{"report_id":"230836f4-3ef3-490f-a044-faffdc0a10ea","version":6,"status":"done","tags":[],"date":"2025-10-13T20:30:27Z","url":{"schema":"http","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"172.67.181.8","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"title":"Redirecting to https://njav.tv/en MissAv, 123AV - 123AV"},"submit":{"url":{"schema":"http","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"172.67.181.8","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-17T20:30:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":20}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-12T22:15:22.841346Z","alert_count":0,"request_count":3,"received_data":291280,"sent_data":1549,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-12T22:34:05.876953Z","alert_count":0,"request_count":2,"received_data":832,"sent_data":874,"comment":"","tags":null,"fingerprints":null},{"fqdn":"njav.tv","ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-04-30","domain_rank":62380,"first_seen":"2022-05-01T04:37:37Z","last_seen":"2025-10-11T16:25:50.040202Z","alert_count":7,"request_count":7,"received_data":557671,"sent_data":3524,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"region1.google-analytics.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-07-18","domain_rank":19689,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-10-09T03:46:15.24522Z","alert_count":0,"request_count":2,"received_data":1662,"sent_data":2000,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-13T03:57:20.808603Z","alert_count":1,"request_count":1,"received_data":3458,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-10-12T22:55:24.916727Z","alert_count":12,"request_count":4,"received_data":2116,"sent_data":2321,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-12T22:12:25.402635Z","alert_count":0,"request_count":4,"received_data":137864,"sent_data":2116,"comment":"","tags":null,"fingerprints":null},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-08T11:21:31.763121Z","alert_count":2,"request_count":1,"received_data":377,"sent_data":410,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-12T22:12:24.910527Z","alert_count":0,"request_count":2,"received_data":27312,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-13T03:05:29.919249Z","alert_count":12,"request_count":6,"received_data":253443,"sent_data":2767,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-12T22:12:10.358486Z","alert_count":0,"request_count":1,"received_data":400680,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-08T01:17:43.238436Z","alert_count":4,"request_count":2,"received_data":1060,"sent_data":1518,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-08T05:41:48.061731Z","alert_count":6,"request_count":2,"received_data":171926,"sent_data":810,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-10-13T03:57:20.763365Z","alert_count":3,"request_count":1,"received_data":520,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"prefecturesuggestions.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-03-28","domain_rank":155164,"first_seen":"2025-04-19T10:54:10.906276Z","last_seen":"2025-10-07T09:35:26.341059Z","alert_count":18,"request_count":6,"received_data":202209,"sent_data":5646,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"prefecturesuggestions.com/24/5d/45/245d45a321faaf58150e2b1fe830f4bf.js","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b8dbacdede1e142c2563f2ad3f9ad49","sha1":"1e13a0be1d812ce27def73a01e65a41308425646","sha256":"94472b435f31cda4602b0165faddc1bbbeb3705530109c9580deef468ef5e6d2","sha512":"95a0162021334045f4af347f1b28e957dba23ee22ded49c4917a45b93e71d7fbb00d83a6ca72cdaaefbb5d6f66ba5174db096fc6d335f28925901eb1081a88f1","ssdeep":"1536:UdJsDEFAkM9IWf3pDTf0zpxftTgA4VEIaUe4Ru37oIXDWeGXMtb4cnSzB:vDxk4+BgA4VEIaUe4McBeGXMtb4/","tlshash":"0983f848bb82b869425620bb332ff01af15a4d421da8d444dc57f8d96fb8b1df637e24","size":84250,"data":"","first_seen":"2025-10-13T20:30:33.543836Z","last_seen":"2025-10-13T20:30:33.543836Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bce058379a4ed27713aa9fe3b1e78600","sha1":"40f11e893b58deb58c44469463c76c1fb668df3b","sha256":"fe25ff82b14d8b5da7ded5204f954b92f5ac9f67929d2181a3a4c765d32ab818","sha512":"cbdebfc3efca9e1f928e28d4322b8d5f7dd50d3d29ab56d4b853480f7c0852c82ce747631757db0a05809334486ba2290d4c93b31c911a8da00498384439d1f3","ssdeep":"","tlshash":"62a012c479d61230c2233070b0f71c0b11561490200ccc00a300e154397b023994519c","size":85,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.921626Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b446c0a1c72e359f08cf75c5dd71c8fc","sha1":"35e98eda6f638cee5b971e879829a9fde55af363","sha256":"47c50ecf8d74b0290912784954cf3d8169e3991be60a17a5ceff97bbdb906a3a","sha512":"9e36849df81bade99801e1ff393025b97905204c2453676201e2adfa1fb784b84f65bea71d46535d3ac1af031a3f01a813f0cd161df6465a7f763f86771ee24c","ssdeep":"","tlshash":"15a012c479d61230c2233471b0f71c0b51561490600ccc00a300e054397b023994119c","size":85,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.910477Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bd8576abd698129701d8fcefbcc8c2d5","sha1":"03d75d9394f34969ae00a8ebe0d9612e506d081d","sha256":"41bda9e7847b0ed745073946d6a1a611a70c411ff7d1e6778c35c5f165072d6d","sha512":"8950a6d34570b401e69d4edcf56b3911f9614d23773bab8aecafb5af568a8aeb2ab2c4b3e25991e3afd6594077672935c2d71a196fcce810b4c9b3ca768c0c27","ssdeep":"","tlshash":"17b012c5b9c16460c25b35b5f5a35c1f7023a5d1a008edc4b384fca4382347379812d8","size":105,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.912579Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9bd542d42f6e61dea1d6775451236dd3","sha1":"8c0a2711527fe52f3228d9bc1157617990fd4d81","sha256":"692ad4a6194c2381e6ab9e1d2778c11966df8e4cc35123b4d3681a9f0edea222","sha512":"3f25b9e0f9f5c6db8a6a9366755750138e50d53bbd4ec1804cd3e964537a970a97bae0faf05304dffbadb0f358f093fb2fb8ace7985b08fd94f862c720e40c69","ssdeep":"","tlshash":"eba0128836c11021c2633d7420a31c03b88514b85004c980a134e0ec2c2203338021ac","size":83,"data":"","first_seen":"2025-01-04T23:35:08.117143Z","last_seen":"2026-03-10T05:39:50.915027Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"33d596d5f218c8e12ca830d779ac824b","sha1":"d4102335c1852b2d659f377835d033fdb8767b85","sha256":"fd11d76a661056961e10286b39c125a324c45bf64a1d761aecdb8bee9106e4f3","sha512":"868ef691983da84593bbcb1a7596dd39a8ea958fe55671908bc4dff12fe92f6ff9d01caf37967374b137348ed497fb302e81eec3e9360d10c2875514cd328391","ssdeep":"","tlshash":"6da011883ac22880c2a338b830ab2c03a88028ea2000cc00e220f0ac2c320b23c820a8","size":74,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.919209Z","times_seen":117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"111637fdc68cbd678350b49f3b769f23","sha1":"17147aef0353193e7a1f028a28ed66e1bdada429","sha256":"4ee1b2de4490ef59f4871a42313f5741213b77342dc04276570903db1939d4d2","sha512":"6bb9c6e07b5f3c583445c8963fb1e9f822cfceaae36aa86d8eca7e6d02cf2ff18942dd6bd716870022acdd955dc8b20fccfafc017c2eb7c0547baf2b074a27d0","ssdeep":"","tlshash":"f2a012803ac52011c2133138a0e30c0795001da02004cc409100f0542da24361c439ac","size":83,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.939235Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0fad095c517e3e19a0848e1cc76b25a1","sha1":"e5b1ebf3ce128d80f32671764ae69fc5dad07c48","sha256":"7f0f99c93fd870283d116d3c8156ef4366513011f7b2dc56d1451b6ba90f550e","sha512":"e52b3398b9fea8eb4aa275e9e56c21b3b526a9e3722429261d073c660271eac8d78cf17cddf09a1762a615c5f5bd02215d8a6209c6df82d50f2d8edeec59c68a","ssdeep":"","tlshash":"daa022c83cc22002c32330b038e30c0fb0a8ace00020cc02a320f0283a330322c022bf","size":71,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.942827Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7ce6f2a3ac8045e4dfe57cf04f1c4098","sha1":"b40c951fca6ec6a50fc2f96d505a7728e10afae4","sha256":"935402cfc593f5aa128308fe4b4b591ed6aebe03722cc297a3ad0c5148a96d20","sha512":"b899f57338049edc5ebf23e6147034c9dd6fb42682c97d4fc098a46eb5f87b6fefec9983789f4ed50758ff175f6df742024fb75b5c5cfde0be98cd4a47a98768","ssdeep":"","tlshash":"56a012c138d31020d113353420930d02308414940000cc40a514f4102822025295655c","size":73,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.889618Z","times_seen":125,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b9b8f9446434ab2c6e7ea53c9407d98e","sha1":"1f006a5cd05c220c37e8748ba043d09ec4a21970","sha256":"f08104eddda218f022e4e6240f4e175218cae0d9934866ad3ac084673bc2e9ae","sha512":"df37720a4beb7c08f4e1eb222cc8c146b4c801587567c7081b125d96ab761322eac03d747c5ef3766e0e92752c07942f599524f430f9783e802fc9afcae7b562","ssdeep":"","tlshash":"dba002d83dd66051c363357071e72d47b1d668e4500ccc80a205f4647973032eeb65ad","size":62,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.887924Z","times_seen":159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aaec9da674d8f382d611af3385f01dac","sha1":"a2e5edb0389ed7bcbc0f8dc6e72e0ce9020b6b4b","sha256":"4d8fdc1da808ba2c2bdf373b41643a161dbd354547ad6f5c86eb1fb383cf14e4","sha512":"c6c318c05aa295448d9ca8e386c1de05dfee697b1fba8dfe05dbfa91691e25cbce2148467f73b845609d04fc8654ff39edf364ff79bb0e8ed7ce48da32d0cdaf","ssdeep":"","tlshash":"70b0928878c6582286a735a464fa1d4a72e159a1002088086620e468287a532ae4646d","size":102,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.946132Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/assets/123av/dist/app.js?v=1756947695","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad534f689f93736bc68476ac407fac78","sha1":"bcf3e599aa99d4528b7e24688c9ecbc520e70e03","sha256":"4f94d8148e5bcab792f823697cbf909901fed6168bcd09263c3809d31f48e84f","sha512":"4f17038dca2fcc377bf8b4b603d3699a37353f633c7678332684c3496d14efe530c08254d1a4ca2d537e436d3f0e0a6a99c9b51e04f41b0d8ff78178f12c9a92","ssdeep":"6144:G76wIdyY0WXidGPPTVqH6/pEGdYj6kQiVLoeso:G76d5bHT+7GdYjLfLNl","tlshash":"1d44088cf5c6f07602376071009fb447a8b639e1700f5993e971e8d5bcba99e9053eae","size":257501,"data":"","first_seen":"2025-09-13T16:34:31.346055Z","last_seen":"2025-10-13T20:30:33.54143Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"de2d4783c9b6cf00d5b006375fbfaf23","sha1":"3361527d17c5ce7490d3025f1ca9b12f91dacd8a","sha256":"73965d73b4bb7b14dd1375d6e2acc8d1b1cd1069697072a54b5d30f7664ab168","sha512":"8d7483dcd3ae209abc3ebb12dd988df5cbe59df63cf45baf9721b42fe8bb7b846784d2c24b85d9754ba87cab5c1266ea5ede6ea297bc4b7fcd5c3152be575253","ssdeep":"","tlshash":"83b012d478d61031c2233170b0f71c1f51561490200ccc00f300e054397b023d94159d","size":88,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.899959Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"36b337cd3565068417f4db881a58ed0d","sha1":"75598aa0e84816be3aead0bee6932332dba3ca75","sha256":"786e23d540b62f1fc83dc916040af2e05ab1890e94e0252caae8e7099d4a8ea7","sha512":"7f427bc563877e9e39cbeb6fe89a1adb23f67b94ba3edd6fcc4c4f9aff73850fa52d35480ae25fc777f7c9547d44aa87329ebe272e455136e5ae183750bebea1","ssdeep":"","tlshash":"afb012c1b9c16460c25b31b5f5a35c1f302265d07008edc4b384fca4382347379812d8","size":105,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.92224Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c84adb51608767c166ff3633fc589477","sha1":"b9dae42c1bd2b1203c762a0cf922df3d33009458","sha256":"638ef5e142b2a1437e6254f4a5e184610178d99d080f98707aa73f7a596fd784","sha512":"76ef85e250a8fb802721bdef00fe9211d3682a7a6f598575b57ed0f610c9edb22d77b562e2d94ec5c1ac2f64f88827b914150fa0eda0b626cf730aa6096b1ad3","ssdeep":"","tlshash":"35a011803eea2000c223303030a32c0aa020aca00000a802a208f0202a230222c8a2ac","size":71,"data":"","first_seen":"2025-03-15T06:39:38.198187Z","last_seen":"2026-03-10T05:39:50.904843Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5b40f41b419bb7c97567c5a23f6b44cc","sha1":"210a97c433817c6ed7ab2bb7e92e82a678f5869b","sha256":"6648a40a598c208962b58e534d2bf2e0832283b5af843d9a1ce465607e16adab","sha512":"dff7324dbb520845d433d6e896f3e22cfce4df9f0943dfc2fd2d8bcb39cb2894a54aec4879307bb802134f58382920686d15280aafadeb090a0f1e1542951ac9","ssdeep":"","tlshash":"33b012867ad21071c6573a78b5b31c03786529f54004cdc0a1a4fc3d3c620f278413ec","size":98,"data":"","first_seen":"2025-01-04T23:35:08.108938Z","last_seen":"2026-03-10T05:39:50.913704Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"243327215eb6b502bc765cfe9b8ee02e","sha1":"3749becd7ac340a124b85f7a82e55fa2eefc1e7b","sha256":"09a32ea43b810685211d17baf728645d798853c2d8a9b5ec7ca98d01bdd1251a","sha512":"8f3d83101ed9ebdb5ce0d8805f0017ef97c4642a793a8c4909c31700ffcd28be19855ee401e5b09d412df4902d74b839e3595060211edcabd8796995fb8f5066","ssdeep":"","tlshash":"f0b092c235c2f5638aa73db668a71c0765c299a418018c50a2d8e8217a23079ac891ac","size":115,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.885588Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c4adfa9907b44903072f9ea2005a601","sha1":"1dd95fa2f996ae5b6cc9df3be430ce619a13c78a","sha256":"c74a76398c9dcad73f9acfec110923a03054a690e8098d2e30dbd34082d98456","sha512":"cee277173aba226070ae238f98ddbb23ac12e68615c0c1f2ae9c56a319ce572ae18e59f509701e21221dd2f5a1aa4eb4be649cec4326506e8e1a79a46536468a","ssdeep":"","tlshash":"64a022c038ca2002c233303030eb0cc3a02828f00000ccc0f208f8203c330322c020ee","size":64,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.897827Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa83660b82d391a138f3000130217a0d","sha1":"810a8874c1b70643387a5f163d4ab7fd4f9319c2","sha256":"ef088dd378595754d72d44ce29774b1373147818cdd86109bc47585b8d9ba0d0","sha512":"d6b8ebe39f954caa40ed498d1c0688e675ed1b20050a357c44d0e1efbde95009ef389ae18c1ac20910b3af51fd574bfe5c33c3e711ea6f025a0ed917ace062be","ssdeep":"","tlshash":"57c0c0c178c978618b323cbce06318070054141434008c50a1ec908028230352d0b0fc","size":178,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.895019Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"efe61b0e7be1f681bf8433e0700ed71f","sha1":"85c5ccbf538b88e3976020d2570daf3d6b3a9a87","sha256":"e868aa834a5c9841ba1a1b137b8a071d252db6cbcf0feba6436838a48625f33d","sha512":"d92fbcaef0b1d14057a87d2d1a1b9fb25438e43ea065bc11ec19dafbd2a124231af4c34ae1624a8b9913d76a09893e257417944f248f1930fedb4728898a6bef","ssdeep":"","tlshash":"34a0128c76c15023c1933db820a31c03b84514b86004cc40e220e0e43c2303278021ac","size":86,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.936905Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"71615e3773bfd84d6a161bc479c59e3f","sha1":"951d03cf86648a88bc087969d53f76334e23bacd","sha256":"97a10e815cb6f29d665a8c6ba58f03c59072b07ea9c808d83f87c85dc3624558","sha512":"675dc636d6da04623f189d127a3672d77dfd74a8de76350a4a36de1ec6443ce5e5d1ddc372122ab8c62387756bd597b16ea8c9ef886a3ad3aad4dd0d0bfb15d8","ssdeep":"","tlshash":"33a012c878c71403c2b7353120a70c4a705058e1402088016700e12438335229e42559","size":84,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.932127Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ae9adf67bdcb56a2bd2cef47dbf95b81","sha1":"02fe0a91d9b9c987ed7bad69a9b01a8db6c3eb90","sha256":"c21330b79cb35a06e17e1876a16013bd1cf9749898480105b01d1ce252e908a3","sha512":"d547b7690570e6d0d416b13c143cd236683fd0b5d18f4788c28a521ca4fda6bd8a735cadf7c728b9d070dddd8816625f06521d5adb2c6cb0b4419e9a8ebff0f0","ssdeep":"","tlshash":"90a011c838c22002c2b3323020a30c8ab200a8a800208800a300e0283833a22ac02aae","size":71,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.930032Z","times_seen":120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"dcd374e02bfc48ab0316658d9578622b","sha1":"84d8a05f8b3900a574e698ea8536a39a860b9b75","sha256":"fe01dab50bae0b80ab176243779160876a46fe04259dafce4d0a4ca8558e7324","sha512":"4bec33846b49f94931be70eb1a6c84e8c58cc2158dd937e088440eb349c52f6656ddede6ca17207f44c9705941428dbb165e9fc3ee2fb3b6c1291ef0cdbc52a4","ssdeep":"","tlshash":"b1a011883ec2a000c22332b028a30e0b200a28a000008c00a200e0a02ab20322a822a8","size":68,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.891914Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"892f8ffe3199453ac37973dafa98f13c","sha1":"8484337fd52522c6d97124f66e6f63385a7b7bde","sha256":"2d47cde6178eb5ea5e356077a179b9f6fb117e4419613378d753bdf98c52a36e","sha512":"9c31d5cd606389f6c3d93a974a52ebc55c477b59a92786b6befd9e824ac5f6376b22c04a10f3d63c44bf8800839a17b7ef07710ee09cb8ef5809c295595f3b4e","ssdeep":"","tlshash":"e8b092c2b9c26460c25b35b5b5a25c1f202265d06018ed84a384eca438224726981298","size":105,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.938591Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9683c26daa83b1b644a04af6d653e802","sha1":"06b2171395dec8fa96eff3c141648926670057a9","sha256":"64a72f508c014cd069d201417f45e2d6060030a78c7598d29d9099ac9fecb727","sha512":"b8ecdb96edf51ed03e00206c472aa84c832cb9faa3845cbb5fbb62da9349c01a44649f2ff464ab676c663a0fe6a7cf8d7940d950678837a2f92bf454f4911dda","ssdeep":"","tlshash":"0cb092b83ae27040c123386220a319065190aca0611088c06304f06834f383a3fa6aa8","size":100,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.886705Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cb6370402ad66d9adf7b00edd6e50c5e","sha1":"3b639d362aeda91ebce255ceb8fb4497932bc512","sha256":"887945a2a392e8ecddc8160dc472f83e9017eb22464c10e62f8dd82e0d174a68","sha512":"5886005b2782854a64b746b9ee95b60f22051f31c96eb46dd4b5a9857471ae9b162d5fd8842e6a248ce4623b654d8bbad4a9108cc7a2ef42be2ab3f4f0f5c3c7","ssdeep":"","tlshash":"d0b0129438c25022d72330f468fb1e0b72e19d9400008c046120e45c2d720726d1607d","size":89,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.918569Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e2feed2c9e8ff2e1e1a99fa1b7087ba5","sha1":"b7de454f4ec0bb469d8c1647ad9df0d49a741555","sha256":"237674f627f660c633ceba86d25065729d70fc75cba62c2827064b5781e8264b","sha512":"86226210ab7cfb801beb3b702e3aca600f0517610afb0762e6d6994f40ad5307c10721198a1330030acce9d1de247c8e1aacc912c24c217f617510d50a52b76e","ssdeep":"","tlshash":"8ca002c439d6705ad273357070e71d4b71556ce95044cd84e604f4e43973032ed565be","size":65,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.914377Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"56ab55a3744e6b397f4fbb41e518c08b","sha1":"b52b2256531b191d8fe3fac63fb9e4be3da71e9e","sha256":"c128a13d5eb91677ff3008a56088503dd3d2fdbf19bf59253e1168b9717a2521","sha512":"d3e9ccd97abeb46ca1b6f364a5e50bc516d464a03cbf79594fc91b153f230d6d96799eb0f9083d14004f448c70b4c75c909fa32d286ca68b5938a5dac305b5e2","ssdeep":"","tlshash":"77a0128837c51122c163397421e30c03b84c14b41004cd40a230e0a43c23032b8021ac","size":83,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.898459Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-VZGC2QQBZ8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b1be8fdd88c48c953a16e037f97995a","sha1":"b938fd2ebce0440d635c6a2ed85c3350f61c68dc","sha256":"6cf5f454d481cd06cf43efba5a43753698db643ff854a7f9b2995c49bcf012f6","sha512":"b35e821ba329bc38e94a4724dbbe3f7726bb50025cca3a131f9665280bbb6d6994e5d3a7bfdd2ee15eadd80552b83afae19345e6f61d8674366aba16e0791f0d","ssdeep":"6144:/To/yp2j4tM0uwbWZJT+Nju5204OaNhYXdXAQ1:/5Y8y0KZJu0NJ","tlshash":"4e8419ce73d674264396f078503f018ba57b28a2b44cc899f189cde52e74a9a4277f7c","size":400076,"data":"","first_seen":"2025-10-13T20:30:33.525507Z","last_seen":"2025-10-13T20:30:33.525507Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3f107d706b1442bff0e813566bc79033","sha1":"517bc7028a44dee5cf8a083033f0e2e96f857965","sha256":"385dcfad91223be0df40a5ce9a8a82f7a6e570e718904769fea6c9276b4aecb4","sha512":"0410752e02d8132f2988cb094d995bb2b9d3b852ebf2242308c9bdd45dca432295242834111c5964b87b43bed98bd8c008ff7622fb64b12d4b54fa648fadb860","ssdeep":"","tlshash":"26b092c439c36010cda3367da1ae5d0a11136d984405ca44a608e4ad6ea6022b88269d","size":113,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.894392Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f410aff72af7685cb54e5b241f0d8e8d","sha1":"819dcb0279877ac43c16dad65a8ab5cdad6a34d4","sha256":"449385acbd8e1551b1634a721511717e147c85bca4b9531c991e393039c68adc","sha512":"aec27895f975dbc0dff294831fdc1a6da9cfa38cf8c01e198d007fb3f58f0c824d2808d9edeb052a012a30085750d8acb698bc67787c5109b1c952b060d84d46","ssdeep":"","tlshash":"aab012c1b9c16461c25b32b5f5a35c2f302265d0600cedc4b384fca4382347379817d8","size":105,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.915565Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"79ff2e829510eda1690a924e30fbd3c1","sha1":"baee178d2bd0998ee3384da8d39dc698786269dc","sha256":"d71f621a7a17be99ee1fed72230e263a240f638ad09a483e3b40faf76d1fe75f","sha512":"12c5f38a9371056de34801c1590440366ebc4d942facf85c99aeb5a1c0be1b15fd37f1ed63a97def833f40703d77d3ca24c2a2a16c4086318ec2a98fe13c8d18","ssdeep":"","tlshash":"d6a002d639d66152c3673d7070e71d477596a8fc5204cc40b244f4647973132ad979bd","size":65,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.888801Z","times_seen":159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"16b89cffd1b2555556a546dab30602bf","sha1":"796f2614a7a782f0b8189c6a8a3a725d3aaf979c","sha256":"33935d4382f66eb7df0bb1cfeeb8a53693ae240147a57138cbc7c6d7e4ccc0b4","sha512":"35f91bf41e17ec8733be4f34c94e402b9c231aee7c2c148d45bbb1d2b1fa6a33fa0f3dedb3f56ae80981ec083fab67514c4c612bfadb0adbd186237f334dcc53","ssdeep":"","tlshash":"37a012803ad53011c113313472e74c5b6100599421048841b100f0582d7243119d246c","size":80,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.941802Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"25b77217432c010527f57db38065efc8","sha1":"e96ea2f275c9733b2f9ddc944c9991048678a17d","sha256":"520d04c418a7295f4406b93770b145701c799764cdc9e4c400ebaa78ee8d5da2","sha512":"7464f70ff8242d13992fe33c5f33bdb529d9b45247f74b727be8f8b8e10998b4d7cd1a0760356245fb6c5ccb8abc40de9d1e0d416e037e0633d179e100d86cbc","ssdeep":"","tlshash":"f8a002d439e66151c6673570b0fb1d4b619569e49004cd40a204f4647973132ad5a6be","size":62,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.883611Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6699caaee17cc1aa4cd03f1abd8a3f43","sha1":"18cfc45dd0d44587cc53dfdab16dcc869a499c9c","sha256":"92b0531a2946f5ad6b96013f0e7b6edd0c5d4af7b9cf26e5ab16bfe97dfecc91","sha512":"16ed797cac8b3832a8e1b06e90e7048a71e73afc5c7902f707e07144aed879d580f6ac2a783decb9f1ae396f27b5b2260b125095246b85b196f8ba85142c5b8d","ssdeep":"","tlshash":"12a022c038c3e000c22b3c3030eb0c03200028e00000cc00a200f02cbab3032ec0b0ac","size":64,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.884674Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7b8fc6bf7b44ba2bc5b37e9ff3de7b00","sha1":"ed7df950986f8002f997ed04884afa11aaa9ee8a","sha256":"17fa551376c312c2613e051d1b0e62dcc8c240bc1a54f8a8a2f1afb8b50cbbe3","sha512":"403fc594d07f3516470dce81c505a4fc91ed4b2e5d5db8367b0b0e500a784709e94eb4922b985db922114dd793550251bda5140e93fa70715760f6fb599f4c35","ssdeep":"","tlshash":"98a012c039c2b003c2133c7164a30c47150159a04400cc40625de05079230396c011d9","size":86,"data":"","first_seen":"2025-01-04T23:35:08.104959Z","last_seen":"2026-03-10T05:39:50.941167Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bc06fdbe36d99aabbef88ce731ee19ff","sha1":"cdb2417dfd2b0fbee4b930923369fa220bf6ceb2","sha256":"853c348594b675de53940d306720144f72812ab663e6429316d7d062c0d758eb","sha512":"ad95e018704b5070bd4e6e212fca3aecb8ed2090f1b061691c2630dc9343a34c8b49901fb39805f5d8a98dd5550a42b59cb5e1e4e0cc56880b820e1ad5dc0cab","ssdeep":"","tlshash":"c6a0128435c11401c157387420930c0b608464941000cc409234f05c3d320717c4107a","size":77,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.911269Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"90b228e56ed22e851a3528390283de91","sha1":"c19f76f6c199e12add4b2f3728a4bed741348c48","sha256":"fec8cf7ea2b4163255bc2eb7a434e1b409a07ac8f980f9212db949f768abaf77","sha512":"7715ecaaca37ee286f74bac24c46c273b619bf4e4632df7b282cc66350645c910986ce1511266679d4fb0fa24f9e82ff685ed1f3f03d5a78465a772c5e99b208","ssdeep":"","tlshash":"5da012c47dd71230c3233470b0f71c0b11561490200ccc00a300e0543d7b02399411dc","size":85,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.905528Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a383d09af2170229f1c0e8889ddce9e9","sha1":"b313176817726374b82a56ad34b87ea42a6f6b25","sha256":"f06bd7e81555ab29bea90a323fa67fdbfef80aed2cb6c939e0d20603db7bcf6f","sha512":"34517f5bb11b19f8ccb3dbecc5c4c162759534a4fca96a915fc4742472aea0baa724488c870490ce400b6d98bae48ff39f0ea67a6abb4b30c306855d593642ec","ssdeep":"","tlshash":"74a01180bac22000c2233a30a0e30c0ba00828e02000c800a200f0282aa283328820a8","size":71,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.913168Z","times_seen":136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0906708e508376152c1073fbecab481c","sha1":"6a68df0e395b18bb1119e1526170cc13270a05f6","sha256":"33b64869d24989f094d9a0d513ce5b25df861b77db7cd5deaf5635381e1c5af4","sha512":"e15328cfde6cde96fe93784373f1ec73fca35c4b769f893776d4ca74b9bf5416fa1786a186fa44d5ce8009fba825395a5caf03c0012444373a9c088161e3cab0","ssdeep":"","tlshash":"2d9004771c750110117013cc3347354dd3f1103cf454c510d1104005d151013500d0fc","size":41,"data":"","first_seen":"2025-03-15T06:39:38.201351Z","last_seen":"2026-03-10T05:39:50.911842Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2deb19cda3bd720bf40ce36021ad35c7","sha1":"d60b5f1ba0e1d074b182e452be7716cecdde6658","sha256":"d7db14ff0b74b16b9c0dbdd5dbe9e1d78d77ef8431666e41eeea3ed042a3de2d","sha512":"4465affe3c80f0f2306a7e750d5625fb46d6d73f7c17832d00e3348df9aaae1dd85fc1e4b243782fde64785ecaabe524b00671d8c3685413e54fa658a9975798","ssdeep":"","tlshash":"dee02bff61b02872076214f1cd0b3c3fd477a5580cd6e522d6bc89c09005c36e004905","size":379,"data":"","first_seen":"2025-09-13T16:34:31.363306Z","last_seen":"2026-02-24T19:37:32.486483Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/9b/7e/1e/9b7e1e724274b81f688a60aa9a5b4054.js","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ad59021fa17b7f3f6689454847818a4","sha1":"67cca389750e16ffe7a9605b3ff7d6b0ea181475","sha256":"325c8f26e8fba13f553b2df9294a5977a99e40ac23c5daa4a7ef56b4b4ba7b5a","sha512":"a05a48a5e62d696e813e15bcf62ee44c1aa4401ac16a2a5e2ad329babe30412530880192226ed025e0e839961d70f5c009459210c6e33689d9a015464b22d3ee","ssdeep":"1536:9scJYewCZykXTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9NPmQ:XnrT9RCgZ0eQp29NPmQ","tlshash":"0aa3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","size":106631,"data":"","first_seen":"2025-10-13T20:30:33.572737Z","last_seen":"2025-10-13T20:30:33.572737Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T16:35:07.773895Z","times_seen":10389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"936e18c03d747f2a9356af1b039dfea5","sha1":"c4a0bbe9555cc55f51981ad45222491329ef49e7","sha256":"b1363402ea14235d0d54b45ba31f49a358f9ce9b3fd12e4bd6ee681e7a5c4406","sha512":"2edc96f93fe22567eb7f0edd176b38ea43a2bf6fc40e21e2bf85e646ec672acdbf5e7228d67a531960bb0434dbb2b7e2c74c045720750c4926757bf67571b883","ssdeep":"","tlshash":"5cb012d1b9c16460c25b31b9f5a35c1f702aa5d06008edc4b384fca4382347379812d8","size":105,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.929051Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1b7b4f859db3f20111d41f348dcc6785","sha1":"b1722422aa3e2412081ac26b1a36656ccfefc658","sha256":"fd94eae09dc83668941b0795fdc338f018a4a5aa760be9ccb3bc6cdf2a9b59db","sha512":"38fbc8cba8e4dd031da5896405eaba0bc0ac6b70832da7ef2ac097cb2c0d718ff42c423ca88c6ebf627558c2a3c2c065d55627fabf20ea7ccbf37ac17ddd80eb","ssdeep":"","tlshash":"55a011883ec2a000c22332b028a30e0fa00a2ce080008c08b200f0a02ab20222a022a8","size":70,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.893618Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"83d666ae07c84b4904b251572413efba","sha1":"11146a1224c767c66c7c9fbb455bcd2da9f24c9d","sha256":"6ce9e9bd415658396e5c24ef507e5cefd1a77da5a2962a2a968ee24475558758","sha512":"a66955a7c9f244de7cee0f848f9a8683ddf81fb71c6f4003bde9459f549600fefa9587ef335fe971c7723a99afb250b9207c8538fe2ecb21296f2e05d66eb73d","ssdeep":"","tlshash":"d5c02b8274db000ec00b3278b5d20c07315912cd0284dd445500fd3132134723e9929d","size":131,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.924207Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a4c6f0229ee934fd7ef657ba210b4f8f","sha1":"87aac488d96b33ef6004b370a1ed6c2005fbba78","sha256":"c0152a5c7fe5563fbc80c1e41bbf4dc73c0e9ea1ddc6a453fb0b8c228d8983a5","sha512":"3eaca0684217c124b53a2bbccd8ce77adcb2d7e18ca38d2f1bc15d65ffb1c01f94888249829c1dd49f341582b40ec6657631921228239d7fe18ef23b84b81c7f","ssdeep":"","tlshash":"7bc02bcab5ceb8a2c7b33c7994771c0b21a9186139409c40e3ccd08429330347e4b0ec","size":153,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.935604Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"18efc211e2e62ef94bed6b5db278abe6","sha1":"dc6ea6a99845870942bcff8b80c8431fc4f9a1d9","sha256":"f5576ec244a80b35a8d880fa7db5800e213111de7772a86c79fa068eaff936f1","sha512":"48637d18993217d39949820a997f101678bfa8c10ce7012046ffb9fb8745fa96fd98baedbb43c74980cb458db291f510a8aa30ec2f6a6f3c9f698f4e19317746","ssdeep":"","tlshash":"36b09289bad25062c5963ab8b5a31c03682529e55004dd80a250e8653c620a2a8412a8","size":101,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.902214Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"324d7e63905e3bcce28202cec2d534aa","sha1":"082faa076a64a1d6059e1a86081f61b53ebd537b","sha256":"4cee3a0534f1f98ffd4db743eb3115cac3c75d7a9140a5ff5b2a25656030e0f5","sha512":"492df93d608eb91daa683de5bd09c2f60ac06cbf40d895a8cec58f3db2afb664fd4a2b08f66421bf0f29140bd4489de0e680ecb595c9f034a23de619976d30fa","ssdeep":"","tlshash":"6ea012c03ac66040c2133530e0d71c0bd0051c9010008c009100f61829724315c47198","size":78,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.933958Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6c03c709eebffd0cc0ccd49ef5b3c22b","sha1":"b154c1a1f586ae42673f4e3088a680e9d6f5d310","sha256":"10d7872cb8e6f736259e65cd040654416223efd097feaaba3106e7b8fb6d6006","sha512":"43bc0c569741c3ade29cfdebc3d441f051ec0a5ba93156e71d69c9854fdb9c1d1f68bd67be85512d37a9027346c8d712072f5c14634e203676cebf3254c2b474","ssdeep":"","tlshash":"adc09bdc21475d7555f71b410f5fb725b1513310d8d15c31095563455521c17a758854","size":144,"data":"","first_seen":"2023-03-07T23:06:19Z","last_seen":"2026-03-10T05:39:50.921066Z","times_seen":113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6ba410501bf2f7eee570758feba031f0","sha1":"9d380d9e1cbc4cccad6176f6e19f9750d700a0fc","sha256":"d37a3479852e92e700c164e39603f6a7493394eeb4278cac0be26a6185065181","sha512":"c268dfca620c046c6896dfe888acdfce4f86cbf8ef1b22eeed9aa427e196f0f2a92bccd09e2b34bff0d7b5555b45c37f8049cc7938005fdb828454ffc0c405b2","ssdeep":"","tlshash":"c9a022e038ca3082c23330b030eb2c8b208a28e08000ccb0f200f03838b30322e022ac","size":69,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.903729Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"50ed2682d119d9867cd8f7df0c4cfa81","sha1":"284fdac57bd8f155555cc9c420b44e23235cf494","sha256":"c14467074dcfd41ccc0f52855b2e9edd4e01f6f19e232229888191da2e7be619","sha512":"094e6e8c685cdbc67a0b4ff8e72d1f0c43ad8e865788bc9d62537a350687f47710dbe42894bb61673ca9109b6167c061bc326a6afa8479a4bebcf50c68897bb6","ssdeep":"","tlshash":"25a002d439df7052c273357070f71d57615568e89006cd40a244f4647ab7032ae769ad","size":63,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.916336Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4c68fecaaabed8039a63e91650be1a86","sha1":"90f9d596c09ec754d71aa40a2ac8b6e217b6076a","sha256":"0dd4f405d07fee441d2f51fc785a730db7422e9791fdb41eab46ba169d04b6b4","sha512":"ef25789ff58214c64942b57c7a5cb49cd119c3c969e29c44b2f080e060a35e54bcf3a16bb4d4c09a68ba88858768ff9a8fc46d5ce6e5e4b85b5b9d6525a932f1","ssdeep":"","tlshash":"d7b0128438c29832c7a330b464fb1d4f70d15d9000008c046220e46c3c73933ad0646d","size":89,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.940525Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7661f85e0c2192dcbef1e583e4c33ef6","sha1":"5242a1d01fc0aaa6681bdcb05b8eb947a359330d","sha256":"553eefa9faf1db7ca59ee4ac1cc27d112afb8436c2f2c303cfb9cc9e8188937d","sha512":"28c48abf3e575441cdd7fd32c3c65fb5731f5e5cb23536e551a987c3006fcf435fe8f7c1ace251cd811d6df9e3c34d4ecc4d365f146ababdaba749aa7695034c","ssdeep":"","tlshash":"87b012857bd61062c1573678b1f30c03381d29f14004ce84e260f8353c620f2b8523ec","size":98,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.917416Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a6886f6012e45b56dba4e39fabd3048","sha1":"c6a650075773e94ab4f5e18f537a08ed6ea6fe9b","sha256":"5ecda3a2a5366c238ecdcd7a6aa62e8a4a250f6f199316218cf26244d1033ba6","sha512":"bdbcab3d9e47d18f047550d51fab7c2775fbb47c509352c76e9e0a5516b44e2c71d016409ad8138b43d49c12dd46d44965df15e97bad1f1faa75817709bc47ae","ssdeep":"","tlshash":"74c012141c29bbb4561a10c1e5e5e98d346ce63442619b48839d489062c0b969989e41","size":179,"data":"","first_seen":"2025-04-25T07:42:48.698308Z","last_seen":"2026-03-10T05:39:50.9331Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c76399fd806376de8ad7b978e88cfbc","sha1":"9821ac05f74d1bc7adce6b694661aaa121a898c4","sha256":"f07d15b9fdc294b9877c9357dca9d864bc3410f444960b2dcfe5cb8dd4c490dd","sha512":"eacfc113f623a93eee5762a5977df483d5ba55a3ae5e9761f62fbf1fe4e49d05419b031f3c8a33e44136d7885da47ca338045a9cc8cd61b3bdd2c00f4235b008","ssdeep":"768:+qFh4NclV3P5Yk+mqZbr6Y0Ld/LQsaUxD2U:PmNQ1+mqZbr65UsaUx","tlshash":"51e2621cc59da59d8104a00d72707c74b7fa087baf25b9c1ba98a22e2fcd43e613957f","size":34005,"data":"","first_seen":"2025-10-13T20:30:33.8393Z","last_seen":"2025-10-13T20:30:33.8393Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4552ca4359f46216d61d9ee31b4a593b","sha1":"da2fdd9c9a9209b6fd7cccedc888b757d2bbd4c8","sha256":"0d9c768968f18669bcc2993205e3755fc432215ec8ee1feff4d6cb7539311854","sha512":"955447c4e3f55277b2ebb14fc9bee3cffddb6a63e38820d15380c475714ea801a1508eed08a514769159408595a7fff582e743e8f8dd8d6a47d791f807f1dbcd","ssdeep":"","tlshash":"52a022c03fcb2002c2233230b0e30c0ba20028e83000cc00e200f0a83eb38323f830ac","size":70,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.907044Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8108ee641448315833da99b453836da3","sha1":"8e54ff0afb5d033fea8a1ed72c0712df8f6e398c","sha256":"e7235c4e6f1fa5670ea838024a5dfc58d0abf76236ff35a85932c9e6b0b4be93","sha512":"d08f33383df80075aa8d96fc20526107abd0124b89f100c76a3754e52417a5cf0e2a42d8b5f9ca6df0eea05c107e09c4bce897da369a6db38a0dbdfe2b4e3558","ssdeep":"","tlshash":"d0a022c83cc22082c323303030ef0c0bb0002ce00020cc02a300f0283833c323c222ac","size":68,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.930855Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"86cb401f675b5e5d23a75ba36029b6a2","sha1":"56a11ab37dc4903508524f969959ffc005ea98c9","sha256":"d6c79903b7d07fcc67043160b590d73dcb96f90930016e90f5813cee5cd0d50a","sha512":"34a648043701f1ba3b5e439a7a7f9273c12963f4012c9aac485db934b0dcefb009276c1daf4f30cd31f9b319f2a5f69903338270bfd52444149d068676cf103a","ssdeep":"","tlshash":"67a0128438c25472c73330b474fb1d1b70d15d9000008c08a130e45c2c728323d1606c","size":86,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.922903Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"275246f03125c4c238c1753811927123","sha1":"e010d6e6415feb77b3bdb48bc4eb922af54f55cd","sha256":"76bc5eae090edff0b2df2d86344e1091daf30a8acb9741643d1a803201a5f895","sha512":"19c7d137db3d0661a76f340fffc1f2fa2d02a839439f2db849a8d73ad84236584c582bc495b268a1490320bddb5591187bab94f98b7026931d1ab2e26c034fa2","ssdeep":"","tlshash":"9ea012c479d62230c2233074b0f71c0b115a5490200ccc00a300e054397b023a94119c","size":85,"data":"","first_seen":"2023-08-13T06:18:09Z","last_seen":"2026-03-10T05:39:50.897171Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4a546449239c1c522487660e9a5ef3f3","sha1":"3f7d36fbbd8fd20f73451639d1496b9c53f4b1ef","sha256":"3b9528a7587b3cae7d6d27b4d40c6d33bd31454e4e1390df976d202153da547d","sha512":"194a76e9f3e75b2f3bfb9018ba7a647f2616a2bbcc950b1d97b3971fe167984a90f2eea66cdcf6af1a392c95eebbcc67ed2d4311dd0724d499efe9e00436ba90","ssdeep":"","tlshash":"78b012c178d35438e627353c20931d0274c42c945211ccc0ea14f8106d2302a7a7a99d","size":101,"data":"","first_seen":"2023-04-27T13:32:25Z","last_seen":"2026-03-10T05:39:50.916851Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"10a9618c757ce1d487a910c33838ecb2","sha1":"379c609d33fa702738b13d93ff9929463e153677","sha256":"b568a5bdf10bf3d7445cb80612a83c54bfbe5277bb488a94719b456d7eae123a","sha512":"90b5b11bfa9538e0f0342e87748940033a1ec99d822c428b17177cfef95eb85359b80b18d061022b5e00c2054ffda44e9419580b4e3a1217503535d7b11f5161","ssdeep":"","tlshash":"02b09b551c19ea64494600c5c5e4e84c345476140271cf8c839c5994a6c4b944d86e51","size":125,"data":"","first_seen":"2025-04-19T10:54:17.444478Z","last_seen":"2026-03-10T05:39:50.948225Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:07 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QzvblQhGoaTrZ30ih%2FZN4n5q81MbbUB4OGmnJSbTcYnXG4Jw5cbKFTQop88TGRTCiw9Wz8Gc1qA%2BA%2BqOksKB3UHoGAuMyGIjpP7y5mAl\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa84ef-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 98e197cd0a6c0afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-04T16:35:07.765209Z","times_seen":8747,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=594","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:07.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=594 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:18:15 GMT\r\nexpires: Fri, 09 Oct 2026 10:18:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 382310\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-04-04T16:55:11.95796Z","times_seen":16138,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":146,"dns":3,"connect":23,"send":0,"wait":45,"receive":28,"ssl":132},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 95f3e9ad70e6d4ad93dbd8abdb4827f6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":104,"dns":45,"connect":30,"send":0,"wait":17,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/assets/123av/images/favicon.png?v=2","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET /assets/123av/images/favicon.png?v=2 HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nCookie: locale=en; x-token=4aa99e4bc2aa6a4f52aded62306bf1df; session=rYtMCODIbM8IhHG6Yn52NiNWg4ha1JUY3trNnDLr; _ga_VZGC2QQBZ8=GS2.1.s1760387405$o1$g0$t1760387405$j60$l0$h0; _ga=GA1.1.1441307187.1760387406; dom3ic8zudi28v8lr6fgphwffqoz0j6c=43a08dbb-459f-4a35-9f7f-17b365b54eb3%3A3%3A1; pp_main_9b7e1e724274b81f688a60aa9a5b4054=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 13 Oct 2025 20:30:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 6605\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BDrM6hG25g7i4Cthp%2FZXJQtodZbP%2Bc2%2FisxX86Rwt%2ByUk7thnGJvQWgy5cPO5e3pswZsbsBr8oMAk4Mm5MpA1yh3vsy1\"}]}\r\nlast-modified: Thu, 21 Nov 2024 03:54:42 GMT\r\netag: \"673eaf02-19cd\"\r\nx-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: public, max-age=2678400\r\nage: 3944436\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98e197c80e34568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6605,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit colormap, non-interlaced","md5":"92c5b5ee1d5b499babb53fd657721440","sha1":"2c807a18d1d0474c8153fae50e2f46a05abfdc47","sha256":"262d4209924a751bf3ca838267d2c99e3c476fa657dd27b2187fb2de999a82fa","sha512":"7e3edf1515ad436e345698e2321c5309eed764ae987dceddcad59767c67621052d9aec90cdcfdde700277e9fbf297c2b1714d73e7bb2b38e8fea6b71b1bc3d4c","ssdeep":"192:ahnES2sLCz3ajSmjxuz0uJ8z/DWMqVoK9+Trd:CnESDbjSicouI/MVoJ","tlshash":"59d18d8b42ab4a0596109dcfc077a9aca1c5e44d9dee060f017f7197e2a031f5bf6614","first_seen":"2023-05-03T12:44:55Z","last_seen":"2026-03-20T07:47:49.649964Z","times_seen":183,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/sbar.json?key=245d45a321faaf58150e2b1fe830f4bf\u0026uuid=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7%3A1%3A1","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"prefecturesuggestions.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 22:12:31 GMT","end":"Tue, 23 Dec 2025 22:12:30 GMT"},"fingerprint":{"sha1":"AC:5B:B7:48:27:CD:FA:FD:E8:88:F1:86:04:E1:14:57:2A:95:FA:88","sha256":"45:E1:30:18:7D:BD:ED:E7:EE:D9:5E:BC:B8:81:89:7A:93:D3:35:99:F5:2E:18:E2:40:F9:CC:76:7D:D3:D2:1F"}}},"request":{"raw":"GET /sbar.json?key=245d45a321faaf58150e2b1fe830f4bf\u0026uuid=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7%3A1%3A1 HTTP/1.1\r\nHost: prefecturesuggestions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:06 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4460\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://njav.tv\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7:1:1; expires=Mon, 20 Oct 2025 20:30:06 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Tue, 14 Oct 2025 20:30:06 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Tue, 14 Oct 2025 20:30:06 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Tue, 14 Oct 2025 20:30:06 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Tue, 14 Oct 2025 20:30:06 GMT; path=/; secure; SameSite=None\nu_pl23746230=1; expires=Tue, 14 Oct 2025 20:30:06 GMT; path=/; secure; SameSite=None\nslec245d45a321faaf58150e2b1fe830f4bf=[6233292]; expires=Mon, 13 Oct 2025 20:30:11 GMT; path=/; secure; SameSite=None\r\nHost: prefecturesuggestions.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3861db0d9e7288d775fe42b9bf4bf7de\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5740,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"bf7caa2d0be283efd5aa09eb407323a9","sha1":"984583ceff57d184e2abebd0b06ae744c199b06c","sha256":"74e2a38f4760c29d73f198000c25f8c3d68be46e20e8c47c7956452a5ff15acc","sha512":"3ed5dbeb6590fb22ce98d41a20cd5ae0fb3fbdf33f71132b4adaa358ff21885632e4607f41e7c09497960a927a3672bc13b01bbca0ae2d1302dd355b13cd232e","ssdeep":"96:9ztqV2U1M5qg515D32XgEbdv1ebd939aP4fW6epRO1ZEVA6Qbq3ZuFalum1W+vC:9zMzM5qgl32wsdv0xPanpXK6Qb+Zum1A","tlshash":"00c18d7d800ca285c4449ca40a1e5edceee7af8fbcfc86648195ce6ee0309d8964817b","first_seen":"2025-10-13T20:30:33.504555Z","last_seen":"2025-10-13T20:30:33.504555Z","times_seen":1,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/ren.gif?sid=H4sIAAAAAAAC_1RSP2wcxReedVL9fgX_IioiXUERBD7v3_tDhCJMCIoITnAMLijQzM7seey9mWVm9_Z8lYUllPLoKCjW39mxAAtBQ4eIznRGSByVi5iCGgkJlBZ055MsnjTvfW--Kb73vflkrzgjAQp6eu8dPZBpSpeiulu7ti4V16WtrazVPLfuXq-tS9UIr9f602R6r3pBWHdfqr0l4i295Lue63quV7sljUh0f2nGQmZHba_eduuhX_eiEH3z394WDix1wHtn5FlIPnnq9-QDyHgM1f3mprBbuc5eebNbpDTXBj1--J7aUrpU6F7AxDhI1OH8NbSdEPLZArQ6nE8A3dufTgAmJ2Th-cdg6nAuE6x3cK6UpRAKjP8fZW8MkY4h6Rix3oXkvxAg5li5C9V9uKJNSbfPWTplJ-Tyk78gywm5_PgKVPfr5VT2a_d1WuRSK4t-UkH2x5CdMbLiGPlgAbI8Rpx_DMl_JktP7kB19-_aVEPy0xebfiNu0RZdDBLWXAzjsLnImqK9GPmcNUTc9CLWnFkkkzGodVBMj3RQJA6KzEGXn9ZCtxXGHg0aSZvHTTekYcgFc9st33VpO26iiKfah8izIeJ0iNjsIDM72JJDmOIR7EYFyx3YnKDHK5SCoLQEJSUoJUGZE5S96oCn1rfVQ57agnnz6s9rUI103tmjBzrvCEVAzRCGV_sy-8juIs4vjQaJ5SM9TZTl1YgyXu1lZ-SZqa3O5vvfYUuc1vww4mFEA99LKE2ilhe5wmdeIlqBm4QsgZUVpF2YmTGQE_Lau_8gkxNy9bc1MHoMmx4jlk-DFldBywp0o8JAHSlRLqpN2qv3twfgukKWX0a-7eylZ-S50era8qPZdj984SeI-ITMA7GpkJkKm_JHgk76YLSqS7K_qktLvr2b5bIrB3S6-fs5zYXz5dtiu9SG375ph1-8Hk-JKTxaEza_QxWXqmPJV8uSc2FuaRML8v1tuy7YvcJuLBdGFdmde2_cut3NjLBWajUGlRPyv89fRiwn5Mq1G7NfHf19hjjbgc0udFpNwDIHqSRIxcU9ZRWsOPnhz3nPLvCefYCOcUDzXahuhZ6p0Esr0HQIW1wa5Zk5ufFrMAuw1Bmx1Dj7LDXpp-c-WXlai3wWNFqthkgaPAl44Ae8HbmiHdJ2I2yHEXI72fiDrvwbAAD__63yh6l4BAAA","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"prefecturesuggestions.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 22:12:31 GMT","end":"Tue, 23 Dec 2025 22:12:30 GMT"},"fingerprint":{"sha1":"AC:5B:B7:48:27:CD:FA:FD:E8:88:F1:86:04:E1:14:57:2A:95:FA:88","sha256":"45:E1:30:18:7D:BD:ED:E7:EE:D9:5E:BC:B8:81:89:7A:93:D3:35:99:F5:2E:18:E2:40:F9:CC:76:7D:D3:D2:1F"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSP2wcxReedVL9fgX_IioiXUERBD7v3_tDhCJMCIoITnAMLijQzM7seey9mWVm9_Z8lYUllPLoKCjW39mxAAtBQ4eIznRGSByVi5iCGgkJlBZ055MsnjTvfW--Kb73vflkrzgjAQp6eu8dPZBpSpeiulu7ti4V16WtrazVPLfuXq-tS9UIr9f602R6r3pBWHdfqr0l4i295Lue63quV7sljUh0f2nGQmZHba_eduuhX_eiEH3z394WDix1wHtn5FlIPnnq9-QDyHgM1f3mprBbuc5eebNbpDTXBj1--J7aUrpU6F7AxDhI1OH8NbSdEPLZArQ6nE8A3dufTgAmJ2Th-cdg6nAuE6x3cK6UpRAKjP8fZW8MkY4h6Rix3oXkvxAg5li5C9V9uKJNSbfPWTplJ-Tyk78gywm5_PgKVPfr5VT2a_d1WuRSK4t-UkH2x5CdMbLiGPlgAbI8Rpx_DMl_JktP7kB19-_aVEPy0xebfiNu0RZdDBLWXAzjsLnImqK9GPmcNUTc9CLWnFkkkzGodVBMj3RQJA6KzEGXn9ZCtxXGHg0aSZvHTTekYcgFc9st33VpO26iiKfah8izIeJ0iNjsIDM72JJDmOIR7EYFyx3YnKDHK5SCoLQEJSUoJUGZE5S96oCn1rfVQ57agnnz6s9rUI103tmjBzrvCEVAzRCGV_sy-8juIs4vjQaJ5SM9TZTl1YgyXu1lZ-SZqa3O5vvfYUuc1vww4mFEA99LKE2ilhe5wmdeIlqBm4QsgZUVpF2YmTGQE_Lau_8gkxNy9bc1MHoMmx4jlk-DFldBywp0o8JAHSlRLqpN2qv3twfgukKWX0a-7eylZ-S50era8qPZdj984SeI-ITMA7GpkJkKm_JHgk76YLSqS7K_qktLvr2b5bIrB3S6-fs5zYXz5dtiu9SG375ph1-8Hk-JKTxaEza_QxWXqmPJV8uSc2FuaRML8v1tuy7YvcJuLBdGFdmde2_cut3NjLBWajUGlRPyv89fRiwn5Mq1G7NfHf19hjjbgc0udFpNwDIHqSRIxcU9ZRWsOPnhz3nPLvCefYCOcUDzXahuhZ6p0Esr0HQIW1wa5Zk5ufFrMAuw1Bmx1Dj7LDXpp-c-WXlai3wWNFqthkgaPAl44Ae8HbmiHdJ2I2yHEXI72fiDrvwbAAD__63yh6l4BAAA HTTP/1.1\r\nHost: prefecturesuggestions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nCookie: uid_id2=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl23746230=1; slec245d45a321faaf58150e2b1fe830f4bf=[6233292]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: prefecturesuggestions.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 664fb3279eda174e6f3359d2b79088ee\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Findex.html\u0026l=2722\u0026fd=201","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Findex.html\u0026l=2722\u0026fd=201 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":301,"dns":15,"connect":91,"send":0,"wait":94,"receive":1,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:06 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4C5%2F4ZuoIMpilH4ZJLOX2ddpsuZAgORxVLOkCM9tA3NH8gwNbaptHsSQO%2BDRlg3SUlbZkePJVUMnBcTCsCgB8XNqSRCMha12c6LQ0JOj\"}]}\r\nage: 281161\r\ncf-cache-status: HIT\r\netag: W/\"65aa84ef-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 98e197cd1a710afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T16:35:07.773895Z","times_seen":10389,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Fjs%2Fscript.js\u0026l=26398\u0026fd=621","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:07.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Fjs%2Fscript.js\u0026l=26398\u0026fd=621 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.1/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.7.1/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 22415\r\ncf-ray: 98e197bebac74e4c-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"673e23f5-578f\"\r\nlast-modified: Wed, 20 Nov 2024 18:01:25 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1693313\r\nexpires: Sat, 03 Oct 2026 20:30:04 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=omqfTz8kGVO%2FTjM6NdpzJqa5GgB%2BWeBt0jilxPiWHwQr5p0%2BXXHf6iyXsZFEjMZjomoNtqQ%2Frp8tUnaEDWG%2B9Jm235R1qJ2Pqa2PrHw9FiDAewuzutmwe%2BRdB1ejG28QhafR5k0x\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104502,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (58875)","md5":"bde2a1ac06ec87a30967e54da50f5c15","sha1":"5b0c53fe2da7a616e4d4197f579ad62cdeb9e81d","sha256":"320d572dfb844e7152480b7b62374236c4896ccca3ac9d69bb03f3bc2034acb8","sha512":"e47b37745d8010f92934047b5223876dafa545224d78cd840a4c31508c42d50fc52f27064db35aa565c1e2d3fcf3d9394f926ef1fb386f53f9cff881e2731f49","ssdeep":"1536:YbM1MvMaMfMRQFlDZ4eU+9GoW/WTb+1V568sQLebc9UjA691m:hpZZU+0opQLeI9u191m","tlshash":"73a330127d84015bb8064dff3895bfb466f6d7149a9100b9b470ac463eb28acb19f7b3","first_seen":"2024-11-25T11:12:50.821981Z","last_seen":"2026-04-04T16:27:59.923952Z","times_seen":1867,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":50,"dns":1,"connect":1,"send":0,"wait":13,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/assets/123av/dist/app.css?v=1756947695","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET /assets/123av/dist/app.css?v=1756947695 HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sun, 04 May 2025 05:00:34 GMT\r\netag: W/\"6816f472-386a4\"\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2678400\r\nx-cache: EXPIRED\r\nvary: accept-encoding\r\nage: 794921\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I8ksBo4CYWMNfs2cFKD%2BqV2UWRIBSM4ZrY5YSfHjTop93TEuLXSV06dqWZxTVD8ZqrKk1rdMM4yTnHBEBdnQhXSKuMe1\"}]}\r\ncf-ray: 98e197be8930568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":231076,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (60740)","md5":"e7d00d55fe1cb845dc5806153b0e1a84","sha1":"bafbad6b6b1f1b546e6d4919c985992e4931fc44","sha256":"575d6e117f2ca33d1dfc6f4fa2145d5782bbf6cb49c295907be7b2b4d3e9fe0b","sha512":"f442d8d76d0f795c9bd1758716a8d4161d9a6eabf3358494292395d850f7842ee5f368169bb9b4cffa35de2185cb18c6181ad044b442ef872e11bd27ddd69aa8","ssdeep":"1536:S0OiUcIJFQnssgLPzODEBi8yNcuSEvz9tAkfzq3SYiLENM6HN263MsQ8AWoBoVif:S/iUrW9Lq3SYiLENM6HN263nsY/5vWyW","tlshash":"db34c8b6f591342de067c619a0d0babe1d2f8253e3224fbbb5277b6447896c60573e0c","first_seen":"2025-05-10T05:39:59.678936Z","last_seen":"2026-01-23T00:52:35.148517Z","times_seen":46,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.1/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 158224\r\ncf-ray: 98e197c3aa2c56ca-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"673e23f5-26a10\"\r\nlast-modified: Wed, 20 Nov 2024 18:01:25 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 529255\r\nexpires: Sat, 03 Oct 2026 20:30:05 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=OQ5BZasHc%2BOyNiQtbmfCXAiWr1KIkIEfb%2FdhFz%2BN6qfJyUT1Cn6G%2BpyyfQwm0lGa%2BRWzmuC1pUlTxrB9FWap0%2F9wh%2FN5GqhYehnXfIGK34hIP%2BluJMtTEzz2a4%2B%2FCCBWl1ChE2E7\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":158224,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 158224, version 775.768","md5":"8569e341029ad642d6f62398649236b4","sha1":"1b3b218d84feb031d8adcc70742c80b625cba4ed","sha256":"38e76ab3d359e772e9f2aab11fbb07a2e2209318183a89ced0a97d6b958a7a6f","sha512":"4f6d022dc44d79c64835078a28629a91f21301e69755306a1dfe5128ade1956158e0b919caeaa5ee922971b87dd4f3a5dcf0fdc2a1606c6b12580e9ad9edfb2a","ssdeep":"3072:MM1Qd+B1NmuitFBwBEj4jSLLGNGM5W1o9fvwumLiF6Ps7Nk:I+B1NCpj4jSnGoo9fvwpOF6sNk","tlshash":"d5f3123eb5005b9bd91e1b8782ff497b5d368178e290519daa3f28a415c0e0d753cafc","first_seen":"2024-11-25T11:12:50.83498Z","last_seen":"2026-04-04T16:27:59.912528Z","times_seen":2386,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":29,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-VZGC2QQBZ8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"GET /gtag/js?id=G-VZGC2QQBZ8 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\nexpires: Mon, 13 Oct 2025 20:30:04 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135978\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":400076,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"4b1be8fdd88c48c953a16e037f97995a","sha1":"b938fd2ebce0440d635c6a2ed85c3350f61c68dc","sha256":"6cf5f454d481cd06cf43efba5a43753698db643ff854a7f9b2995c49bcf012f6","sha512":"b35e821ba329bc38e94a4724dbbe3f7726bb50025cca3a131f9665280bbb6d6994e5d3a7bfdd2ee15eadd80552b83afae19345e6f61d8674366aba16e0791f0d","ssdeep":"6144:/To/yp2j4tM0uwbWZJT+Nju5204OaNhYXdXAQ1:/5Y8y0KZJu0NJ","tlshash":"4e8419ce73d674264396f078503f018ba57b28a2b44cc899f189cde52e74a9a4277f7c","first_seen":"2025-10-13T20:30:33.525507Z","last_seen":"2025-10-13T20:30:33.525507Z","times_seen":1,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":151,"dns":2,"connect":12,"send":0,"wait":28,"receive":28,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXAHjaba.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/nunito/v32/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXAHjaba.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 17140\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:53:02 GMT\r\nexpires: Fri, 09 Oct 2026 11:53:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:03:50 GMT\r\ncontent-type: font/woff2\r\nage: 376623\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17140,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17140, version 1.0","md5":"4c2d0a606f057d5d5540c36576b637e0","sha1":"2dcffba41877e33a10481014feec6e625d56b529","sha256":"983e9c4b4a8f3bb81190009facbccbe5ecf9f55a758ae95c4759a00f715312d1","sha512":"ae3de875506f94a1aee6a2c09ee1e7f6d67bc4fcbd439af9f9754cdb47ec468f4d9889b3d41bfde1b50b66d8a7a825e6271faebb4e28aae830308e4fff358227","ssdeep":"384:pQ7Pa4fOUrb3NOKh+vlp+fAbm5bAx8S7+Ldhi1laF4:pQ7Pnfrrx7h+6oU8x8SW78aF4","tlshash":"0b72d0d44d3b3786c12f73f9993b0fa417ca059b5a9715aed968cf01a0e6488320b5ea","first_seen":"2025-09-17T14:57:31.841951Z","last_seen":"2026-04-04T08:14:54.816341Z","times_seen":130,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":209,"dns":2,"connect":33,"send":0,"wait":22,"receive":2,"ssl":160},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.google-analytics.com/g/collect?v=2\u0026tid=G-VZGC2QQBZ8\u0026gtm=45je5a80v872265995za200zd872265995\u0026_p=1760387405374\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1441307187.1760387406\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638~115868795~115868797\u0026sid=1760387405\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fnjav.tv%2F\u0026dt=Redirecting%20to%20https%3A%2F%2Fnjav.tv%2Fen%20MissAv%2C%20123AV%20-%20123AV\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=1603","fqdn":"region1.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-VZGC2QQBZ8\u0026gtm=45je5a80v872265995za200zd872265995\u0026_p=1760387405374\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1441307187.1760387406\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638~115868795~115868797\u0026sid=1760387405\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fnjav.tv%2F\u0026dt=Redirecting%20to%20https%3A%2F%2Fnjav.tv%2Fen%20MissAv%2C%20123AV%20-%20123AV\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=1603 HTTP/1.1\r\nHost: region1.google-analytics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://njav.tv/\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://njav.tv\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0\r\nreport-to: {\"group\":\"ascnsrsggc:102:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":95,"dns":5,"connect":30,"send":0,"wait":33,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=43a08dbb-459f-4a35-9f7f-17b365b54eb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=245d45a321faaf58150e2b1fe830f4bf\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=43a08dbb-459f-4a35-9f7f-17b365b54eb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=245d45a321faaf58150e2b1fe830f4bf\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6517054ae67a6cec93e004adf4ec5e31\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":688,"timings":{"blocked":289,"dns":12,"connect":91,"send":0,"wait":102,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:07 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84ef-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ti2e7DZQtekYhFDxow4K2tieS%2FdeYBxTrqQuWUKbjPeBcExQfpgw1V%2BVcagZHNhCKYj7SbztNZtFeVIor3FOIabvprXPBA6Ua3hiex2A\"}]}\r\ncf-ray: 98e197cc9a010afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-04-04T16:16:27.167609Z","times_seen":6237,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":97,"dns":33,"connect":1,"send":0,"wait":482,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:07.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:07 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K0xE8%2BlgYsglCugiPeSR4YZ9Ij5an9Wy6x0oWPmMo5tGQ8zEaX4KNw9UcBGDOt%2FsiMgoyic%2F4SgQzwua2xXZ2pOUNOZEpTGUU0Id7kwE\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa84ef-83fe\"\r\ncontent-encoding: br\r\ncf-ray: 98e197ce1b6a0afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33790,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (320)","md5":"4043f83a8166590c4302cea12e26a1b6","sha1":"ba19220123a12b6b173e0b8c042490115d2782d7","sha256":"5ba435e15a4ee915296bf4f86a540771f6709192d95d43cd9e4e7a4f7a4de2df","sha512":"ee6575978c8152f4501551129feb27eddaea3651eb05ba0518c9b13dcdefa362541d56b0488ea0cae48f866f42f1c912713caf20d67c9f94f1ffcb9114fd4e27","ssdeep":"768:cqFh4NclV3P5Yk+mqZbr6Y0Ld/LQsaUxD27:JmNQ1+mqZbr65UsaU6","tlshash":"bce2621cc59da59d8104a00d72706c34b7fa087baf25b9c1ba98a22e2fcd47e613957f","first_seen":"2024-02-14T15:50:13Z","last_seen":"2025-11-24T04:57:09.894037Z","times_seen":287,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/assets/123av/dist/app.js?v=1756947695","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET /assets/123av/dist/app.js?v=1756947695 HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 04 Sep 2025 01:01:56 GMT\r\netag: W/\"68b8e504-3eddd\"\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=2678400\r\nx-cache: MISS\r\nvary: accept-encoding\r\nage: 3439265\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MgHz%2FRuVsLOThj%2BIXX8YyAwDwK8BctuxUgZsMgWj%2BK00QDou6WvoyvUp861BBo6X9nQo%2BJnbX5LPoGC7oOk845sLozM0\"}]}\r\ncf-ray: 98e197be8935568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":257501,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ad534f689f93736bc68476ac407fac78","sha1":"bcf3e599aa99d4528b7e24688c9ecbc520e70e03","sha256":"4f94d8148e5bcab792f823697cbf909901fed6168bcd09263c3809d31f48e84f","sha512":"4f17038dca2fcc377bf8b4b603d3699a37353f633c7678332684c3496d14efe530c08254d1a4ca2d537e436d3f0e0a6a99c9b51e04f41b0d8ff78178f12c9a92","ssdeep":"6144:G76wIdyY0WXidGPPTVqH6/pEGdYj6kQiVLoeso:G76d5bHT+7GdYjLfLNl","tlshash":"1d44088cf5c6f07602376071009fb447a8b639e1700f5993e971e8d5bcba99e9053eae","first_seen":"2025-09-13T16:34:31.346055Z","last_seen":"2025-10-13T20:30:33.54143Z","times_seen":6,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/24/5d/45/245d45a321faaf58150e2b1fe830f4bf.js","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"prefecturesuggestions.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 22:12:31 GMT","end":"Tue, 23 Dec 2025 22:12:30 GMT"},"fingerprint":{"sha1":"AC:5B:B7:48:27:CD:FA:FD:E8:88:F1:86:04:E1:14:57:2A:95:FA:88","sha256":"45:E1:30:18:7D:BD:ED:E7:EE:D9:5E:BC:B8:81:89:7A:93:D3:35:99:F5:2E:18:E2:40:F9:CC:76:7D:D3:D2:1F"}}},"request":{"raw":"GET /24/5d/45/245d45a321faaf58150e2b1fe830f4bf.js HTTP/1.1\r\nHost: prefecturesuggestions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32697\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: prefecturesuggestions.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9158f1362a4d3283947659a6c4698716\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84250,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7b8dbacdede1e142c2563f2ad3f9ad49","sha1":"1e13a0be1d812ce27def73a01e65a41308425646","sha256":"94472b435f31cda4602b0165faddc1bbbeb3705530109c9580deef468ef5e6d2","sha512":"95a0162021334045f4af347f1b28e957dba23ee22ded49c4917a45b93e71d7fbb00d83a6ca72cdaaefbb5d6f66ba5174db096fc6d335f28925901eb1081a88f1","ssdeep":"1536:UdJsDEFAkM9IWf3pDTf0zpxftTgA4VEIaUe4Ru37oIXDWeGXMtb4cnSzB:vDxk4+BgA4VEIaUe4McBeGXMtb4/","tlshash":"0983f848bb82b869425620bb332ff01af15a4d421da8d444dc57f8d96fb8b1df637e24","first_seen":"2025-10-13T20:30:33.543836Z","last_seen":"2025-10-13T20:30:33.543836Z","times_seen":1,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":98,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bea5dd73dfc0255253c23ea51214b046\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":92,"dns":13,"connect":17,"send":0,"wait":24,"receive":20,"ssl":61},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/interstitial/software/flashPlayer/wind/ff/1/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UfjKRdnp3Sp5hnwCV4zWq75FHEJ5Aq1GC6NHijGUEy9GnhT8HynP0nckKIljiiUL9WRsNabD98TqjSWRo7UhS9nXUDRQFTV6tnmVBsc%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98e197caeb45b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2722,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"2711c3c8cdf7535b68248272d9a41204","sha1":"823e7dcd732055ad2edf1a8eeed5a9cc3ffcce19","sha256":"1ccc66084d92000ac4bf1d6d5219c7362a0a3368fe6b1711dcca3f65a928887b","sha512":"9bf1a2ce2f36ec57d42d4eb27688dd44599ba91b7a3be69320275e97e48a2e13ae54cf4935a025d82654a2e961346266d6ca5a99c2ef8082c3af9761a44b09e8","ssdeep":"","tlshash":"c351af1679fdc2b221868154bf346f6af9d1d943ca421180b7bc81948bdae98cd2b01f","first_seen":"2025-04-13T05:42:03.076035Z","last_seen":"2025-11-24T11:26:53.638221Z","times_seen":297,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":50,"dns":21,"connect":1,"send":0,"wait":133,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.1/webfonts/fa-regular-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.7.1/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 25484\r\ncf-ray: 98e197c3aa2b56ca-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"673e23f5-638c\"\r\nlast-modified: Wed, 20 Nov 2024 18:01:25 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 526753\r\nexpires: Sat, 03 Oct 2026 20:30:05 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=5tGPW1lTCP0bp90eAZPfHYvavjguZeI9u0UEn8VbryloABaIoPiRPgiBuKnwSWl%2BvluLl9BxOhmP8pdXlfYQWZjc5P5i8aCzL%2F1KIECeD6CCl7lHQvcDiwW3BY0sAoTkyOr%2B03W2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25484,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 25484, version 775.768","md5":"28deedcffdb1ecdc7c2c2e209e2e36d2","sha1":"3c727ff1af5625c9095d2cb6566f9e0a4fbc2b8d","sha256":"003b55144f370c07c2bc6f8f80455bca7d61a2fb2766551883734249e953e700","sha512":"e911df24377b57fe219bf0b476ad43e499b4910ff730905f1daf64610d0df92cf03128554a36cc36a8dcf11d55b231a12db9ec70f29c77f1b26180c418a0ffbd","ssdeep":"768:Hcq6O0xjG7MVcQRjIRR9T53mz/RLL7Zkcbg:H/QJVpk9wD/kcc","tlshash":"bbb2d1b686ba21107f8392facda55fe4f244a1d0953276653389134f570a4f4cddce92","first_seen":"2024-11-30T20:48:08.600139Z","last_seen":"2026-04-04T16:27:59.944678Z","times_seen":715,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":25,"dns":2,"connect":0,"send":0,"wait":47,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-13T20:30:04.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HdA6qenkdbXG3tSM6llgNV9mslM2FgGo4GIoixMj9hzSCiEuXjZAo6wcnCn5BrZ6%2FUIyqowG8UrslJjGlAbaV%2FILM4GR\"}]}\r\ncache-control: public, max-age=30\r\nx-cache: MISS\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 98e197bc3f15568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22277,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3dbb8c8c6acfc96cebaf6df156cb78f6","sha1":"d40d2909fde1f26f6326f0a87022cf51dbde3103","sha256":"cecafca4927d2d91f6506874a21cc95f9e52436491212206e257f4e122de18d4","sha512":"ddb235b9e51a886491942919c1ea020a1b0b059fed4beec7e317da8e272cc8b67ee261f73558b0158c9be080f2bb34e769ca624004a5a3781555dffa4f057a60","ssdeep":"192:opdP1nGHuP4l8+Q56vlsyK67YFKklj37D4kaBg8ZjZGa2fOk/UIkBeA7L62a:6t1n4Yj6vJ7pkV7ckHmkMIk0A7L62a","tlshash":"9aa22e7710454c3b0bd3a3d8ae71bb2d60c3c572caa65c16a7f54f8f6bd1e928e4412a","first_seen":"2025-10-13T20:30:33.568383Z","last_seen":"2025-10-13T20:30:33.568383Z","times_seen":1,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":145,"dns":19,"connect":1,"send":0,"wait":131,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/9b/7e/1e/9b7e1e724274b81f688a60aa9a5b4054.js","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"prefecturesuggestions.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 22:12:31 GMT","end":"Tue, 23 Dec 2025 22:12:30 GMT"},"fingerprint":{"sha1":"AC:5B:B7:48:27:CD:FA:FD:E8:88:F1:86:04:E1:14:57:2A:95:FA:88","sha256":"45:E1:30:18:7D:BD:ED:E7:EE:D9:5E:BC:B8:81:89:7A:93:D3:35:99:F5:2E:18:E2:40:F9:CC:76:7D:D3:D2:1F"}}},"request":{"raw":"GET /9b/7e/1e/9b7e1e724274b81f688a60aa9a5b4054.js HTTP/1.1\r\nHost: prefecturesuggestions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38350\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: prefecturesuggestions.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 11c8beb64f890f93d51d8e5d82489b59\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106631,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1ad59021fa17b7f3f6689454847818a4","sha1":"67cca389750e16ffe7a9605b3ff7d6b0ea181475","sha256":"325c8f26e8fba13f553b2df9294a5977a99e40ac23c5daa4a7ef56b4b4ba7b5a","sha512":"a05a48a5e62d696e813e15bcf62ee44c1aa4401ac16a2a5e2ad329babe30412530880192226ed025e0e839961d70f5c009459210c6e33689d9a015464b22d3ee","ssdeep":"1536:9scJYewCZykXTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9NPmQ:XnrT9RCgZ0eQp29NPmQ","tlshash":"0aa3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","first_seen":"2025-10-13T20:30:33.572737Z","last_seen":"2025-10-13T20:30:33.572737Z","times_seen":1,"resource_available":true,"data":null}},"time_used":806,"timings":{"blocked":297,"dns":31,"connect":93,"send":0,"wait":99,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/en/ajax/user/info","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET /en/ajax/user/info HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FmfquH%2ByGvVk4Z5qh96mewRSJz8H78nSdFlTPI4CLC%2F7y0Dmv8N8JZ8u8HAxhjSEzBGjqMTor2jKywT62DzCWuzpeWHq\"}]}\r\nset-cookie: x-token=4aa99e4bc2aa6a4f52aded62306bf1df; HttpOnly; SameSite=Lax; Path=/\nsession=rYtMCODIbM8IhHG6Yn52NiNWg4ha1JUY3trNnDLr; HttpOnly; SameSite=Lax; Path=/; Max-Age=7200; Expires=Mon, 13 Oct 2025 22:30:05 GMT\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98e197c31e04568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22706,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"d7b6d5d08cfba5f4dcbd8606402291f4","sha1":"d9aff40ab47a520f9fc1fc5d2bc9d2a448ab6b98","sha256":"6b36a08bfdfeda00853a9e8b0d8a259a68215d130647da92424ee4a6bd83b706","sha512":"a9ae4ca30e3b81cd4710d0bb0d35c9684505aed3b74dd1b7af812c747e1c108a4c1d23537921b8febec0b874d41ce45c968e8f04493959a953eefadb3ba2f2d3","ssdeep":"192:jbdP1nGHuP4y8+J56vlsyK67YFKklj37D4kaBg8ZjZGa2fOk/UIkBeA7L62a:Pt1n4Ng6vJ7pkV7ckHmkMIk0A7L62a","tlshash":"b9a22e7314455c3b0bd367c86e71bb2e70d3c572caa66c12a7f94f8f2ad1e928d4412a","first_seen":"2025-09-13T16:34:31.317722Z","last_seen":"2025-10-13T20:30:33.585131Z","times_seen":3,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/assets/123av/images/avatar.svg?1","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET /assets/123av/images/avatar.svg?1 HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/assets/123av/dist/app.css?v=1756947695\r\nCookie: locale=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 21 Nov 2024 03:54:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: MISS\r\netag: W/\"673eaf02-3d6\"\r\ncache-control: public, max-age=2678400\r\nage: 1658362\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WKYOdhSQTtoxVWA81TN1suDo1FQNYGFLJfyU2K5xlmCLCaSbduvnCFOub1bbYqaAdcXi4S7nY4imBne8uZb9047ghkaf\"}]}\r\ncf-ray: 98e197c33e06568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":982,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"433b52c1065019a2dc84177fc667c7b8","sha1":"589034fb93d845ac495dffb63d083304b4b5ee06","sha256":"2a7a23c57b4ce4f9d4c9143c7685e2405a307265971507e2d8a5ac286f82f5e0","sha512":"da4d7f1c3675bd77f7cc74dc29e058465b4d482aed2aea16de78afd7e64a920160b23fb4f94999a53f0cc9069531e62593d3e88d65a034cb109d6a40d11e8c56","ssdeep":"","tlshash":"6211e1e8c1dc8030ca7883a4a27874f58a0ca1eed1d187df7289a07a21366e8f11b550","first_seen":"2023-05-07T18:04:55Z","last_seen":"2026-04-04T13:39:29.764636Z","times_seen":1083,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:07 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84ef-2481\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ME7QWkF4OY90SjlZDYw%2BzbjdIEHLlPzRGrFn%2BAJf1lkx6tNh3vzAbau5y%2BnUF93IlczStzXSvgC%2F2oAevrZHUR783uXlNTc2sXfamzXE\"}]}\r\ncf-ray: 98e197cc89e80afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9345,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"46f0f778cdae35d992e025ac62666493","sha1":"b014cbbf2d988e81023cdb9716107e99bb540984","sha256":"f00ce2fcb45c4c0485d792d4098b7db7c67009b195de3eaf7398d7fa0a511cbf","sha512":"e308c50ccbafc37c2719e2c1f82e4aa1f8a8c60d701c47eda2f3b281616d49b00c39b637f11dad1763f8419a94048355d30cefa360257e01c180aeca49f8bb1e","ssdeep":"192:QMVRADzw2wjiSO3aTcU00/srjZN83dVBx:QMbO8v239u3dzx","tlshash":"401253d677a60208b507e0da79126f5677654003ae0fcdbaafe0244cefc93ed856374a","first_seen":"2025-04-13T05:42:03.063143Z","last_seen":"2025-11-24T04:57:09.880933Z","times_seen":284,"resource_available":false,"data":null}},"time_used":673,"timings":{"blocked":80,"dns":32,"connect":1,"send":0,"wait":513,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 13 Oct 2025 20:30:06 GMT\r\ndate: Mon, 13 Oct 2025 20:30:06 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/impr.gif?sid=H4sIAAAAAAAC_1RSP2wcxReedVL9fgX_IioiXUERBD7v3u79I0IRJgRFBCc4BhcUaP7teey9mWVm9_Z8lYUllPLoKCjW39mxAAtBQ4eIznRGSByVi5iCGgkJlBZ055MsnjTvfW--Kb73vflkLz8jIXJ6eu8dM1BJQpfqVb9ybV1pYQpXWVmrBH7Vv15ZV7oRXa_0p8n2Xg3CqOq_VHlL8i2zVPMD3w_8oHJLWRmb_tKMhUqP2kG17VejWjWoR-jb__Yu9-CoB9E7I89CiclTv8cfQPExdPebm9JtZSZ95c1untDMWPTE4Xt6S5tCo3sBY-sh1ofz1zBuQshnCzD6cD4BTG9_OgGYmpCF5x-D6cO5TLDewblSlkBqMPF_FL0xZDKGomNwswslfiEAF1i5C919uGJsQbfPWTplJ-Tyk7-gigm5_PgKdPfr5UT1K_dNkmfKaId-XEL1x1CdMdL8GNlgAao4Bs8-hhI_k6Und6C7-3ddYqDE6YvNWoO3aIsuhjFrLkY8ai6ypmwv1muCNSRvBnXWnFmk4jGo85BPj_KQxx7y1ENXnFYivxXxgIaNuC14049oFAnJ_Har5vu0zZvI-VT7EFk6BE-G4HYHqd3BlhrC5o_gNko44cFlBD1RopAEhSMoKEGhCIqMoOiVByJxNVc-FInLWTCvtXkNy5HJOnv0wGQdqQmoHcKKcl-lH7ld8OzSaBA7MTLTRFlWjigT5V56Rp6Z2uptvv8dtuRppRbVRVSnYS2IKY3rraDuyxoLYtkK_ThiMZwqodzCzIyBmpDX3v0HqZqQq7-tgdFjuOQYXD0Nml8FLUrQjRIDfaRlsag3aa_a3x5AmBJpdhnZtreXnJHnRqtry49m2_3whZ8g-QmZB7gtkdoSm-pHgk7yYLRqCrK_agpHvr2bZqqrBnS6-fsZzaT35dtyuzBW3L7phl-8zqfEFB6tSZfdoVoo3XHkq2UlhLS3jOWSfH_brUt2L3cby7nVeXrn3hu3bndTK51TRo9B1YT87_OXwdWEXLl2Y_ar63-fgac7cOmFTmcIWOohUQSJvLinrISTJz_8Oe_ZBd5zD9CxHmi2C90t0bMlekkJmgzh8kujLLUnN34NZwGWeCOWWG-fJTb59Nwnp04rcShr3PdbzUYQtmIZhJHgcb0VtUWD-mEokbnJxh905d8AAAD__1GaF3d4BAAA","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:07.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"prefecturesuggestions.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 22:12:31 GMT","end":"Tue, 23 Dec 2025 22:12:30 GMT"},"fingerprint":{"sha1":"AC:5B:B7:48:27:CD:FA:FD:E8:88:F1:86:04:E1:14:57:2A:95:FA:88","sha256":"45:E1:30:18:7D:BD:ED:E7:EE:D9:5E:BC:B8:81:89:7A:93:D3:35:99:F5:2E:18:E2:40:F9:CC:76:7D:D3:D2:1F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSP2wcxReedVL9fgX_IioiXUERBD7v3u79I0IRJgRFBCc4BhcUaP7teey9mWVm9_Z8lYUllPLoKCjW39mxAAtBQ4eIznRGSByVi5iCGgkJlBZ055MsnjTvfW--Kb73vflkLz8jIXJ6eu8dM1BJQpfqVb9ybV1pYQpXWVmrBH7Vv15ZV7oRXa_0p8n2Xg3CqOq_VHlL8i2zVPMD3w_8oHJLWRmb_tKMhUqP2kG17VejWjWoR-jb__Yu9-CoB9E7I89CiclTv8cfQPExdPebm9JtZSZ95c1untDMWPTE4Xt6S5tCo3sBY-sh1ofz1zBuQshnCzD6cD4BTG9_OgGYmpCF5x-D6cO5TLDewblSlkBqMPF_FL0xZDKGomNwswslfiEAF1i5C919uGJsQbfPWTplJ-Tyk7-gigm5_PgKdPfr5UT1K_dNkmfKaId-XEL1x1CdMdL8GNlgAao4Bs8-hhI_k6Und6C7-3ddYqDE6YvNWoO3aIsuhjFrLkY8ai6ypmwv1muCNSRvBnXWnFmk4jGo85BPj_KQxx7y1ENXnFYivxXxgIaNuC14049oFAnJ_Har5vu0zZvI-VT7EFk6BE-G4HYHqd3BlhrC5o_gNko44cFlBD1RopAEhSMoKEGhCIqMoOiVByJxNVc-FInLWTCvtXkNy5HJOnv0wGQdqQmoHcKKcl-lH7ld8OzSaBA7MTLTRFlWjigT5V56Rp6Z2uptvv8dtuRppRbVRVSnYS2IKY3rraDuyxoLYtkK_ThiMZwqodzCzIyBmpDX3v0HqZqQq7-tgdFjuOQYXD0Nml8FLUrQjRIDfaRlsag3aa_a3x5AmBJpdhnZtreXnJHnRqtry49m2_3whZ8g-QmZB7gtkdoSm-pHgk7yYLRqCrK_agpHvr2bZqqrBnS6-fsZzaT35dtyuzBW3L7phl-8zqfEFB6tSZfdoVoo3XHkq2UlhLS3jOWSfH_brUt2L3cby7nVeXrn3hu3bndTK51TRo9B1YT87_OXwdWEXLl2Y_ar63-fgac7cOmFTmcIWOohUQSJvLinrISTJz_8Oe_ZBd5zD9CxHmi2C90t0bMlekkJmgzh8kujLLUnN34NZwGWeCOWWG-fJTb59Nwnp04rcShr3PdbzUYQtmIZhJHgcb0VtUWD-mEokbnJxh905d8AAAD__1GaF3d4BAAA HTTP/1.1\r\nHost: prefecturesuggestions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nCookie: uid_id2=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl23746230=1; slec245d45a321faaf58150e2b1fe830f4bf=[6233292]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+db8a470149378710b702e4fcf1ae5726=6233292; expires=Tue, 14 Oct 2025 20:30:07 GMT; path=/; secure; SameSite=None\niprc_l:6233292=1; expires=Tue, 14 Oct 2025 20:30:07 GMT; path=/; secure; SameSite=None\r\nHost: prefecturesuggestions.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9ebe8978d10df63d42ffc77e05f1b2e0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 13 Oct 2025 20:30:04 GMT\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9205,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e1b12374d1f132e183932cf9e05d19cd","sha1":"cb9e96c7a71452c8e909da458ed53e6bf68bda74","sha256":"4a009bf1f3405740ae30c6169cc28d6db120a95a0a1dbea5b3552db194443114","sha512":"e52f16e82a1f827db45d2d648e63c3f55d6a78e4b92f0ea285bfce4f65f747659a6fc975b805ce806aa644227cf3b8c4bf50972befd12c816ae7f06e468eb0d7","ssdeep":"192:mO/2OmbObOBMO4H+yptkUtH9y6uk7kH0yXLkeLHbywkkdH:mW2lbibbl7QFDPeo","tlshash":"ca12a991045bd100aa432cc667cf7e37ed4ea2553454c57aebfd9898ecabc272364b0e","first_seen":"2025-09-30T09:05:05.105071Z","last_seen":"2026-03-30T23:23:08.784149Z","times_seen":18,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":158,"dns":21,"connect":15,"send":0,"wait":19,"receive":0,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1050\u0026rd=1050\u0026fd=569\u0026bv=25.10.2289\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1050\u0026rd=1050\u0026fd=569\u0026bv=25.10.2289\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:05 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":660,"timings":{"blocked":244,"dns":13,"connect":93,"send":0,"wait":94,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://njav.tv\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=43a08dbb-459f-4a35-9f7f-17b365b54eb3:3:1; expires=Thu, 11 Oct 2035 20:30:05 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"a5a6332c4af5b8b59ed7a8ecfa2d3a16","sha1":"2c3fc4e5a2c50f0a6a99f7c64b35b495da45b7ba","sha256":"3795d7df11d76f473c6ddba23cde6edd5c1cbdda6531b3fb34bb11aa31d6879e","sha512":"87fc87739b0f2142be5e0153c4b16476fd926d1998b27f68af235f308b4769f2f38b24feae268461a21f851d41410ecbb05ec5077e61e5a8cb796c178860d2b1","ssdeep":"","tlshash":"bf9004cf1430131c01d7cc005d0011c43f40d50751714745311d75305454c41c71c501","first_seen":"2025-10-13T20:30:33.610173Z","last_seen":"2025-10-13T20:30:33.610173Z","times_seen":1,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":202,"dns":35,"connect":30,"send":0,"wait":22,"receive":1,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=43a08dbb-459f-4a35-9f7f-17b365b54eb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=9b7e1e724274b81f688a60aa9a5b4054\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=43a08dbb-459f-4a35-9f7f-17b365b54eb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=9b7e1e724274b81f688a60aa9a5b4054\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 99c42142c4c0844513dccee5e685d7b1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":701,"timings":{"blocked":297,"dns":15,"connect":94,"send":0,"wait":99,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Fcss%2Fstyle.css\u0026l=9345\u0026fd=608","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:07.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fwind%2Fff%2F1%2Fcss%2Fstyle.css\u0026l=9345\u0026fd=608 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":81,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.google-analytics.com/g/collect?v=2\u0026tid=G-VZGC2QQBZ8\u0026gtm=45je5a80v872265995za200zd872265995\u0026_p=1760387405374\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1441307187.1760387406\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638~115868795~115868797\u0026sid=1760387405\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fnjav.tv%2F\u0026dt=Redirecting%20to%20https%3A%2F%2Fnjav.tv%2Fen%20MissAv%2C%20123AV%20-%20123AV\u0026en=scroll\u0026epn.percent_scrolled=90\u0026tfd=6690","fqdn":"region1.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:10.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-VZGC2QQBZ8\u0026gtm=45je5a80v872265995za200zd872265995\u0026_p=1760387405374\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1441307187.1760387406\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638~115868795~115868797\u0026sid=1760387405\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fnjav.tv%2F\u0026dt=Redirecting%20to%20https%3A%2F%2Fnjav.tv%2Fen%20MissAv%2C%20123AV%20-%20123AV\u0026en=scroll\u0026epn.percent_scrolled=90\u0026tfd=6690 HTTP/1.1\r\nHost: region1.google-analytics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://njav.tv/\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://njav.tv\r\ndate: Mon, 13 Oct 2025 20:30:10 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0\r\nreport-to: {\"group\":\"ascnsrsggc:102:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:18:15 GMT\r\nexpires: Fri, 09 Oct 2026 10:18:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 382310\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-04-04T16:55:11.95796Z","times_seen":16138,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":237,"dns":14,"connect":21,"send":0,"wait":21,"receive":6,"ssl":195},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:18:15 GMT\r\nexpires: Fri, 09 Oct 2026 10:18:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 382310\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-04-04T16:55:11.95796Z","times_seen":16138,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":21,"receive":25,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://njav.tv\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://njav.tv\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7:1:1; expires=Thu, 11 Oct 2035 20:30:05 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"2e9367f5ade0e990e0c56bc4be40af26","sha1":"ac443ad64b59bdb1023573587f70bffd6d694117","sha256":"e716bae48d99937db962f306a439503ed515845c323cb72b49b647b3934a740c","sha512":"93811c3e81d029403b230749e663030815eecbfc6218592bc37f2f02a7c0c0e645f6e785e62d442fbca9d6b7af4336c0eeb5da196517e70ae597707679df2988","ssdeep":"","tlshash":"4890044505114011f44d00d4443500cf50c141470cc4f4704015cc37c3115403c33701","first_seen":"2025-10-13T20:30:33.61733Z","last_seen":"2025-10-13T20:30:33.61733Z","times_seen":1,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":165,"dns":0,"connect":24,"send":0,"wait":21,"receive":0,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/software/flashPlayer/wind/ff/1/img/ff.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:06.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/interstitial/software/flashPlayer/wind/ff/1/img/ff.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 41298\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa84ef-a152\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 281161\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3%2F8mo6AD715UpN%2FC%2FRvqe61M01Ou3rMxeGqVMetU1hrsMuZaz%2BP%2FpgoQxaMxRKwdmb7t3CS71bCTE5iAm1uHWL1bf%2B6PQTXyok7tr3rv\"}]}\r\ncf-ray: 98e197cd0a6e0afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41298,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced","md5":"3b579dac7b2a5341c10bcf05e4cdc361","sha1":"4e5b12bc630506f331381e78355523254d6ff6c0","sha256":"51d5fafdd38db830caf6d9f2cae4db2b79296185413f623db9188e487c1fd4ce","sha512":"47b1fd61da1e98e0af71c6d1cf0aeb74904e4529c014344df0a995157fdfe8e559cbecaedb05062bf0612548584bf2ff173b7389f2d005df8626bbf04eb61f05","ssdeep":"768:rmwCbgRKD9HKj2AyAQDslPRG3jTEwQrVtmg993rABjaCC93BkS:rmwCb1qyACIZo9wTZ99bAhaCeH","tlshash":"aa03f1366201b9d40b1e9d582ff3ed4c493a136333c2f9583ccaa95b4537e7a659b8c4","first_seen":"2025-03-17T16:56:09.587724Z","last_seen":"2025-11-24T11:26:53.678391Z","times_seen":292,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prefecturesuggestions.com/pixel/sbs?c=1","fqdn":"prefecturesuggestions.com","domain":"prefecturesuggestions.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:07.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"prefecturesuggestions.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 22:12:31 GMT","end":"Tue, 23 Dec 2025 22:12:30 GMT"},"fingerprint":{"sha1":"AC:5B:B7:48:27:CD:FA:FD:E8:88:F1:86:04:E1:14:57:2A:95:FA:88","sha256":"45:E1:30:18:7D:BD:ED:E7:EE:D9:5E:BC:B8:81:89:7A:93:D3:35:99:F5:2E:18:E2:40:F9:CC:76:7D:D3:D2:1F"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: prefecturesuggestions.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nCookie: uid_id2=726c8a8a-3fb7-4c47-b7e9-52db6ec715b7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl23746230=1; slec245d45a321faaf58150e2b1fe830f4bf=[6233292]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: prefecturesuggestions.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":691,"timings":{"blocked":292,"dns":2,"connect":92,"send":0,"wait":105,"receive":1,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"prefecturesuggestions.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"njav.tv/assets/123av/images/logo.png?v=2","fqdn":"njav.tv","domain":"njav.tv","tld":"tv"},"ip":{"addr":"104.21.83.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:04.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"njav.tv","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Sep 2025 06:36:25 GMT","end":"Sun, 30 Nov 2025 07:34:40 GMT"},"fingerprint":{"sha1":"32:CB:9A:50:76:2C:DB:97:C4:7D:80:D7:61:E6:E9:4D:15:22:94:19","sha256":"0A:D5:55:68:6B:15:85:5E:31:CB:45:8A:9A:73:0C:12:AD:5D:E2:6F:37:AE:55:F7:99:27:90:93:F2:84:B9:19"}}},"request":{"raw":"GET /assets/123av/images/logo.png?v=2 HTTP/1.1\r\nHost: njav.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:30:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 11706\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 23 Nov 2024 03:03:56 GMT\r\netag: \"6741461c-2dba\"\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nage: 6263894\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BFC7bM1P8oxvnw0VS3YnJlmtbUixxuqgW%2FAStGaZFgYTiGQzXcB8w1euwhbJP7FKlxyDfi3qNaLXVzVJfvU8HYWP62NA\"}]}\r\ncf-ray: 98e197be8934568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11706,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 466 x 135, 8-bit/color RGBA, non-interlaced","md5":"2f1f9cea18cfd84e37877e8ebddeb8d4","sha1":"39206b188a08d6b23eedec5bb67de038968fcbb3","sha256":"117aee193670fc3997ee1684896ebc5bca360c6af30ec82b26852f5bf144a1e6","sha512":"832b07ab8efa23f9e231594c660d55d31c2e72de55aba44f14643323d9ca5c2851a2571521faa03c19a31db8a9b2e257306bf6a558e315af2dc8472034adf098","ssdeep":"192:ZiknWQ9klpIF/nyM1CxR6QK7xA1nSxTtURuQavEC9POE3dAfqh0e2:XnWDlpIZyM1Cx11nIiuL9mTqyX","tlshash":"60328e48ff416c51bf01e693a6aae0da5fbb42a0c1d3d486adefc92354d017d5d0e282","first_seen":"2024-12-05T22:43:08.122875Z","last_seen":"2026-03-10T05:39:50.858731Z","times_seen":66,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"njav.tv","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://njav.tv/","date":"2025-10-13T20:30:05.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://njav.tv/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:30:05 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4426507d7f34903455c1f91cdd13cf18\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":77,"dns":2,"connect":18,"send":0,"wait":28,"receive":18,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}