{"report_id":"271a2a26-8b0d-4124-8da3-397454593fe4","version":6,"status":"done","tags":[],"date":"2025-12-23T11:52:04Z","url":{"schema":"http","addr":"13.torayche.com","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"172.67.220.136","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"title":"13.torayche.com/","dom":{"size":77009,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12693)","md5":"e2e7d54e35124b1519eef9a2b7a05dd1","sha1":"7cee37f879d7aa0037e06ac734aae83b2e20f788","sha256":"6e796487004356ad64c779fce3340ebb937570b88f155c41512178239196ab9a","sha512":"71ca67df800aab12c3e2bf30b3a361e34fa7d6e13e5caec795a09eb169bf422cf448ae382c14a30656498547adadf384b1575b8e40e96838592888185f6b293e","ssdeep":"768:kHLFNfaelsGL1l+G42v/VHTpPOv9jufPOv2KV/:kHxNCeh1wkPP69j6Gv2+","tlshash":"6873fb3454f620a711a7e099ab6a2e0b3ed3d16bd54aca00b6dc4b847fd7c82cd6335d","dom_hash":"domhash4db4213c31f4a79a2f90690fb77b766e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"13.torayche.com","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"172.67.220.136","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-27T11:52:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-21T22:17:07.06462Z","alert_count":0,"request_count":1,"received_data":7967,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"13.torayche.com","ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-04-12","domain_rank":0,"first_seen":"2025-08-16T01:52:41.090437Z","last_seen":"2025-08-16T01:52:41.090437Z","alert_count":99,"request_count":33,"received_data":1171161,"sent_data":16350,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"BootstrapCDN:4.1.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.1.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Popper:1.14.0","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-21T22:14:03.270461Z","alert_count":0,"request_count":6,"received_data":72267,"sent_data":3331,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-12-21T22:27:34.829071Z","alert_count":0,"request_count":2,"received_data":173880,"sent_data":906,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-12-21T22:36:12.072016Z","alert_count":0,"request_count":1,"received_data":87893,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2025-12-22T00:25:56.931995Z","alert_count":0,"request_count":2,"received_data":244201,"sent_data":986,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kuolkoola.com","ip":{"addr":"104.21.68.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-20","domain_rank":47044,"first_seen":"2025-05-08T22:43:24.287422Z","last_seen":"2025-12-17T06:50:20.084874Z","alert_count":0,"request_count":2,"received_data":4086,"sent_data":1106,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2025-12-21T23:36:42.536211Z","alert_count":0,"request_count":2,"received_data":103184,"sent_data":960,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-12-21T22:20:20.869237Z","alert_count":0,"request_count":2,"received_data":43053,"sent_data":966,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d299fc4158f5ee271d32054f20c567b","sha1":"f7a0862ea30145dcb0a90604dd7898a40e53feb1","sha256":"c9ab2db9b28f51129edfd2aff30ad067245bd34b028991e08f56f7c947f60495","sha512":"cfd527d72368746c57394fde01a5bf34d2a2c64db14d77c41a73f02bd063c5d3a89edb8042774ec98a11cd77e5790004e4fd1d34025976df1dc2bcf49a1fc7bd","ssdeep":"384:hEO8LLwmwafzrI9INlsGx51lVEG42vx6jOv:2HLFNfaelsGL1l+G42vd","tlshash":"6ad26e1c8bf230b9a67fa17ea25f681478e3717b4084d501f5cd92406fd9a43c9ba6e8","size":30513,"data":"","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.4379Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"be3424df8e7865a0fb51c5795569c66d","sha1":"f4d5510869e15be455cdb3b4c60d68e417679fb9","sha256":"3013c73845767be60718111050f947938873f0bacb90e9729dad75bc0103b72c","sha512":"8c64b820f8eee28a5af0da95ff1fcfba63c2f638587697e9ca8934fdd0ff931424c2130998dd19ef1d76c6145fb3be99c7951bf5304a00916b3180e9337a0bc2","ssdeep":"","tlshash":"fc518f7b98a752312a77206a4b6ff210796750331488e8017f9ce700bfa4d1fd669be9","size":2897,"data":"","first_seen":"2024-12-10T07:43:32.152897Z","last_seen":"2026-04-04T02:04:14.552112Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab4681ff11ea8bdd4a9ed4d0a35c8516","sha1":"303697653c882b82f6f3166f682929182af7b430","sha256":"bec24dd2ba9de50a9994f539980aad8406c1fa2c868a853a31870f931e5222b3","sha512":"cc7cf7967ecf93cf06dcb5d5e0b021ad59a3010129180231b7368748fcd9e665dde1ce46fb6d297906cd9df777c67679962a8c7cdba823d0255298933cbe5583","ssdeep":"48:lFZ2swbMigMITnoUH3ZHyvVSyuBqsKcaXe1xib2EF4L3xpACW:Z2swbMjp7HI+qsKcaXe1xf3xpACW","tlshash":"fb910f5ab4eb11e062a7b016d95b5d0438b740bf7a0acf107d9d1ce93f9a434c1b221b","size":4216,"data":"","first_seen":"2025-07-31T20:24:30.294574Z","last_seen":"2026-04-04T02:04:14.55287Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"753dbb5feb34a49295103c16fbbe983e","sha1":"cea88eecf90a2b08ee38ced5c5e2a0ee05aef480","sha256":"c5f375974422e8bac1601a46d2fbfc705028a09acf7077fc407ca12205916db8","sha512":"6c0abe7d0ac77f2ef49014cbbf1aaff7d4111974045dbe3bd16e5d366f980daa6698241eb3ed7d77a94f52cce1c7cf012ebc2f3399be8cce9d7c0e3773257881","ssdeep":"","tlshash":"dc80000faaa28220a022000f0a8222a028033832028200002a0283c022a3c0388002ca","size":28,"data":"","first_seen":"2025-07-31T20:24:30.302021Z","last_seen":"2026-04-04T02:04:14.553814Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"842f960d6b87a586b57595a9f79bf93c","sha1":"1dd3ee042224991efe9d488996d7ad49e2b268df","sha256":"b9708a7e2806e43dca0d6509a91fee7b718ba70c50aa60a2ef81b5df59ae6eab","sha512":"8698fad68917955c243dfc6e708a95e3dd232f97d0a3f4b722ae550752344178aecaebe0e0a2460c1c7fdf4c1eb365f30e4e8ba5a535179f076dd2bf2a24aa27","ssdeep":"","tlshash":"8bf08c2e45a6263028b7b07f5b8f7604256310a70409c9113f8cc680ff36a7f8ef66ca","size":630,"data":"","first_seen":"2025-07-31T20:24:30.306839Z","last_seen":"2026-04-04T02:04:14.554793Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"13.torayche.com/assets/images/home-header-bg.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/home-header-bg.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/assets/css/main.css\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 117934\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-1ccae\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WAp7uw9C15PGbx3CkI4BkaB5Sd46OMqWGFdH3Bl77B5xinoe4gCmwWFitsrdGa5S0e7YU5C4KcKl%2FXt%2BmghPWGHj3LHQZMQuytyM9UQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ef6aa67129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117934,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1052, 8-bit/color RGBA, non-interlaced","md5":"192a5c4c38c4668977b4ab6e475d8e2b","sha1":"9e4b5e9ae9a39ea67bce6aa786d14ddd09d428b4","sha256":"a3af5ceaeb32f7ccd4d31b8818802a077ecba3a6edd51ce003ce3eaaf168290f","sha512":"4ff4954766b31133ec4e494bd2eac14dd8ab2a1f629326806ce3799b05f98494e2ddd978df0af736165e26686a913fac4ed84d3d566c7b9433d88bfc184ab29b","ssdeep":"3072:IOAF2lYW5529Zs6MaDVVeNAf1+LCkKYD2w8I1C6Hn:TAFT28Zs6MaDVVeSf8E+h86C6Hn","tlshash":"ceb3e1058d1185e5c3b164b8eab545b332aa4abb5c0c1f947f39f75f0b9daa4f0e02d2","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.542681Z","times_seen":59,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/by.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/by.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 2022\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-7e6\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XGJ5wtTQ2K8CHxZMmTK%2BrZU3peLzW3Jv4OFt5I1NCy2lwXsFj%2BW5HGOYZEfFu1%2Bqn8prcRNJgIxk7sVTG8z6nfJra%2FSc0Yf4z2nPO2M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee8a997129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2022,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 67 x 65, 8-bit/color RGBA, non-interlaced","md5":"6c077fcda7443f808bfe1a507239cca9","sha1":"97d2c0ea8ab630d71b57382104b2094872cad53a","sha256":"09f1e28b4bad9daa8a889eafe60fa64200c0e37f20f1e7e7f0e277fd6dc70d9f","sha512":"061c4e7d8430f3744f00ce294e03e6e19f061704ec68c2978e710b53ba4c2b27d8bfcc6f270800b22198bdebf3871726b2de1a993bdc9d406472a2686900dac4","ssdeep":"","tlshash":"53410a6700992d2aa35d9e2264f484b3db231539bb2f4405b28674360f56de7197a2cf","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.521544Z","times_seen":59,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/phone.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/phone.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 1211\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-4bb\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NCbV%2BEXmxC7fRtW%2FtTq8gLDzR4iEJL48hGbfaz3n5CESpGOhF6DSe%2FTJh8PdTxA%2FY4koKOxaJAIe%2B0iVsx0JcFOa4YLWlrR5EI6PCYU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee9a9a7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 64, 8-bit/color RGBA, non-interlaced","md5":"1665329216720182fdda09ccdc56f0dd","sha1":"7a4c75ad95bdc5ae16e075784fc31c0e6e1a5c2a","sha256":"32b984d5b404eca6b70a91ae64e22dc7d02cca4dd8011236cbf2ad589ff471f0","sha512":"fd11a47b82f8f371344318ea79da99dda163a55b7e20e00ab64effcc3dfee4dd30c7e42887c03c738a63c6404865e2f77d155ec913f376c9c2c49fcc6f14f177","ssdeep":"","tlshash":"fc21da972d830b92c1c87b2b5cd47a089f9ba144465c4e74b0499c31671977045c48df","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.537392Z","times_seen":58,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/styles/arrow.css?v1","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/styles/arrow.css?v1 HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"636262bc-1a14\"\r\ncontent-encoding: gzip\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3RCeDncYw4FOODT2TI5JhVHFEd8KCVztr9Zt32G%2F9Olviz8vYOqPpEG7VyymU27TtNjpZy9qW%2F2RUK8PEkvRBOnaO%2F%2BrwgZOsCoV3xc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b27a5edaa857129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ed4a61ae7235d0e7573766e78dd3fc02","sha1":"090b5cdab4ff3a3b87f491da06b4db99a8c51694","sha256":"ca50536990b949c20119f3134582c654fcd14fabce2517bbc5255fba7faa881b","sha512":"c2d58441829ea6697f14e85f01e1d0c006b6460cd110969578263423016232f407b40490eb5dfde4fbe02e47ac1e19c8db508b8fc0c7fea7a28920c0ad573165","ssdeep":"192:jKRrDP7WWP/8O+t6cjfwZVMLLmmGTA3P8JsRYJbwAzXJtMzZzINvOQpsLr6O:Y3MLLmmGTA3P8JsRWbwAzXJtMzZzSvO9","tlshash":"94d173236a5e2c46a05ed898efd09f4e261f41d7664f8c99fd80340d9fc89a48996f8c","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.435385Z","times_seen":482,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14868\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Dec 2025 23:00:18 GMT\r\nexpires: Thu, 17 Dec 2026 23:00:18 GMT\r\ncache-control: public, max-age=31536000\r\nage: 478280\r\nlast-modified: Wed, 10 Sep 2025 16:47:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14868,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14868, version 1.0","md5":"a870ee3703f35f3b772e1ea3aff0abea","sha1":"2f73bac27e4fca1630d90813a858d7b815faf5c2","sha256":"691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc","sha512":"eb7e106769da2737a2d128f7b5ffeb145c03ecb3e0d120ea8e48f66b54ccc92b3657c9ba44385b355643e344329318c3d4eddde64b060ef580b419ac09d48add","ssdeep":"384:mVyQfY5SLPyg3mKvJU/rtyXWtnpeb0qY9X3cCI1Ll62yQ:2YS7fWKvJ2tyqM0PXINl62yQ","tlshash":"7562e0e9d92843e74d2019387b4b78df360adbed631a4878e995c49b6014af79122c1e","first_seen":"2025-09-11T17:07:37.667838Z","last_seen":"2026-04-19T12:41:53.405117Z","times_seen":41806,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /199f8c6.php?utm_source=\u0026utm_campaign= HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5cIAlFks6dfc7CNyj6KEg7a5dJUXMu%2BEhzFT0WKob5hUeFjb5gwFsg8tGOa9%2FC7WDZbgAlVzWDQYegyaQ7boB29FFJKCXX2KQh2H24M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b27a58c4e8b7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43509,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43461), with no line terminators","md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/money.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/money.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 1799\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-707\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Byd%2F3Afpcq6bxjhXtPk7x31l12OVu1V9%2FAu5zqWdvs8ytzfUFBcpPE%2BOIDAuhaFP9T%2FPPmQBCh%2BZoGONVhwlh4L8dJ3Cnzyw6d0VE0s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee9a9c7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 72, 8-bit/color RGBA, non-interlaced","md5":"93bb4e0e40b2717a4be6ee0ff6521dd8","sha1":"3232fc7a2a95a6c74d1822f84f821282f70843be","sha256":"ef0925d7955dd97dd979a6e2c8e1bc91a610b5d7339ab75cb7e784aa11c08ca2","sha512":"e0a9d2b38b1fc20722734704942f655c52e362248d5a3dfb896f2612f20f2ae5db91452ab15762d5ac1a0e5695871056df163424e1c93d22b5cb593597015c90","ssdeep":"","tlshash":"d831eb3e1e2a15b1cfab671330c845069f2ec03785a55a1ff3a5e5518c804c953f476e","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.532569Z","times_seen":59,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuolkoola.com/56547","fqdn":"kuolkoola.com","domain":"kuolkoola.com","tld":"com"},"ip":{"addr":"104.21.68.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:39.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuolkoola.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 07:23:19 GMT","end":"Tue, 10 Feb 2026 08:21:01 GMT"},"fingerprint":{"sha1":"FC:2B:19:59:1B:38:FB:C7:30:93:16:58:CE:B8:18:51:DA:3B:EC:FC","sha256":"4C:64:6D:FC:40:95:00:94:2F:68:3B:50:95:C3:BC:4E:E5:03:71:D8:2E:42:96:E5:4C:49:33:A3:F6:35:4D:3C"}}},"request":{"raw":"POST /56547 HTTP/1.1\r\nHost: kuolkoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://13.torayche.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 215\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: userid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":215,"data":"{\"visitor_id\":\"d0dad712-cd14-47e6-a387-391f406015ca\",\"domain\":\"\",\"confirm\":\"\",\"mode\":\"native\",\"proto\":\"https:\",\"osp\":0,\"utm_source\":\"\",\"utm_campaign\":\"\",\"utm_content\":\"\",\"utm_term\":\"\",\"utm_site\":\"\",\"utm_clickid\":\"\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:39 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: https://13.torayche.com\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-request-id: ffb6a5023b959d5a0eef7d42f9f1faf7\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-ng-name: front7\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7BrJfF5A%2Fh7tUXiV0rMbWUr3mIm3fbMK6evuq1jghQ%2Fc2Ovp9j2JZxvT1AWw5oVEvKaA88Tuz2wSzZtlDTAvQxoifGSIjsZBezW8\"}]}\r\ncf-ray: 9b27a5f57d93568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3114,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"39e4de1de682be0e74ad652db19d412b","sha1":"2da951cb3679ed98f1859cb22051cee4b343003b","sha256":"05e2e26c5acdca91a4c41ac1a1b2de987e9ca86abc2ea07d4b5df5d6693059e4","sha512":"51efb738bd376bb46c28491f762061f4d6d570322b999417525ea99b9037aece3d3d88593bdd0ad19cae8527bb390f480e851d93d6c7172d3ac9bc33937864e5","ssdeep":"","tlshash":"0e515bdb26f9822f86c52dd6d7725c7d30258d98df4a43aaeed7b417d4072340b19384","first_seen":"2025-12-23T11:52:10.757903Z","last_seen":"2025-12-23T11:52:10.757903Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.1.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1514f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\nage: 504632\r\nx-served-by: cache-lga21948-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 99, 2641\r\nx-timer: S1766490682.295326,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30019\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":86351,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32014)","md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":40,"dns":4,"connect":13,"send":0,"wait":13,"receive":5,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9b27a5edb97856cb-OSL\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"ce6e785579ae4cb555c9de311d1b9271\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:05 GMT\r\ncdn-cachedat: 08/01/2025 15:37:48\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 62f7b8850bb6d0754cb60296b6c28756\r\ncdn-cache: HIT\r\nage: 170662\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50676,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50395)","md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/first-screen.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/first-screen.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 123973\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-1e445\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qCjGKixtukEirr%2FWNVHLtuZmxmSa4HdQBmodGBoxrToJuSOZqmlzn7XbJ%2BXaULmBmwKAqLo3hC4q8jQg8IiBmUgSBd7zuEfn4JsxwE4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee2a897129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":123973,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 876 x 545, 8-bit/color RGBA, non-interlaced","md5":"0c05f7ca76aad0880ffc9ea69bfc2d69","sha1":"bc913ac6fbf4922aa3c8fcf93324b70820f1a9af","sha256":"64286c5fe05745673323c33b0249253068742861f7c2ae712f2308b40d83308e","sha512":"b4493833bb8d4619af90c2bd8aceed535efa9d180853b82cc838d28dabae3df353859ae1ac44dff1bc54fc6cc7dd648a4d93e36cb8033110c4e695526572f019","ssdeep":"3072:9I+R2vDWH92pu1AEBjNiSo5HatPxsI3zZpcrHBB9xn/Q8:6+R2bWFzBhvopBI9UX5","tlshash":"9cc312976be6e8284a890ecfcf9db64c1217eacfc0f357a590ea733895570900d92746","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.52562Z","times_seen":59,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/free.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/free.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 1190\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-4a6\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N3kN5yYDzBnc2ZDT8fHGvfB6hSk1hD6asNDvT6fu7uEyjNqiNb5ya8EiZNRJLhLzUYBk9wULfK2rNu4GDzkhNI%2Bj7v9j5FLxiT2ySR4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a58bfe767129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1190,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 68, 8-bit/color RGBA, non-interlaced","md5":"ffc46d0a260b965b82fe6bae52345b29","sha1":"7e2ad61e00aff93b3c5fc9e4c0639d9d2d36600c","sha256":"e43ec096f8a53418bac5602c336b02e8ef394586fe059cc2e512b50dd02e94d1","sha512":"368ef4427e8aea7354d65e866b0afe0e7ea533518cd4ff0fa1567b627e44a24e9164b86f794f45f6e2cde29198d0f7b486dc612386c3e9a5ec68b9b9c5e97a26","ssdeep":"","tlshash":"3621da4b184724e3d369a564d0dca036e51e9f1152453b0cff476cf283000cf5ada5fa","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.540156Z","times_seen":59,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 11:02:00 GMT\r\nexpires: Sun, 20 Dec 2026 11:02:00 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 262177\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-19T12:35:45.501231Z","times_seen":122053,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/night.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/night.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 1283\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-503\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4R2ssK%2FrfFrbaYfQ10urVuTnTSq8UO0ncxtu7ewa%2F7qr2GhHWNUzefksMSa5mkH927Iq6YtI6lsgs1sUN%2FPHUoLPfAy5mgEG12h603w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee9a9d7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 60, 8-bit/color RGBA, non-interlaced","md5":"03f3ade42c0222a27a8c39a2160c9128","sha1":"a72933e2c7b64dca30e510f8e548ccba811dd2e9","sha256":"fed26b5026b7fd43a5d8e97b6ae0fadb6ce398605a2042bc203d8e1eff8d48a8","sha512":"b68ebcb0c535d7845f736bcc2a2b5944fc107ee19675bed491b3b289e6f1c5831f4b5a05168afbca1deb8c53b60b375f1d84617eaa028c85b752694c1c5b6d27","ssdeep":"","tlshash":"9521b751ad99d4b5c7a85b5014ea5820bd3b2e2823c47d57a0e9d8fcdb419dc220abc6","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.547366Z","times_seen":59,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6458\r\ncf-ray: 9b27a5edbe46a0f0-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fa9-500f\"\r\nlast-modified: Mon, 04 May 2020 16:15:37 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 446886\r\nexpires: Sun, 13 Dec 2026 11:51:37 GMT\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=18rjYHIqSx8EOAsfE4GTyxSfXWxCXN0Xs6NABThQFWQ3UYjV%2F3velx2KCx35DVsDeaPOyAUnaEKOdEyVFPVaBPI%2FwX0APJ4YfzFfEOKaxyOLLTKQGxDdnGY%2FFR3cdT7Xlhovgfvt\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20495,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (20322)","md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/money2.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/money2.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 4109\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-100d\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C60JMlol21muZVKc5Dpqz0ZQJ9NWdR8%2B0YKFJJQKQFo57kE3ewgUSyqIGFM6SdZbF9V1v%2FTB7w4yB775XAoGbEeZ1lEb%2FUPxAvybrWU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee9a9b7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4109,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 73 x 71, 8-bit/color RGBA, non-interlaced","md5":"a2011cdc26f3dcdac89e9e4794799b0f","sha1":"c2f07e2304fa8ba1e4f8deeee5cc7aa24bee296c","sha256":"0c4af66b25e16286fb743ebd4579901ac18c1a3fcbf2558415abeeec8686dd24","sha512":"df11e50ed1cd11180cfe38bbc36f4e62052f9534135d5bfd967bcd76d9cc8323d1e28f6bd2917b7f4bd1ffc0fd5cf08c8031df0d20d3b3b40a1852e6ef2e5260","ssdeep":"96:S/kLwXTWuBCNHd1ZkQHXlnhInYAd/o31gL0+kplQ97i:ScwXqusNHd1Zf1n+YAxoiL0dlg+","tlshash":"92816d576df60b1c542ded7611f46181e89f999904e2c98afa9b7a1bea053c4808324b","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.528536Z","times_seen":59,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9b27a58c19f5b1b8-OSL\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"ec3bb52a00e176a7181d454dffaea219\"\r\nlast-modified: Mon, 25 Jan 2021 22:03:59 GMT\r\ncdn-cachedat: 08/01/2025 15:36:41\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 08e22b5864ade00f44eada234e4da4eb\r\ncdn-cache: HIT\r\ncf-cache-status: MISS\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121200,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65371)","md5":"ec3bb52a00e176a7181d454dffaea219","sha1":"6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68","sha256":"f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c","sha512":"e8c5daf01eae68ed7c1e277a6e544c7ad108a0fa877fb531d6d9f2210769b7da88e4e002c7b0be3b72154ebf7cbf01a795c8342ce2dad368bd6351e956195f8b","ssdeep":"768:Vy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1FS:nw/a1fIuiHlq5mN8lDbNmPbh","tlshash":"2cc3c7a0f21031ea7333c55a75d0ed872219a153e56a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-19T12:24:42.261378Z","times_seen":59049,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":8,"dns":1,"connect":1,"send":0,"wait":59,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/percent.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/percent.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 3629\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-e2d\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ILFsZkDjaGKf3468vz0sd8LWf8wxGkOvRDJFvld%2FGdbydpopbTth52D3vd9uEeKMvCI2BRshk2bHWvtQWosDPMb5T3kIEhKuwp%2FTQz4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee8a977129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3629,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"174236fb5aae3e07c5256d0da0140104","sha1":"0ea872966291bd0355301965576b8f73a311b72e","sha256":"caa6f7055758210d74d99881bae258dcfd724991acf55503979dea8acdea68c1","sha512":"b5c0a13cd8667cbdcbe754e02be89b85e6d5bcf94a17e15c002c72441576a24ebcd41a1bc68c40f0ce0500bbf0ae0e7132ec30c87c435b056b76ce855bc5947e","ssdeep":"","tlshash":"13715bc722958bc7c15aff2742fc1ec51dabec10c22ca10be49fd99ed627200ae03655","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.536884Z","times_seen":58,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/styles/arrow.css?v1","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/styles/arrow.css?v1 HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"636262bc-1a14\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XJ7VU9E5TSCKCaZUcx7Kq7q78XpuqR3JoQsEL2ju8fP%2FxUpPYL2ZIYE1OA6oO29JDJRf2bPPtONCyn1jWtp8UtS0RcOoOoVbSBqIDBw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b27a58bfe727129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ed4a61ae7235d0e7573766e78dd3fc02","sha1":"090b5cdab4ff3a3b87f491da06b4db99a8c51694","sha256":"ca50536990b949c20119f3134582c654fcd14fabce2517bbc5255fba7faa881b","sha512":"c2d58441829ea6697f14e85f01e1d0c006b6460cd110969578263423016232f407b40490eb5dfde4fbe02e47ac1e19c8db508b8fc0c7fea7a28920c0ad573165","ssdeep":"192:jKRrDP7WWP/8O+t6cjfwZVMLLmmGTA3P8JsRYJbwAzXJtMzZzINvOQpsLr6O:Y3MLLmmGTA3P8JsRWbwAzXJtMzZzSvO9","tlshash":"94d173236a5e2c46a05ed898efd09f4e261f41d7664f8c99fd80340d9fc89a48996f8c","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.435385Z","times_seen":482,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/step2-desctop.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/step2-desctop.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 200767\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-3103f\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jzpU%2FNND6QMkNPcO9xYO2igd%2BvOpXtuLUoFFpP7JjJciVZs2jqUhqP4%2FERkTZTT7Ziw%2BCsu%2BHT0ZAY6ohH9nrI0ZNNV%2B8S6%2FU7XzDgw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee7a937129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 579 x 360, 8-bit/color RGBA, non-interlaced","md5":"99076f358d9fea4f29adef6c3bb741fa","sha1":"eb50acc9bcf731715101e838c8fea279409d50f5","sha256":"31fe8af2ec08e0515f66da4a9a949305a0d256af3308f37dd2b9920a2b35e011","sha512":"fdd0d89afc1f0a9e73d3b0ba181a1b4d7076d94e9fe704a4adbf041709c9003389972da67548704d043c94f050b7b47b163a9ea82618136083fdca9af81e2fd5","ssdeep":"6144:fC3WuwzZJqfwLIy7O0KRZ8urHiwjQAvsHpbX1KwA1tMTTfB:fCFwzZkiIy71KEKQsMT1EvMHp","tlshash":"ad14239938d896794fc20de88dfbf262a7b3e2a445f48d040322f455e14b928d94de9f","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.53871Z","times_seen":59,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6458\r\ncf-ray: 9b27a58c596e569b-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fa9-500f\"\r\nlast-modified: Mon, 04 May 2020 16:15:37 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 446871\r\nexpires: Sun, 13 Dec 2026 11:51:22 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GO3b2j%2BQW%2FSp%2BmtCaNleft8D%2Fqcqn66F6UTBV2Bhh5FAx2ax5JRfXATh%2FKu93MuZ4wZE%2FWMYS680BTRhUE2dHZA07BT7R1RK6RJy2HACQSqLlIoNXjE9cvTwUj03jHGDVA253ZLp\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20495,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (20322)","md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T05:22:30.771159Z","times_seen":5881,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":2,"dns":1,"connect":1,"send":0,"wait":12,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9b27a5eda96a56cb-OSL\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"ec3bb52a00e176a7181d454dffaea219\"\r\nlast-modified: Mon, 25 Jan 2021 22:03:59 GMT\r\ncdn-cachedat: 08/01/2025 15:36:41\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 08e22b5864ade00f44eada234e4da4eb\r\ncdn-cache: HIT\r\nage: 15\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121200,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65371)","md5":"ec3bb52a00e176a7181d454dffaea219","sha1":"6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68","sha256":"f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c","sha512":"e8c5daf01eae68ed7c1e277a6e544c7ad108a0fa877fb531d6d9f2210769b7da88e4e002c7b0be3b72154ebf7cbf01a795c8342ce2dad368bd6351e956195f8b","ssdeep":"768:Vy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1FS:nw/a1fIuiHlq5mN8lDbNmPbh","tlshash":"2cc3c7a0f21031ea7333c55a75d0ed872219a153e56a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-19T12:24:42.261378Z","times_seen":59049,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuolkoola.com/event/set","fqdn":"kuolkoola.com","domain":"kuolkoola.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:39.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuolkoola.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 07:23:19 GMT","end":"Tue, 10 Feb 2026 08:21:01 GMT"},"fingerprint":{"sha1":"FC:2B:19:59:1B:38:FB:C7:30:93:16:58:CE:B8:18:51:DA:3B:EC:FC","sha256":"4C:64:6D:FC:40:95:00:94:2F:68:3B:50:95:C3:BC:4E:E5:03:71:D8:2E:42:96:E5:4C:49:33:A3:F6:35:4D:3C"}}},"request":{"raw":"POST /event/set HTTP/1.1\r\nHost: kuolkoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://13.torayche.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 145\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: userid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":145,"data":"{\"event\":{\"type\":\"event_script_failed\"},\"data\":{\"visitor_id\":\"d0dad712-cd14-47e6-a387-391f406015ca\",\"reason\":\"envIsNotSuitable\"},\"ad\":{\"type\":1}}"}},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/favicon.ico","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"636262bc-1007\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DeDTdEevIdjEyJ%2F7xb1uxNt6P5TnQwSiZs8ak63dZifl0gAR%2BGCavkh3jDJf%2F82uXAgTig3u9jPgx7ZDZD683Kj7zRb%2FIlyJ%2FKgH2bE%3D\"}]}\r\ncf-ray: 9b27a5efcaaa7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4103,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"4cdf3256cd7b8ec3917adb79d6bf457e","sha1":"bc615337e9223183a126c8fb649774866fb53e69","sha256":"fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0","sha512":"2bcd90a667b80393690e244a979e36e9f482b419e52302571a41412aac296aac1d58f81787b38d00a00257dca8bd3dce7cfe6ab8ef12aa3a91e0801ee3c3f21a","ssdeep":"96:LSDZ/I09Da01l+gmkyTt6Hk8nT2JCkun8i01FZZN:LSDS0tKg9E05T23un8h5N","tlshash":"2e818daf99b0d47f7938fa400dce8281e279256c197637ad94e5c5ee00a7b031bb0232","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-19T08:44:44.698343Z","times_seen":8773,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/firefox.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/firefox.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 5945\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-1739\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zoS%2Bj2Y0bcdIQ4vVUr2bapdoLDjtde0a0vUBAgPiACD4h9Gc%2B0RCZOy%2BJd7%2BRqorJFCfs9XTGVjV4Zv61TGbPgm5DZq08sWjfWgZabU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee7a947129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5945,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 65, 8-bit/color RGBA, non-interlaced","md5":"c42385cdd6e98752cd109fa26362e4ea","sha1":"053eaf315ab8f47b0f0ff98e5312764d9e27f0f9","sha256":"4d40899423ad62f85f8fd4af029518e8fa9e92f703755b1a0b613184fea53a90","sha512":"3b6ed26d27d20dba42e9057e4724c988bf59f332d5919c8084104c8f66279e20a2c62040fda5a95fd10938c3b349b9174f883e57ba6f03866294b08918a8b13d","ssdeep":"96:+WIPakx+LOOE/BLtUfKupwSdgxVv7XJBDeVJIzflJr6H2TIauhfOFu2Lru3:+WIPrl4fhpJdgxVvjJBDeVJITlTIZfOM","tlshash":"46c19fc57aa13056611d663068df39c2bf67416daf4092276bcf6b4d8e70810590dfea","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.518637Z","times_seen":59,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/free.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/free.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 1190\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-4a6\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sSYpwKPPzEtiZssSmZEnujP7TxSWuS0%2FQ6rXjRg3%2FveeEBMht8NP3r51rDSAWSv%2F56pwHRS6oqr6WufdKRYhaKCKWQ10s6ChFKL0XmU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee3a8a7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1190,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 68, 8-bit/color RGBA, non-interlaced","md5":"ffc46d0a260b965b82fe6bae52345b29","sha1":"7e2ad61e00aff93b3c5fc9e4c0639d9d2d36600c","sha256":"e43ec096f8a53418bac5602c336b02e8ef394586fe059cc2e512b50dd02e94d1","sha512":"368ef4427e8aea7354d65e866b0afe0e7ea533518cd4ff0fa1567b627e44a24e9164b86f794f45f6e2cde29198d0f7b486dc612386c3e9a5ec68b9b9c5e97a26","ssdeep":"","tlshash":"3621da4b184724e3d369a564d0dca036e51e9f1152453b0cff476cf283000cf5ada5fa","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.540156Z","times_seen":59,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/step1-phone.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/step1-phone.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 48399\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-bd0f\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7z7sxvKOKFWG2F9t0fH3XtDw2ENSYL6WPYiC83kGKDIp%2BcFq82IhaIvao0uO5jPjdphz%2FkAD8c23qSJA%2FERp5T3Urv29PNwNZwQD%2FsI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee6a8f7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48399,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 171 x 349, 8-bit/color RGBA, non-interlaced","md5":"4f5069b203403aa659262e75b98675e0","sha1":"621a5481fb91150b91f4f18fafb8d52a3d546f20","sha256":"10025632c6f7e8e62b9bfc9b4a32aae3407122d1001786344d3ee312c99f4329","sha512":"76d748617c41742348de4eca123d59bd7dccacfe3afc08f6459d8af719cfe4d559e8818ba8ce48b6f92fc9f38587bcd92c3996f0e535b5582ea198d58021bdb3","ssdeep":"768:OlmrtRZ/mIqlAuUhd67oJZhVdXNTkVno7DH1NtMY4gZ/R6iVP:/r7Z/mIqlAuU/6cxFApo7DVNt1XjTP","tlshash":"dc23027f36a4ca404e66d3f43326d6181ab28a0d1b872753c3546713b6e53e97a8b7c0","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.523024Z","times_seen":59,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/chrome.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/chrome.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 4885\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-1315\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2pqnvC3GvsAFh2pclApK9WSKcipAbAVpY25tenCCU6wDA1jqoH%2BgLQmhZ1I8ITgWYlHprcCBXqPMReGlsryT4y1i7rK74G75fOYBYUQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee7a927129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced","md5":"ca355e6175e56464789197d4d6e32fa6","sha1":"4754525667211a3ca47f52e1b09ce8b6a03676f5","sha256":"1a81996384eb45ff3b38d89ce30913b613fed54929e6ff776a5156f3e5b2358c","sha512":"5565720e11a3f4611412501cbe2f433a6733a419408447143ff4fd1aa89699b5c20473317a5551d54f5905fd7b8174c6fdecd2567710887c782c446f7ef6618e","ssdeep":"96:dHEegQlWWLdgKus6yXN6DxRi0/+bbR4NFaszTtYl7cLr:dknQowma6sNrY+bd4NgszTthv","tlshash":"24a18e0906dac589169dff1270f96e4e9a212d82f739d01b3a671f743b709d249c9347","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.545775Z","times_seen":59,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/factors.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/factors.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 1808\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-710\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=73J%2FgiEAxmzsMGpwi893pqAkYdow9eZ3xZnZar%2FoXFTaS4ovUG8w7h74FqzEPBir7JECjj9yZ2UJlMFMsjN%2BzqFqVwa5reTvZcFmTq4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5eeaa9e7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1808,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 54, 8-bit/color RGBA, non-interlaced","md5":"1f4b1b634ea6c1c5d6d11d81d7bda98e","sha1":"8858bf74f87beab9a34f703851ec6b8b8d670ef3","sha256":"b47f1918a6a67c7c1fae260f50fe0d5dc0c078948929ca6fdc0576162c58af94","sha512":"5f46efb1400580c3a7a45ed09f9ed994f92f13985c2c8688ddc49344efcc52024bec9a132c5df1796f8f04ff2e6ccf97a6bd903635ec8acd0b5d80ed11810fde","ssdeep":"","tlshash":"59314d2d29425051c3a45b35c3f10057471d5d009df52138fe9e78bf3f980e8142d9af","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.541841Z","times_seen":59,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9b27a58c3a32b1b8-OSL\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"ce6e785579ae4cb555c9de311d1b9271\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:05 GMT\r\ncdn-cachedat: 08/01/2025 15:37:48\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 62f7b8850bb6d0754cb60296b6c28756\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50676,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50395)","md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-19T05:22:30.703733Z","times_seen":6567,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/desk.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/desk.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 1459\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-5b3\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fUi1L5sGD8riHeBBGXpL1YKAxww%2FDhoiICH0JdWdERVRMJOCiR5KSlORzJF7UDrHeQSjSh46qeakcHFh9b2WJNR3LTQlnDOqv%2FVS5mg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a58c0e797129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 65, 8-bit/color RGBA, non-interlaced","md5":"82e571ecb48c2816ee6248e3abef0f16","sha1":"d9b636cf40d9934e0cc8b2ea5ced154c2862b63a","sha256":"f873af87cc1331535044bb1d0b1725e8317476ec1b76198ffc6e193b793e3339","sha512":"0d6794a0930774299c2c01f81d02e5a8e4e74e4d481c47b991911fd3e5d016c610adaf6839c2d2dab756798c32fd13ff36c7ac1150585eafd3c9df12391ddadd","ssdeep":"","tlshash":"5331c9031890119da788ab3259ba0556c57d4313fa2826173833bc159f64bcbee43fcd","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.52095Z","times_seen":60,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/search.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/search.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 2493\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-9bd\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c8mwbFhRuVDoDbryJEEzWGYd8KRHLhsfglhgHClcs5Wh0zenUTi%2B7K2J8wcBvcsAWtcMosk8pXrEhohGDcIwvvP%2Bvve%2BK7gOM2IuYhQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee4a8c7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2493,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced","md5":"b6b3c8c375f6ddbc8e017a0920ed8825","sha1":"f60ec6f03911ac85c7561c602c5f4198822f4d63","sha256":"96f31184bb317616f6021b01ad5d2c4cc5b210fe8ceae265384a5d3852461524","sha512":"a618dbcfe1d6d1ea33205c169425abe3a776fff6cbf84ced4c96bac2df88a9e5d0a052dd9c908b03b12f77388c8022a22f21360543039bc48d6db82560f995eb","ssdeep":"","tlshash":"9e515b154d096fe2c7488a0310fb0e00bd2f07aeb3a2ac1cab23b52237c04a7cc4a5c3","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.537923Z","times_seen":60,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/desk.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/desk.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 1459\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-5b3\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=04EQPcWrsJjAN%2F3cawJRe9aAoLlyE5%2FTXMHP%2Bcqs%2B%2F5hXTgI49zSVX7OC%2FICCshdfwHIsVM4JALg%2Faz%2BcWCmmDG0fm%2B8IayDpjuT%2Bkc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee5a8d7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 65, 8-bit/color RGBA, non-interlaced","md5":"82e571ecb48c2816ee6248e3abef0f16","sha1":"d9b636cf40d9934e0cc8b2ea5ced154c2862b63a","sha256":"f873af87cc1331535044bb1d0b1725e8317476ec1b76198ffc6e193b793e3339","sha512":"0d6794a0930774299c2c01f81d02e5a8e4e74e4d481c47b991911fd3e5d016c610adaf6839c2d2dab756798c32fd13ff36c7ac1150585eafd3c9df12391ddadd","ssdeep":"","tlshash":"5331c9031890119da788ab3259ba0556c57d4313fa2826173833bc159f64bcbee43fcd","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.52095Z","times_seen":60,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-23T11:51:21.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Dec 2025 11:51:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-transform\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8hJOWGP9fwPSc9kHCIVYGTaWG%2F1NFSSqlFQVPRQWzRpAejgq1cKrww5U9VfEg4GP84fe803ove7nsB7VhKy%2F%2FBjSj0%2FzkjIWanfNhTA%3D\"}]}\r\ncf-ray: 9b27a589eec60afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"BootstrapCDN:4.1.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.1.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Popper:1.14.0","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77780,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators","md5":"be2205e0343816dd66afa2ed54a367a6","sha1":"7de986d955e15ad234341e5972dc87e0485b85ec","sha256":"b3e0f6b15e6b250ed3b239dc0a9159ec4fca61b3bf3660aac6daf319c09c154a","sha512":"b9fcd4a2f945ee164c3e1d1d4d9b49bf611c0c8324363696b07b019faa0c05c7a3e46c18f16a6c9132334de5d1f89e7c5edc98afc2c2f280e9d452c8ab2384f3","ssdeep":"768:JgLFNfaelsGLhO9e4NvvaHE/Zo7a9dusPOv2KVj:JgxNCehhMfpZou9dDGv2q","tlshash":"6073d82454f520970177e299eb261e0efe93d16b854a8201b6ec4b847ff6c82cd63b9d","first_seen":"2025-09-11T05:40:45.656814Z","last_seen":"2026-04-03T16:16:12.298507Z","times_seen":21,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":171,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /199f8c6.php?utm_source=\u0026utm_campaign= HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FlzMuf3WnWsZxB6FfQGoo3XCWpgzh6ftOVro5YWLWWq3Rs8uJu2134lN09GnMxcntitxnwunM8vgrvyJPXo1EzZLY7nh9OUXwNppejU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b27a5edea887129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43509,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43461), with no line terminators","md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14792\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Dec 2025 23:00:22 GMT\r\nexpires: Thu, 17 Dec 2026 23:00:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 478276\r\nlast-modified: Wed, 10 Sep 2025 16:47:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14792,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14792, version 1.0","md5":"c37aa11e5024b0f8908f3742c9a0d9b9","sha1":"b2ccee72f93c83b0be62da9e8bfa77943c481500","sha256":"46d6a0984aa795b764141232671160e61bdcc49e900de67ca6b35bae25b1ebdd","sha512":"dc3f2e177666b9666b0e51399f4e6600246f56865c92ce8a204c2407818b3fa038abb794341cb9d16781451db487aabc1a84e5262619fad90e6886e11fa3e699","ssdeep":"384:XZs0UC5sLGL2sZJCnfayiBoJdSpMzgZqO46EegOHBKagapO:X2C5sLsBmfqSJgMzgUPegOHBRnO","tlshash":"4d62d07198885687b0f5b7348e2f2a6f66f3514028685312acc3fc6cdb5bd4670279ca","first_seen":"2025-09-11T20:37:14.108754Z","last_seen":"2026-04-19T12:58:16.020106Z","times_seen":15863,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/search.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:22.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/search.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T12:23:02.643109Z","times_seen":13933290,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/step2-phone.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/step2-phone.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 70228\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-11254\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ci4dXhTZsFwS2giHNecbglstspK%2FGtIUGLeE7Mv7HA7Nkopr0XHSDNV%2FJ7xbqIYyThuX2JPrWuB8aQoZbT5bf38irZREV8TKsowMVyA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee7a917129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 184 x 370, 8-bit/color RGBA, non-interlaced","md5":"0b3b58518b6d767925b13ac025f8b283","sha1":"20583d7e05f8907a828c9811a31ddae27461646f","sha256":"0b871122ad03fc90a59cd52f7250404e2ef72518bdf02d927ff5785427b2e9fc","sha512":"9d6eac98b4021ebf7a80ae0ffef6ced4c2d046b5218137642a22b3f77fab42d58b077b0a7729a05240f8c12ae46091c81651fdc1c6cf1e85e3c02ff5f6ff5b8e","ssdeep":"1536:6q/HTsMilg3x8T2AzI4ZdLoxSK+wuO69Ei4+EQqJUg6lQhoRt:6KsMWsCKh4ZdLoUE89E+gJUmoRt","tlshash":"38630240662bff9bde8a929860dcacd4fd18c114e78b125fc6acc7e0092d7115de5ac7","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.544155Z","times_seen":58,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 10:44:31 GMT\r\nexpires: Sun, 20 Dec 2026 10:44:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 263227\r\nlast-modified: Wed, 10 Sep 2025 16:47:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8044,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8044, version 1.0","md5":"c73de612786a16532acebaa67640f01b","sha1":"15bb70a8871fbb71fdf4ee312ec06736d738eede","sha256":"a5984c2e2d01b200cc490bc23a4d437a3242c8c1c3d244a89eb7a6f5b11cd160","sha512":"bb0e0324030e8f01f3b65405c7044465d70d9a5b658f214ada46589e89386e683e65e2bdc4bf6cb4d8435861bbe8eb5f4193955993d0b30bce59b1bc11a6b593","ssdeep":"192:WcYBSqZ2yYw/oBeJ5UGqNdvouYnP6XAkG5Q3jhbc8:W7YqZ2ynoBdvouYnP6XNmQRc8","tlshash":"5ef1c0b5e24f274a8b32aef1141507cdf17783795b006f3821f2fcab556a00a79ac42c","first_seen":"2025-09-13T03:49:57.091841Z","last_seen":"2026-04-19T09:51:48.39345Z","times_seen":795,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7876\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Dec 2025 19:09:04 GMT\r\nexpires: Sat, 19 Dec 2026 19:09:04 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:47:41 GMT\r\ncontent-type: font/woff2\r\nage: 319354\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7876,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7876, version 1.0","md5":"34144ab96dc42f6c816ccb5f7904d076","sha1":"1a26fb2d25428664d9a77b49cd354d59bc0510e8","sha256":"c7c0156d5a425af173817ffd3be8d652d0d622a71e0cd17c994e56a0de855a0b","sha512":"898272ac594ca2a9f7416113d73b87a852afe7ac6ffbfc4187e343ba4c35575df306d3d42e9e360dca5497392afd882fabdf27fcf314c2d6f2486ff721c35d86","ssdeep":"192:U8vM6dQMZU3IoG7ARrChWUhV2RfHeH+jBtQVtK1pGDrR:UL6hxoGM4wUP0fHVjBtQVfF","tlshash":"26f19f8e9e6393a3402893644c25acc7b9efc7d26282465958df50b2ff2954c712cb5f","first_seen":"2025-09-20T08:50:26.825778Z","last_seen":"2026-04-13T15:32:13.641546Z","times_seen":138,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/step1-desktop.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/step1-desktop.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 134700\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-20e2c\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jGsMc6xKaLsU60iipNWlGgnrkkp81jtHRtpPHCxaCBu%2FpKTo6%2FBqYDX7P4VXSKwGUKdVsUAkzbwdaAtXAIBkzqaPxIMb7bb8O27wNu4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee5a8e7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134700,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 578 x 318, 8-bit/color RGBA, non-interlaced","md5":"7eff8dfdcf53e466eccefdc9aac9e732","sha1":"b801c28598a2a14c93fe1c6320c4ef0ed719088c","sha256":"74f435be425bebb4f4b195c116d6d2607dccca64b047bd7dc45f5e0a64c45fda","sha512":"387bbc02947e03f57819056711dd2f194cad7a908acd14b502201fba828ab74ccaf9ca898f4a936494aece502fb0b8d9a488cbe7f4c0e5de41e4dcecbd9ee02b","ssdeep":"3072:h7pDpxm7llbHUoKOcyiSuVfOKtct9YSR9bqfPsq53Ps+uT:V5SbUrFvVrGdOsYe","tlshash":"50d3123436cd4137871b9f271037d806e66a62d2080d3693b163afefa6a779f0979308","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.541328Z","times_seen":59,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Source+Sans+Pro:300,400,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 23 Dec 2025 11:51:37 GMT\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7301,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6859034a8847043c1d5f3d6e54f24805","sha1":"3164cedb89080e4ca278f869da50769de9bb05a7","sha256":"9c6a1d131c7395d62557ef4961f6df90687d1135f4aa7ad401381c52a2369e2b","sha512":"7b7e1d382c804059987ad409fb5029ed99fc3f29295bb704f04519bab85bd86c0e74f98de97888451707b79c8ebb9aa68a0bfdd176aecef9e735124c17bc4cdb","ssdeep":"192:ln1Cb63gYIv3q0eb83JLXCIxjCjo3Kc6xc:JfPk/r7","tlshash":"e7e1aff2411ae44897a31cc623de3e369d8f60207185c16adffd5898eca6c2a53a4f5d","first_seen":"2025-09-20T08:50:26.853908Z","last_seen":"2026-04-04T02:04:14.529066Z","times_seen":51,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14204\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 10:44:22 GMT\r\nexpires: Sun, 20 Dec 2026 10:44:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 263236\r\nlast-modified: Wed, 10 Sep 2025 16:47:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14204,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14204, version 1.0","md5":"a44fe95a332db9fee477ead82225127c","sha1":"e00f10d9174c32686c5cb27c6ddb9214c6365323","sha256":"01f626ea1f2510f33efbd895b41049a10d2ddfbf2737b5400721ed310cf071a3","sha512":"62e39ad91a98ab2c7ba8da0bad6d502118f98766fa0b6e164263f6dc1acff06a8042efebb6ed846e953d7ff999ccc67e234edcbac5dbfc6139e385dfcebc4025","ssdeep":"384:+w7oj2S+ALeakzpJZ8fvaPNn2xBAvJJhTRW6TCFIYZ:V7oj2S0awJZ8f+2AvrW9","tlshash":"fa52bfa2771bc861cd12f69e0dce367ede9f35897900a333bc495e47b49489904460e7","first_seen":"2025-09-11T20:37:14.08517Z","last_seen":"2026-04-19T12:24:30.847524Z","times_seen":2091,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/yandex.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/yandex.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 7804\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-1e7c\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zdEViYRWchLGBmZ4YC2GF7ElZ7isXuHwHvF08vLW3UheHbj6jV7OsypU20RK%2Fx%2BHMXayg%2F0B8gpvO3ldWWkkDQcpcVPBkTlgTcGmYLo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee7a967129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7804,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"02c02ca7487dd88f5d3ab2912cbe1417","sha1":"fd118c3a2ac3279c7b2bac7d0a7f4ccc63702086","sha256":"f616f538dcfbdcdb559796577d81b729bcdd70631a3135d7dd951c64a464078b","sha512":"6e01057945b42b20aaeed75a8b1edfb175439ccfaf7b4870e00ba42d007283f77c9677a4a56dae7575fbdfcbb1d35373b4e073c26629f0ec1e5dd0c838b600a1","ssdeep":"192:tEuGlaAWGtFkx8zvJn9ar6V+niNiv5GW2MnB:tduFk6zvJEVNMW22","tlshash":"f2f1ae9718b16f82978c268ea4ccf9ac22d12200007268e49dcdc4f6df78ced5399ee5","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.531454Z","times_seen":59,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/opera.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/opera.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 4181\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-1055\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3aslT6oUtDOB6o8JXdu3i4iBLP3jYF8u%2FpO4uo0RJrnsr6r7DWLWcvTxn1q7FJHo%2F1eygVe8kIVPzdZ9%2FPHyvFlD%2FyiBK20BHqaYe2s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee7a957129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced","md5":"7926db789f7f346f97b770f39541e7c7","sha1":"a619a51570ed52c4cb6159aeddb711a95e6334fe","sha256":"7ad0e450617da43151367511c6e0736eee209dd8d12c6a2e6dac8c009786bee6","sha512":"f790dfecf5ff684beb0422104522d70ec6825f26737fa60ee16f6aae8fd82fdff7ef8a080ebd60ea4c408081aeda27979d2c35f1b509ca7d448141dfa7cc7eda","ssdeep":"96:RwdtJBkPKwda/tFiZ2uX3uHGx2qlTDtpNvowckpCa/g3d8Zgq:etCGzi8uucDtqS3Zgq","tlshash":"88816c8df778e5a6c038faf580c4c826a798b43c6b54afded1220081d772216258e3ce","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.534623Z","times_seen":59,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/blank.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/blank.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 967\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-3c7\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Pq5OmEKeDk5wForQIWpMc8U1QWB%2BKFCfd3C1QQM2Q3RjcwKnn3RcKUMqLIV70ADbCia9ZjZsuowMt3kMmzl0FBhqHV%2FbmVh6v4%2FzqI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee8a987129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":967,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 62 x 62, 8-bit/color RGBA, non-interlaced","md5":"b47e4636ee4b11800af715b92faf3a87","sha1":"9d2eb9174f74ac550817f4eb70545e27c156d90e","sha256":"18a5dec1797dd8dfd98ea838277b27e0fea53d82ce5753d014b73d5a34c5cce4","sha512":"9d0e314bac02c893927cbf377e21d1e7649e3f5abdde6436dce7cfb559aa3d21e221f8b5b77e24f02678e5076e02cec4b83407e652c37163b045f1b9add9ced0","ssdeep":"","tlshash":"4411c80359c24565d30fe63b08dd0608ee1b9b0096b47a1cf667dc9e4d0419534603cf","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.531965Z","times_seen":59,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.1.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1514f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\nage: 504647\r\nx-served-by: cache-lga21948-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 99, 2652\r\nx-timer: S1766490698.868449,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30019\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":86351,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32014)","md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-19T12:03:56.306646Z","times_seen":9866,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/css/main.css","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/css/main.css HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"636262bc-22ddb\"\r\ncontent-encoding: gzip\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eT%2BT5wdoAMUFRk7ZCMTv75jFz9a7XlRJl4N%2F2aLbuYT6s4%2BHGQjp8DxjwczKm5pGOUrzBEiybXH7yLfUENQFn%2FW%2BS2%2B57ewoEF9Qbgs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b27a5edaa867129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0e8e48886b7f4e90eb9e7302439ab163","sha1":"fba1e76f548440f3f0e8c5674bfd45cdf5cfc591","sha256":"3f903c41417fd9e7de5d61b17f03947079e143bf27ac7bb0523c281c4d1664f4","sha512":"c1aa2ddc33b67580fc08e0ef18165464e8f0e42580444178a696fb4fbb79be0c51e62bba382ba53743c24525f135150f3a619cbfbcc92a1c765bc8ce16c0f2de","ssdeep":"1536:FzmKQIdelHkbmHuhzL9oMKQDUV1AAstjt4QLxN4fBgskOhDx4qDP4t/ROO4R/gac:zbqIjOhDx4qDP4t/R4Q","tlshash":"b6d39687faf121453426a5ac64ebebf5773a0043c20ddeb9b766621ccf8c7c055b2a49","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.543663Z","times_seen":45,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/assets/images/people.png","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:37.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET /assets/images/people.png HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 2921\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=4,i=?0\r\netag: \"636262bc-b69\"\r\naccept-ranges: bytes\r\nage: 15\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vfvWDsu8KgLhTRMOGTFkSBYFVweyHLTZdcBK9gpvnkL296v4yauQvs1uA0AD8Bxc%2BXh0lw7p8S2sQM%2BLj%2FbbIZGbDfFtY5VSL7F74DI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b27a5ee3a8b7129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2921,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 71, 8-bit/color RGBA, non-interlaced","md5":"b9be96263c99c3d8c5ab1a4ad7277cf6","sha1":"6a2e27318ee7f1fd4b75ee1cd70f9bbdcedcb4d5","sha256":"fb7242f603c00bd4ee3611be7b317c8314ba2f6e4ee9d0e3edd8eafc7e36e274","sha512":"26774c980383625bc19c5804921c1d14ba5eddd8b7ee24b0e6667e0012df8a698e6c266a889e06ee3155d0e1a525b07fa405ac6a7c207c578e85e304f3b8cc6e","ssdeep":"","tlshash":"a5515a420cd8d6412a9c763129b8d3388c8b33d2065a5a3f2f80efc9460c4ec56a19cf","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.530897Z","times_seen":60,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"13.torayche.com/","fqdn":"13.torayche.com","domain":"torayche.com","tld":"com"},"ip":{"addr":"104.21.24.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-23T11:51:37.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torayche.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 22:46:36 GMT","end":"Wed, 18 Mar 2026 23:45:18 GMT"},"fingerprint":{"sha1":"74:21:35:F9:50:3D:AB:48:97:A2:FF:85:D7:31:76:C8:2A:41:B6:10","sha256":"C7:D8:F5:91:41:01:1D:C1:2F:9D:53:23:B0:D4:7C:C3:B9:AA:C7:44:ED:1A:62:A8:5A:9E:21:3E:74:F4:02:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 13.torayche.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://13.torayche.com/\r\nCookie: pmvid=d0dad712-cd14-47e6-a387-391f406015ca\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Dec 2025 11:51:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=1,i=?0\r\ncache-control: no-transform\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Irwg124Jfzh3iX%2FjXbi6pEtor2B%2FNdgcvYLtZHs%2BWfdTm7y%2FEyb9Sjq%2Bvti7QCh1JaooeP7Z0yRsO4MeSzFab8QNYX0g1NDEvvG%2B5hk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b27a5ecfa807129-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Popper:1.14.0","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.1.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:4.1.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77780,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators","md5":"be2205e0343816dd66afa2ed54a367a6","sha1":"7de986d955e15ad234341e5972dc87e0485b85ec","sha256":"b3e0f6b15e6b250ed3b239dc0a9159ec4fca61b3bf3660aac6daf319c09c154a","sha512":"b9fcd4a2f945ee164c3e1d1d4d9b49bf611c0c8324363696b07b019faa0c05c7a3e46c18f16a6c9132334de5d1f89e7c5edc98afc2c2f280e9d452c8ab2384f3","ssdeep":"768:JgLFNfaelsGLhO9e4NvvaHE/Zo7a9dusPOv2KVj:JgxNCehhMfpZou9dDGv2q","tlshash":"6073d82454f520970177e299eb261e0efe93d16b854a8201b6ec4b847ff6c82cd63b9d","first_seen":"2025-09-11T05:40:45.656814Z","last_seen":"2026-04-03T16:16:12.298507Z","times_seen":21,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":68,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"13.torayche.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwkxduz8A.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://13.torayche.com/","date":"2025-12-23T11:51:38.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwkxduz8A.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://13.torayche.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7596\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Dec 2025 12:22:20 GMT\r\nexpires: Fri, 18 Dec 2026 12:22:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 430158\r\nlast-modified: Wed, 10 Sep 2025 16:45:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7596,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7596, version 1.0","md5":"3c025381ec906e8d6de59dc2371b311d","sha1":"988467ab42646ea650a351d69f4b77e5e200bf2f","sha256":"8c7a5a574b427dafe22ffa653e58b9045888a024dbafd759e122be76e220b625","sha512":"730c0acfedc6984ab79eb461a59a18f3d787f789ddd06ec01f1f375619ebf2baa80220cdfef8f82a0306a24dfeba71928add1fe8a0a69055558eae145571e5d9","ssdeep":"192:64rsGgVr5agoZW84TVCHxixT3UucQ5K1EmhMWT5j:64rsT5oZfkNcQMemh9","tlshash":"03f1bfec8dd197a9e424ceb84bee9546cacb3a430c44d1687a031f0b8737b4c87d6d52","first_seen":"2025-09-20T08:50:26.814382Z","last_seen":"2026-04-16T19:28:24.29112Z","times_seen":60,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}