795afe72f02929a","sha512":"23e340152f6c7c472044a0a2ebff34e5e9392c255187ac50d7e70a2e07399f4ed13f0b8f46fa60a8e6129d068e076271042b650d267c7a84bb63a69c83f88935","ssdeep":"384:1nzmcCFxbUyeggTRuliyLdAkLWNpyvI3e+ZTtztLyFYZ4PW8gVIBnBCpFu95fq32:1nzmcCDbUy2TQliyBWNpyvI3e+ZpoFKM","tlshash":"c0a2e8ae7296f47aa99770b5442f200af23635261899c494e536d4d0ae3cd8e6223f7c","first_seen":"2025-10-02T08:50:18.110224Z","last_seen":"2026-05-09T15:44:38.745658Z","times_seen":2918,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/gsi/style","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:22.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /gsi/style HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nexpires: Sat, 22 Nov 2025 22:44:22 GMT\r\ndate: Sat, 22 Nov 2025 22:44:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_dd7de8473bddc59c6b748810a67a39b1\"\r\nreport-to: {\"group\":\"coop_dd7de8473bddc59c6b748810a67a39b1\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1\"}]}\r\ncontent-security-policy: script-src 'nonce-fL1kr_Roy80JMbvdn-tfaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":696,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (696), with no line terminators","md5":"ee570cebd6ae40b9567844b080aee1e9","sha1":"2b7b0ffcfe8aca40ced147fb7ce107010392d6b9","sha256":"d49e8f04be7ccbb69e87ae474ee50f6903b780451989e66d35ffc247a80510fe","sha512":"836c832111c285f7cb692c4eb62e2bca615017b6ab4af6920674f17df0ae1da040f7171208d5d312c3c43ed8ed7e49b653e7fce0948f24076d0548f7c8e8f25a","ssdeep":"","tlshash":"430197321aa2602eecb3ab3bf04a9d8c023aa117eeb705ccb59cca15c38d95874a5041","first_seen":"2025-10-22T21:08:41.081019Z","last_seen":"2026-05-09T15:22:52.324949Z","times_seen":62723,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.filmaon.bz/wp-content/uploads/2025/08/293Mo4GWf7Tl0TfAr5NFghqeMy7-90x135.jpg","fqdn":"www.filmaon.bz","domain":"filmaon.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:23.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filmaon.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 11:27:01 GMT","end":"Fri, 23 Jan 2026 12:24:44 GMT"},"fingerprint":{"sha1":"69:E3:30:B4:25:48:EF:8A:DE:2E:C6:1B:EA:0E:A6:5E:47:F1:D7:57","sha256":"C6:BF:EF:A8:85:A6:75:2F:AF:87:AF:C5:4E:2E:D3:34:2F:B4:1D:2C:E5:30:34:37:E7:EA:76:2C:38:24:AC:8C"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/293Mo4GWf7Tl0TfAr5NFghqeMy7-90x135.jpg HTTP/1.1\r\nHost: www.filmaon.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nCookie: _ga_1MVCJVBLRJ=GS2.1.s1763851462$o1$g0$t1763851462$j60$l0$h0; _ga=GA1.1.115630710.1763851463; g_state={\"i_l\":0,\"i_ll\":1763851462780,\"i_b\":\"eaOJdRuzSZW0ux3tL9d2sd+3FyFkD10QKfauhdcpkIQ\"}\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:23 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4781\r\nserver: cloudflare\r\nlast-modified: Wed, 13 Aug 2025 16:41:54 GMT\r\npriority: u=4,i=?0\r\netag: \"689cc052-12ad\"\r\naccept-ranges: bytes\r\nage: 6483\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NC9LD0DWY%2FdmKHIcioUFjnr1aM7aq1yzDXLdBED3BcQhrZ5iahD2M2hGXEgmslSn47GN14W7U5Tb4xF1Phrm4TM1cZXeS7MJt0RZ3qNE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a2bf37bec295fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4781,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x135, components 3","md5":"cd8bf56a8ffec0072ed4714e22b6630e","sha1":"ba71402a9fec797f36daa6c664e42b2df0e22812","sha256":"cb58ede1cca9957fff93308bf618c46cf0d0270262333cd4d7aa908430de0e06","sha512":"baad1c19f471589c78e3b194ead83e5007ee8651237658849fe0423314e34a2102fb3decfc098326feb01c45eeefc0572dada70e1d6e3402e511648412562cd8","ssdeep":"96:MbHSsJjrK4V0+s9Jb7SdpDGfsOal6oLa8o+d6CxhukzSFJQTRDBvEZqjOT:MbHVJjW4V059JvSUs2t83pwFJQ7KT","tlshash":"4ca17e70092f4b5fe1910e300e749a0d66c356180c399f65f6f5eaa3bd540c12e72d68","first_seen":"2025-11-22T22:44:58.850915Z","last_seen":"2025-12-02T14:43:18.490639Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"www.filmaon.bz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/software/multi/mac/firefox/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:26.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/software/multi/mac/firefox/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:25 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:25:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bjafo2RwgMGYmrIOxGiZeQbLTfcrmVKPHM41FmOZngjVh3d7P6aTt73DZjI57qOwqL%2BsKIteexRdMZ9WafQq36iLOQIfGe5sXdmwkqtL\"}]}\r\nage: 289967\r\ncf-cache-status: HIT\r\netag: W/\"65aa8673-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9a2bf38e59c156ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-05-09T15:58:40.906661Z","times_seen":11285,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"image.tmdb.org/t/p/w780/xBSwwkAYl9h8QVG2OxNpSaSgJwr.jpg","fqdn":"image.tmdb.org","domain":"tmdb.org","tld":"org"},"ip":{"addr":"138.199.36.7","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.filmaon.bz/","date":"2025-11-22T22:44:31.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"image.tmdb.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 21:10:31 GMT","end":"Wed, 04 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"5C:BC:20:23:33:72:2A:FC:81:EB:17:6E:6A:E5:B8:E2:1C:60:E3:8A","sha256":"53:7B:0A:96:A8:AB:74:33:87:09:1D:5F:12:77:CB:57:A1:72:2B:69:DD:2F:9E:AB:49:79:C9:5E:DC:CD:F3:54"}}},"request":{"raw":"GET /t/p/w780/xBSwwkAYl9h8QVG2OxNpSaSgJwr.jpg HTTP/1.1\r\nHost: image.tmdb.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.filmaon.bz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 22:44:31 GMT\r\ncontent-type: image/webp\r\ncontent-length: 63490\r\nserver: BunnyCDN-DE1-1047\r\ncdn-pullzone: 775336\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\netag: \"67f915ac-f802\"\r\nlast-modified: Fri, 11 Apr 2025 13:14:20 GMT\r\ncdn-storageserver: NY-833\r\ncdn-requestpullsuccess: True\r\ncdn-fileserver: 917\r\nperma-cache: HIT\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 08/01/2025 15:53:58\r\ncdn-edgestorageid: 1077\r\ncdn-requestid: ddcec3c86c327ed9167914f608ae107b\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":63490,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"79288d44912d2f6ded74be7de242b2e8","sha1":"091137d55578edc098491cd64c5022f93729c252","sha256":"01413a04ae7a19fa1bbc5f61faffadd27a0766ca2fd1317dd2b021f940a42677","sha512":"f7980ec07046fa9609385efb8487c958da4b0b5381de3d6b5d635fd2e9a2e9638076a6348ea12c609cf15f1eb64a263bb03f01b3f69c95f066b6377d62e87c20","ssdeep":"1536:l18whMBO7BDQjlZt1xQ8v0O1oQgJBukLvsr:lVYO7JQj7tfcBukA","tlshash":"3b53129129fb10077ff05dd8dc9c42a60bc9b96ce93c772486d964e8fdb419e6138039","first_seen":"2025-11-22T22:44:58.853953Z","last_seen":"2025-11-22T22:44:58.853953Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}