{"report_id":"281f7aa1-af88-4a29-8d41-e8fe4b90a3d5","version":6,"status":"done","tags":[],"date":"2023-12-03T17:10:07Z","url":{"schema":"http","addr":"flvto.biz/","fqdn":"flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"final":{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"title":"(1) New Message!"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:20:42Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2023-12-03 06:08:10","alert_count":0,"request_count":3,"received_data":10172,"sent_data":1428,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ad.tradertimerz.media","ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2023-01-12","domain_rank":0,"first_seen":"2023-01-12 09:58:29","last_seen":"2023-11-18 19:13:26","alert_count":0,"request_count":4,"received_data":5888,"sent_data":2233,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.creative-bars1.com","ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2022-11-01","domain_rank":0,"first_seen":"2022-11-15 17:46:22","last_seen":"2023-12-02 12:14:56","alert_count":0,"request_count":5,"received_data":60992,"sent_data":2317,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.prplads.com","ip":{"addr":"104.26.2.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-02-19","domain_rank":0,"first_seen":"2023-02-20 12:56:34","last_seen":"2023-12-02 18:06:31","alert_count":0,"request_count":2,"received_data":148733,"sent_data":1017,"comment":"","tags":null,"fingerprints":null},{"fqdn":"log.outbrainimg.com","ip":{"addr":"70.42.32.191","port":443,"asn":22075,"as":"AS-OUTBRAIN","country":"United States","country_code":"US"},"domain_registered":"2018-04-09","domain_rank":2177,"first_seen":"2018-09-04 15:05:17","last_seen":"2023-12-02 18:03:40","alert_count":0,"request_count":2,"received_data":650,"sent_data":1120,"comment":"","tags":null,"fingerprints":null},{"fqdn":"platform.bidgear.com","ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2011-08-30","domain_rank":30367,"first_seen":"2016-07-27 13:51:48","last_seen":"2023-12-03 05:13:06","alert_count":0,"request_count":4,"received_data":10192,"sent_data":1858,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pl16330037.safestcontentgate.com","ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-05-24","domain_rank":0,"first_seen":"2023-07-03 02:44:29","last_seen":"2023-10-26 15:26:35","alert_count":0,"request_count":1,"received_data":16132,"sent_data":461,"comment":"","tags":null,"fingerprints":null},{"fqdn":"script.4dex.io","ip":{"addr":"172.67.75.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2018-04-02","domain_rank":2135,"first_seen":"2018-07-23 12:04:27","last_seen":"2023-12-03 05:13:19","alert_count":0,"request_count":2,"received_data":25261,"sent_data":847,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rebindskayoes.com","ip":{"addr":"23.109.82.122","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"domain_registered":"2022-11-08","domain_rank":0,"first_seen":"2022-11-08 12:50:32","last_seen":"2023-08-18 10:58:51","alert_count":0,"request_count":1,"received_data":1463,"sent_data":424,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2023-12-03 05:48:43","alert_count":0,"request_count":4,"received_data":82078,"sent_data":2138,"comment":"","tags":null,"fingerprints":null},{"fqdn":"prebid.a-mo.net","ip":{"addr":"147.75.84.158","port":0,"asn":54825,"as":"PACKET","country":"Netherlands","country_code":"NL"},"domain_registered":"2017-09-08","domain_rank":1148,"first_seen":"2020-07-14 19:45:55","last_seen":"2023-12-02 19:13:51","alert_count":0,"request_count":1,"received_data":314,"sent_data":479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bs.yandex.ru","ip":{"addr":"213.180.193.90","port":0,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"domain_registered":"1997-09-23","domain_rank":35988,"first_seen":"2012-11-03 23:19:31","last_seen":"2023-12-02 18:22:22","alert_count":0,"request_count":1,"received_data":687,"sent_data":545,"comment":"","tags":null,"fingerprints":null},{"fqdn":"imp9.bidgear.com","ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2011-08-30","domain_rank":34078,"first_seen":"2021-03-15 12:09:09","last_seen":"2023-12-01 21:04:11","alert_count":0,"request_count":3,"received_data":3365,"sent_data":1566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bullbatmohalim.com","ip":{"addr":"23.109.248.183","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"domain_registered":"2023-07-30","domain_rank":0,"first_seen":"2023-07-30 13:20:29","last_seen":"2023-11-08 02:45:48","alert_count":0,"request_count":1,"received_data":1463,"sent_data":422,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.flvto.biz","ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2014-06-19","domain_rank":833722,"first_seen":"2017-11-13 21:08:36","last_seen":"2023-09-30 11:36:22","alert_count":0,"request_count":4,"received_data":137273,"sent_data":1992,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cuttlefly.com","ip":{"addr":"116.202.21.68","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2019-10-09","domain_rank":577339,"first_seen":"2019-12-18 13:24:45","last_seen":"2023-11-10 07:21:49","alert_count":0,"request_count":1,"received_data":512,"sent_data":481,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.purpleads.io","ip":{"addr":"34.234.32.221","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2020-01-29","domain_rank":146037,"first_seen":"2020-02-18 07:59:38","last_seen":"2023-12-02 18:22:19","alert_count":0,"request_count":4,"received_data":3424,"sent_data":2845,"comment":"","tags":null,"fingerprints":null},{"fqdn":"saycaptain.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":7437,"sent_data":4799,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.cloudimagesb.com","ip":{"addr":"45.133.44.9","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-10-06","domain_rank":23099,"first_seen":"2021-02-12 17:15:41","last_seen":"2023-12-03 05:12:09","alert_count":0,"request_count":2,"received_data":29664,"sent_data":904,"comment":"","tags":null,"fingerprints":null},{"fqdn":"flvto.biz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2014-06-19","domain_rank":275143,"first_seen":"2015-05-31 09:19:08","last_seen":"2023-08-17 18:58:37","alert_count":0,"request_count":1,"received_data":67066,"sent_data":478,"comment":"","tags":null,"fingerprints":null},{"fqdn":"proftrafficcounter.com","ip":{"addr":"18.184.210.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2023-11-16","domain_rank":0,"first_seen":"2023-11-21 09:55:14","last_seen":"2023-12-03 05:12:08","alert_count":0,"request_count":1,"received_data":420,"sent_data":439,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.barscreative1.com","ip":{"addr":"45.133.44.4","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-09-08","domain_rank":25648,"first_seen":"2021-09-16 13:14:42","last_seen":"2023-12-03 05:12:51","alert_count":0,"request_count":1,"received_data":1926,"sent_data":498,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn-static.flvto.biz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2014-06-19","domain_rank":828228,"first_seen":"2022-01-03 18:06:46","last_seen":"2023-09-29 05:14:55","alert_count":0,"request_count":3,"received_data":58155,"sent_data":1470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.flvto.biz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2014-06-19","domain_rank":0,"first_seen":"2016-06-17 09:26:42","last_seen":"2023-09-29 05:14:22","alert_count":0,"request_count":3,"received_data":48049,"sent_data":1437,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ev.zabanit.xyz","ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-10-28","domain_rank":514436,"first_seen":"2020-11-12 16:38:47","last_seen":"2023-11-25 23:54:59","alert_count":0,"request_count":5,"received_data":2810,"sent_data":3165,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.r2m03.amazontrust.com","ip":{"addr":"54.230.218.11","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-05-11","domain_rank":0,"first_seen":"2023-02-21 01:06:24","last_seen":"2023-12-03 11:12:04","alert_count":0,"request_count":1,"received_data":942,"sent_data":350,"comment":"","tags":null,"fingerprints":null},{"fqdn":"friendshipmale.com","ip":{"addr":"172.64.134.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2022-10-21","domain_rank":0,"first_seen":"2022-10-21 14:15:25","last_seen":"2023-12-02 19:44:00","alert_count":0,"request_count":1,"received_data":86410,"sent_data":411,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dl.zabanit.xyz","ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-10-28","domain_rank":481106,"first_seen":"2020-11-12 16:38:47","last_seen":"2023-11-19 06:56:45","alert_count":0,"request_count":7,"received_data":8296,"sent_data":3164,"comment":"","tags":null,"fingerprints":null},{"fqdn":"luzulabeguile.com","ip":{"addr":"142.91.159.89","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"domain_registered":"2021-07-08","domain_rank":0,"first_seen":"2021-07-08 11:07:08","last_seen":"2023-10-16 02:37:55","alert_count":0,"request_count":2,"received_data":2926,"sent_data":844,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mp.4dex.io","ip":{"addr":"172.64.153.78","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2018-04-02","domain_rank":2629,"first_seen":"2019-01-03 14:51:11","last_seen":"2023-12-02 17:40:06","alert_count":0,"request_count":1,"received_data":1108,"sent_data":477,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.outbrainimg.com","ip":{"addr":"23.38.201.176","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"2018-04-09","domain_rank":2085,"first_seen":"2018-05-15 12:18:13","last_seen":"2023-12-02 05:24:35","alert_count":0,"request_count":1,"received_data":8291,"sent_data":593,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:52Z","timestamp":1701623392,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56289,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:52.314347+0000\",\"flow_id\":419556940106731,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":56289,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":2285,\"rrname\":\"flvto.biz\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":80,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:52.314347+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:52Z","timestamp":1701623392,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33342,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:52.314538+0000\",\"flow_id\":334344788954282,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":33342,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":11337,\"rrname\":\"flvto.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":80,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:52.314538+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:52Z","timestamp":1701623392,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58732,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:52.520866+0000\",\"flow_id\":719508866134690,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":58732,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":46729,\"rrname\":\"www.flvto.biz\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:52.520866+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:52Z","timestamp":1701623392,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54804,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:52.521020+0000\",\"flow_id\":1886606099280700,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":54804,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18779,\"rrname\":\"www.flvto.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:52.521020+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:53Z","timestamp":1701623393,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53038,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:53.261978+0000\",\"flow_id\":673148989210458,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":53038,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":43617,\"rrname\":\"cdn.flvto.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:53.261978+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:53Z","timestamp":1701623393,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45403,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:53.261838+0000\",\"flow_id\":622902166814414,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":45403,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18024,\"rrname\":\"cdn.flvto.biz\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:53.261838+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:53Z","timestamp":1701623393,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52369,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:53.432466+0000\",\"flow_id\":785543988353362,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":52369,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":11712,\"rrname\":\"cdn-static.flvto.biz\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":91,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:53.432466+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-03T17:09:53Z","timestamp":1701623393,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55086,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .biz TLD","source":"{\"timestamp\":\"2023-12-03T17:09:53.432657+0000\",\"flow_id\":1230575614663185,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.202\",\"src_port\":55086,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027863,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .biz TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47593,\"rrname\":\"cdn-static.flvto.biz\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":91,\"bytes_toclient\":0,\"start\":\"2023-12-03T17:09:53.432657+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.flvto.biz/nesgn/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"c27883900fd8759ccc320465b5c6bde4","sha1":"8fac8dbcfda63c2236d8914e271e2680857a5892","sha256":"e303f5efd1dfc2cc3baf4ac321bc9e79e3356833ac4d17174d362b603d06387f","sha512":"b276be9fd6f0cf117ae089cc2b297d2fb5ed9386d7e812656fded6d9a4266c2d5d3851ad01042985b841eb06207ce4c241e3f8a1d2d9b1c284c2d194935055ba","ssdeep":"","tlshash":"712174a607a4a173d20600b591f6c1b0a6b3050874114c18d1acdc3b9c5fc527dabdba","size":1200,"data":"","first_seen":"2023-03-08T21:54:56Z","last_seen":"2025-03-16T03:04:35.031192Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luzulabeguile.com/tzpWQhVtwaCMFq/38708","fqdn":"luzulabeguile.com","domain":"luzulabeguile.com","tld":"com"},"ip":{"addr":"142.91.159.89","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","size":5,"data":"","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-10T17:49:14.745959Z","times_seen":14371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgn/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd9debd6558d145f82c62ae2b2b3e2d1","sha1":"73ebc68ae4b6829e7201529978905c9a64832eac","sha256":"e7ade9c71d80b859039a72ad6e2ca1113932bbe3b3ae149d7ecde22551b56cf7","sha512":"5b35cb79e02fcd7c791564da6b5586733ccdabac407e3256498ed03f70354686055818b3dd35d98e2a5f5090815f7e3c2c2dbd91ce0dc2ba41b6676da1687a0d","ssdeep":"","tlshash":"42f041910c343130c1350165b737ff883836992434b91414148dcca8794dd8bc437cfd","size":612,"data":"","first_seen":"2023-03-07T22:56:10Z","last_seen":"2025-04-08T07:38:58.518518Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"76b4fe7bdc5a0dc628bbfdaa2c0d4fed","sha1":"a6f81dc4fac70d743a1200cae42ae197389e0ce6","sha256":"b90802ef0844d32ac7a5e434f4c93bc14efc5590eaaaf9a742b2fe162ee29771","sha512":"c818b53aa93880a82d3b8479e4b52428b9a5b2be423b3a264ddb815f85778e1f3ede16e33c75d174a96cf7739cd47d27bc563dbfad4a6aebba340417573d4063","ssdeep":"","tlshash":"cde05c5e7202154a47f706934f52b310243250e77c43945592382857773ba0f4aacd9a","size":423,"data":"","first_seen":"2023-07-12T06:36:54Z","last_seen":"2025-11-26T12:19:50.504462Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.tradertimerz.media/deliver/js/860301d4060ef8c","fqdn":"ad.tradertimerz.media","domain":"tradertimerz.media","tld":"media"},"ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9063f43530d51cb1abe1014377cbd0ed","sha1":"31129faa639eced1054557799ee111b6ec73be30","sha256":"2ec9823c15136c61a62c45fd01b96c41acb8c0a339ad77cd3cead8be0050d0d8","sha512":"0d3121880cf30cdcb30625e56eb56fcf9df1a4852f411dce5ab5934927be92d4fbc6664b3ec1feb3969c0a2531c64fd650e7d97ccc187ed8cbe97dcfb4805a8f","ssdeep":"","tlshash":"895171a9bf51e86081f20150207fd32db2356624786ae000ab9ddce85c70ff69b56a6a","size":2877,"data":"","first_seen":"2023-09-30T13:54:03Z","last_seen":"2024-08-21T05:28:14.118862Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"platform.bidgear.com/pubbidgear-ad.js","fqdn":"platform.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b42012082533dfb1a327520711319a5f","sha1":"f308dfb13966b2733955d1dbd6d3c2b317fa2b3d","sha256":"1ed1267a95aa559c7074d29be17adf536c5a3f865ba0d89dcbd0499a88e137ff","sha512":"03414da343486d4bef4f632eefbb23181a8d38e0da9da06b8cadc19132e7c8c744e5d260130e99a1329dce1753f54ea99aba7e2acbabaa858748f3e794868459","ssdeep":"96:VdOIAC5G54AScZf6ljZ7WSMn0ZX/pcHpkZRCRAzBN4/:VS5DXN6zCdn0ZXkGZscN4/","tlshash":"d5f1422b2144113a827273799b77e62cf939b92b6601e9547a8cc71c2fb4c0549f6fec","size":7787,"data":"","first_seen":"2023-11-15T22:02:42Z","last_seen":"2023-12-13T22:59:19Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.prplads.com/load.js?publisherId=865f9b57212f5a3261580bd6ab9b23bc:6d77b29e1174de9720da61fb75014900be589c158a6320d7794579fb7ceaa31c457b7fca2efaa090f3c987963e93dce95b55919a8cd5caad6bcc1f84e0318412","fqdn":"cdn.prplads.com","domain":"prplads.com","tld":"com"},"ip":{"addr":"104.26.2.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f92f0f503b50212276e353370595fa67","sha1":"e7a5f61221ed817c5d493c2dec2237624bfbc8f1","sha256":"a8203e9eb6b708110a747609ecca7e159dcfc383098341b0acb8a87c9390c0e4","sha512":"7aeafbd674b41f1a936ee6446433700dcb6f86476a8eb27c31900aa115874a23ca25e1cf9415100e078b35261672d152f21150804ed380668c9e90aa2cceb3f9","ssdeep":"768:fHVEH/2LPMDPq3JSm86fWbsPoxDyGuPz2kbIVZ4v5FMCKWJiU3+2ofiyEdzYlJ/:PlbIVKZ+24i5Yr","tlshash":"2913d7903fc0b2ad17974e7e730ac5c9e1a1058b2ea49e9ef001bd71a2d6343e6f9175","size":45231,"data":"","first_seen":"2023-08-09T19:07:46Z","last_seen":"2024-08-21T09:40:39.882191Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"839f00355ed896a007c18274ade39d94","sha1":"a0d954478522fd4dcac024c995c180e7a8c58496","sha256":"4af5bbd0ec136ec05a399410b4720d5cfe29a1f43cad09d4be692205b774a781","sha512":"3b1fc8691ce5506a41bccad980c8a34a24a41a3cdcb74b33a6bf7f9455a650667a669df9918656523a37a94ead05b023889a4670e4459c749edb3b5c94d2fbe8","ssdeep":"","tlshash":"e0c022342810a01002d85a319133a328b130b00823c3d8a182ad0918ceecb0f3c99e9c","size":188,"data":"","first_seen":"2023-04-15T20:09:56Z","last_seen":"2026-03-13T12:00:34.055786Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"83bd29b282c8263d5abc4182f6df4aae","sha1":"4c2f83dc8bb36338503186b0e2a5f737d2da258f","sha256":"cf88c64ce9d7f0061a66ccf8d42e4033da225ef3a726d680c6e1c3bb30a1186d","sha512":"2c388823be6bcc7cbf35d7185d2412f564796c1ba84633a3478eb3762d68381358b53f765a80d6a3c1726b515a4b3d85bc55e980f153d0c130f3995d77bf83ff","ssdeep":"","tlshash":"7f0176a16b9d5b305448652b32e93be7b8b040afd119988d000d0c8ab9aec831aec0f3","size":675,"data":"","first_seen":"2023-03-07T12:28:07Z","last_seen":"2024-08-21T09:00:33.316456Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"79a3671b9038b1377b3561d36f95c31f","sha1":"ddb71442efe371bd7f2f4a3d213e55cc1b44af91","sha256":"fa0b6a3926765fd3b227f79fbc9f35cf779a4929a43f3e68223826d7b545dea5","sha512":"bafc15622ab2330c1ad9c18b3248bd5a42337544a188e710049db70355db2ed9701eb880439838ecd620835343da9e057b4abee11980e01e808a386bdf771804","ssdeep":"","tlshash":"83f0237132484cb8426e0ad222d94bf0757500fcb4c21819216c484d69bce830371cf3","size":620,"data":"","first_seen":"2023-03-12T15:30:45Z","last_seen":"2025-11-26T12:19:50.506183Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"4a12c77fce9efd5f8e3c647823b10cfc","sha1":"73ad2c36e69f7eec8c1e39d2d7edcfd43d70a760","sha256":"562e2d71efda85f3c5c74fb3db9cd994dc81c372cfc2ec57da4fc7aa5bc11e74","sha512":"149a7c316b96e95da782658127c18d055574217a5179973896bf9f0b835492c7e7aaa9c3ba2abdc0dbf1970d04712ad2ec0324e80c26e548a61cf4c59f2bfbea","ssdeep":"","tlshash":"14d09525d2556432012d03f3d2f919f87791004fdd04000630064c4e1d778d3c3c09bb","size":246,"data":"","first_seen":"2023-03-07T12:28:07Z","last_seen":"2025-11-26T12:19:50.507094Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd6c1f7ba34fd659719115d28503af50","sha1":"b0c841b0a139abe16294172c83e2e86e9005609c","sha256":"ea7718430f30085fcbf526fabda97ea6a6f671fbc5dd689398d357696bab004b","sha512":"6c1dd55e7f56f8f6fe2cfcb631a7cddebee2ec45d58f1bea92cf1240ab11dc9f6f441a2e43676823f3b683ed5f53bd7ded43199c6e632a6cbaf7d7c3595c5f6e","ssdeep":"","tlshash":"56c0cc082ec0cc30223c8023033bc3e03b222c023800a0b0022cb0eb3c08ac38c2eabc","size":181,"data":"","first_seen":"2023-03-07T22:56:10Z","last_seen":"2025-04-08T07:38:58.522854Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"friendshipmale.com/sfp.js","fqdn":"friendshipmale.com","domain":"friendshipmale.com","tld":"com"},"ip":{"addr":"172.64.134.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"924e967bca1d599992556a8d139b1c5a","sha1":"222b09dbf164ddc03d39100fd0524a22018d28b2","sha256":"ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95","sha512":"d1ae4c494d3ac70e636a75bcccfecf5cc6d98aa22c652f7be5fa95e6b62c5790a07cef6d490aa063a0573c996cbc689b4d788458b7ac38bafb68ac50b791e04f","ssdeep":"768:MpmI29BfeWZssERU8jnQY8vhqdNUHHiVAWnNniZtyrXGQA3STN+hnnNYJ/dLbO/x:o+ffZBh8jT/0uLp5OpSoTjAdJxyxua","tlshash":"f383b7807fe0648ad3979f77b71bb4c9f8aa385a7dc4048bc601fd80796662ad9f1530","size":85468,"data":"","first_seen":"2023-11-23T18:35:39Z","last_seen":"2024-08-20T18:08:31.906083Z","times_seen":6307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"f528de86f9716f853bef28b78bf07d5d","sha1":"c3f7938becd6a0c0733ac56c1f626b3edf25f437","sha256":"7650ffa43eec478c8d92fd5d1f5db0f77b2e026038ad869c602413d6acc1dfb7","sha512":"976559cf0e583e90fb5d9a57e46aaa7e224f1e7a65c2ae4b7de0428642b6aa0d1c8b5004c80c991a1b2cca16577c60f4e98d55b6709fbfe667db550da721a182","ssdeep":"","tlshash":"af31b8a164e80836e2c965b62ab705903e7d20777404d8d245aa0d033c8ec5311f4efa","size":1655,"data":"","first_seen":"2023-03-07T12:28:07Z","last_seen":"2024-08-21T09:00:33.32207Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4bc8c139e7cd3b927b3b63952f374804","sha1":"419ebe23849539f25f0c9d53c92265147eaac698","sha256":"94cca61175038f2d6aa9f97a795000e1c89da4acc584529b54116e9d13b4ed29","sha512":"9235e3ef4cd893051649f339f54dc1f056ed7a69360615e1860acef8560e329ae4bbac47fb03d61279f9a366842f4864b66d9d1fb91753d20537fbbcd3b22082","ssdeep":"","tlshash":"d6d02e473262883e0fba0e328f2a73ca3d1140bc3c115004273c80422228b0fb0aa0ef","size":256,"data":"","first_seen":"2023-10-01T18:49:04Z","last_seen":"2024-10-06T23:34:42.944117Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"ffd0af61d20f0270e7203329499f37d8","sha1":"5278c94db177b2e4b9ab30ba4ae4f3774f95a538","sha256":"6587413744f30cb887c075e9af1d763013759f4609fc7705701ac8b6891bbb01","sha512":"e9de8481ce772afa7bf49eaac58859545f1d62f632227419290ce2ae56e30f36a18815ea7cdbc2298cf99f4d9fd65b4282ba66ed569e89b4e84b4130512c2672","ssdeep":"","tlshash":"63f0056143086cb1513245b3d3f763f457e000e9b8403a75983489843dd914241f2fff","size":518,"data":"","first_seen":"2023-03-07T12:28:07Z","last_seen":"2024-08-21T09:00:33.322708Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"32e392826eb2634577dadd9445751349","sha1":"1ca4e3def937b43324acc32295e40ef75d6d3700","sha256":"13b434822ba32a354b7c2201c2996710559191a89a6acdcd16607fac2660ae88","sha512":"26866a54ca05610b2de320ab4a62b5dcf9b693abf478c90d573e0abaa957112191f29980961316ada00477a6c62c8891e048a4604f28b6106ed7973eff3db703","ssdeep":"96:H0VT/tWwybWiQEt9x9F0PGbNyJCstYYqfD5ilBLBD0WciGdCU:UVT/EJbWFCxL0PQtlYqNilBL1rciGB","tlshash":"6d9195e19164e87122e518bd18258167e71e07d9b848f486bbbe1cd3af29c4e1374bac","size":4603,"data":"","first_seen":"2023-07-12T06:36:54Z","last_seen":"2024-08-21T09:00:33.323586Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.tradertimerz.media/deliver/token/860301d4060ef8c?loc=https%3A%2F%2Fad.tradertimerz.media%2Fdeliver%2Fpixel%2F860301d4060ef8c\u0026vid=b0ec9a95-ecea-4621-8404-f95090c8b966\u0026ref=https%3A%2F%2Fwww.flvto.biz%2F","fqdn":"ad.tradertimerz.media","domain":"tradertimerz.media","tld":"media"},"ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"67b8f0ce99ab67338617062763da0126","sha1":"cbed39dbde3ffdf16e8f6ed730d88c5641fe1955","sha256":"888b9b4a18277ce4da5523fffcf762c2e0fe8fab1aeed4bb450d082b9a68998e","sha512":"4e8a4713ccb660095ae851dcfccd6fa013366cb2dabd0ab061c9b590ef77b27e14c42dcb58effd9ded12be7b499e128ec7a3a3835cf69a07555d025a9b8b53b4","ssdeep":"","tlshash":"7e2132776ce45d76636620e6003a9b5c71a2b1170c0aa012f9ccf55c4b50f386dbbab1","size":1437,"data":"","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e16959b5fa05ba0a7ea65b1441c5ad03","sha1":"759e4ebcca919d9c71856910af3829fb7c46bfac","sha256":"e5d09fd016003e857ffa9de947195db71e9dd415e4e2970ebf14f925bc613533","sha512":"a0e9790b05e8ec1efa8c75e286b9508c88a715040c910fe1244407aab15ef198bdc345744ea8c3b01df849d3199d72647715e51583ec1c10c23334ec753a5565","ssdeep":"","tlshash":"49d05e473262487e0fb60d278f2ab7d93e5150bc3c511500273954826229b1fb1aa1cf","size":256,"data":"","first_seen":"2023-10-01T18:49:04Z","last_seen":"2024-10-06T23:34:42.947099Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl16330037.safestcontentgate.com/de/9a/cd/de9acd36b9bdfc08a8f10363b274b170.js","fqdn":"pl16330037.safestcontentgate.com","domain":"safestcontentgate.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"670f3c62d250e8f2128a818b3cae3716","sha1":"a0899e98c983dcbf4ccba35dbfda9cee7160f6ea","sha256":"f7281ab7bc03a9e992d6603537c12e88089568a533dceb501f08edb4bedf5be4","sha512":"27df181ac2d4e48fd05eb1a093a1e6980871967ef1d56e6d0e33152219e4f0c4d158a1269ee483374c163a73918a092765cb19360d13bae0bbbb8f1f2bf41f39","ssdeep":"768:E5aMeFcdWGRiuWoe/EIetdqS9h6wsRtfVAQRpZmDAQahPfU8Djy:Q1WgtouhbcxpGuU5","tlshash":"b51372447bd0a909139b9f3f322bf5e5f85a085f3c80899bd111fc80a69562bfaf2535","size":42802,"data":"","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0598f4d38f3eb40bdd717bf46242cb21","sha1":"df0be49a91abd298c805e67a18e692e102075593","sha256":"b0aed2d3ed90c113959c903c0a9759dd0e5c26a10db27c6944ef9ce22ecf7ae9","sha512":"6ab86eee449c3781547afa21adf18a9dbb12517c42754a4774627d286215a174aaa12edbb48299c3c6182bea238242c7c4c8e429229deeee6da65254b9d24360","ssdeep":"","tlshash":"06217b3a509a42f41226f067940aa9dc9a33408ad8656643b22c21890ecd36f63f5dbd","size":1272,"data":"","first_seen":"2023-10-26T15:26:58Z","last_seen":"2024-08-21T03:18:28.72497Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"479e020f6948958503e14cb60cef08cf","sha1":"2fc33d752828b4b5dd3bec3e784ddbbfefd7b561","sha256":"fee416f638b447b07e57852a83ff903dc1f055bb6ce91af6755b7075ef1655a7","sha512":"46bee120b7123ad1b1b647d13033a4c71e20a0c8e800b95d6d522ef0892dae7511f45d3240590506f1293c2722f3e9a2ac14a814a57ab42de2144042bf7e8370","ssdeep":"","tlshash":"70c0cc082ec0cc30223c8023033bc3a03b223c023800a0b0022cb0fb3c08ac38c2eabc","size":181,"data":"","first_seen":"2023-03-07T22:56:10Z","last_seen":"2025-04-08T07:38:58.527003Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"c6a99cb1e2ef9da40e3d8ad7b7ba5dfb","sha1":"5e3509f922008f5ccf59bb1af72053da5d83dba3","sha256":"18ade6b27440a8fdb62669c333c7432df6ddf4347d457bdfc2fe2da80c58eb1c","sha512":"2a9abcd6c131a245d3de41f2dbac51c857dd91e3f98febeb2a68e4fc48caff738705fbc1a53b682407cf8719b7156df8931f1698a63e210bd93a88647bde018b","ssdeep":"","tlshash":"aac0cc082ec0cc30223c8023033bc3e03b222c023800a0f0022cb0eb3c08ac38c2eabc","size":181,"data":"","first_seen":"2023-03-07T22:56:10Z","last_seen":"2025-04-08T07:38:58.527568Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"21b4eb0c9a0b144e17158b007a7402b0","sha1":"e9a592829838363ee213ffecb0b67024c427be1f","sha256":"f58292aea07c6787607aa3b9cd830a5caf63ef0a7ef0d106ab26c2469092c86d","sha512":"307717aed7363a571d32a8a730d3eea488a16cffeb10889d05217d093f95a01d3b0a20e1845f429c278c4905619a6a32162ce660ab13987f3948d8670c24122c","ssdeep":"","tlshash":"32c0cc082ec0ccb0223c8023833bc3a03b222c023800a0b0023c30eb3c08ac38c2eabc","size":182,"data":"","first_seen":"2023-03-07T22:56:10Z","last_seen":"2025-04-08T07:38:58.529266Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"a54882a572df499b30c47da96e67bf8d","sha1":"7e9a7b60944d6524496d0d0553718c47563e4c0b","sha256":"d8aa1bf62ff4234fdcb907c7a2c95a9e6734502dee36c21e030e722936d559ba","sha512":"6e7b015fc709a5b57777173a08d4fba7d15a1cf69878adf0c2207f6ee6bfeb6e03c9ba1cf09f2ca5bb910904359bb6cb31d391505d20ec57dab5b4f6df500051","ssdeep":"","tlshash":"a4c0c00c2dc0cc30123c4023433bc3a03b162c12380090b0022c70e73c089c38c1d67c","size":181,"data":"","first_seen":"2023-03-07T22:56:10Z","last_seen":"2025-04-08T07:38:58.529785Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js","fqdn":"cdn.creative-bars1.com","domain":"creative-bars1.com","tld":"com"},"ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-10T18:32:08.990633Z","times_seen":17716,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"377d3b2e03fc6f8306740f08a9727c40","sha1":"a793b245d9de493b5312872d6675482f2c8c64d7","sha256":"799899af28a256c42da96652251db4b655b4f6c0db0d5752bfe7d1c605a20817","sha512":"3bff70ae5dacaa46147b09d74f5ccdb588cc0e6d74b4fecae1c85caafed55d7ff85ce296fa476bf6e4cf11e1c85eb6d7bf546bba07eb6dea85b52ad5b1f34b60","ssdeep":"","tlshash":"bdc09b454515355931b653743753e78db61112fc9850e18363d15820fc224af950355d","size":133,"data":"","first_seen":"2023-05-12T09:11:43Z","last_seen":"2025-01-07T07:10:03.202417Z","times_seen":202,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5d8623cd29a2e67e3584151084968e1a","sha1":"141d53389aef1362a0a3e6845f33fb2d49892842","sha256":"88a831f92ab760c28feb5bd85fa966c13b05ebbbb5de2808a01c42538c4f9bef","sha512":"06580539124c04568791abce93458955e6af318296346b7ea247b15faf0d5ec51b2f3fcb46b5ee788762fa148acf1bad7926b7ba0691e9b65de135e7469ead71","ssdeep":"","tlshash":"2641caf18455682353d689ecf463af5ab10361884f13ccc4a7f60f36e7d0ab8cd55a9a","size":2373,"data":"","first_seen":"2024-08-20T16:55:26.124822Z","last_seen":"2024-08-20T16:55:26.124822Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6f7d1328d6ec62ec9701bdfeb96de54b","sha1":"17d9562fdb94912b192618a420973860a9ac0e57","sha256":"54fac0a821a7b4eaff448913ed1926d2b407c1b37ce48b0d61eec50ae45a1578","sha512":"f26e092d1f29471f935cc4b94b08060f5edae818d715ec76d1f42402d5bc205a4aa48c298a4ddd57967f28c27987975431415fd31e372b2adc8c6670babf455c","ssdeep":"","tlshash":"c9f0c007a4c48d0a441a29c4c4b2f77e483fc11cdb777e985719639277c58daa908504","size":535,"data":"","first_seen":"2024-08-20T16:55:26.125879Z","last_seen":"2024-08-20T16:55:26.125879Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"43de86a75351d2843ef2327206c5733e","sha1":"a1e9cb2284cc315892eebf80cb4066c360545406","sha256":"3273cff4f846a7afedcf5a9604786183d9db2a19c797868faa770485f6da1f41","sha512":"b802952dabfb72aa2d1ebaedaa78ef7dff75034b6003e82e352b8d58b990025b82a071444b0d3b393f1cea6b6698a9d11a51190f87622093314908dc73f0aa4d","ssdeep":"","tlshash":"58014d83bed0f202446411cad872f7bf047bc00cdd962cb8779c23a773858ea5e04808","size":794,"data":"","first_seen":"2024-08-20T16:55:26.126844Z","last_seen":"2024-08-20T16:55:26.126844Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"5ac66e4bd7d17c0ff86dbf2c2c543d03","sha1":"856c70cfea489c986fd1733f3589ab43e11201b6","sha256":"3617a85b3f915e2cb1718dc0133621b1ac8556bf715800ff02666535517cd85f","sha512":"1ac74b346830efd82f5dded3dce8c9bca1689dc5dba4042f0abfcaca23b29fbb5ab2465ee5cce6a057d0201b50895a7c8971e9fee17f9366fff4a386881b1c8c","ssdeep":"","tlshash":"3af0c003a8c4490a841a69c4c575f77e0c3fd61cda677d989729635373868de6a04454","size":535,"data":"","first_seen":"2024-08-20T16:55:26.127858Z","last_seen":"2024-08-20T16:55:26.127858Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4f9ca9eb29ec1a78b4f2dd51545738c1","sha1":"0486e793215122cacc0da7e25eb72b9ff0ca9191","sha256":"856c134c649d623a2a873742e922920eff482b88cd89a1c56d1457d0a710dd2a","sha512":"af24b7eb8464bcb149efe93e142c2e7c9e107cac23ee10cde67e9b98bd073310bd0d3c12af3b23ae4462de7704c0d8b9fed56d9a4cf42c8643fd01f7fe9efb82","ssdeep":"","tlshash":"5d61c763b854c06d43e9a786da3dbf09941b05764a02f88072ece6937ebc8bd44e1a05","size":3194,"data":"","first_seen":"2024-08-20T16:55:26.128783Z","last_seen":"2024-08-20T16:55:26.128783Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700\u0026display=swap\u0026subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.270Z","timestamp":1701623393270,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css?family=Roboto+Condensed:300,400,700\u0026display=swap\u0026subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 03 Dec 2023 17:09:47 GMT\r\ndate: Sun, 03 Dec 2023 17:09:47 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1138,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"ac6889a1b6e8b8233d13453a94b39df9","sha1":"dba6bef7f0ec97e2e97bddb2bafc4c5ddf948572","sha256":"3bf2a0d81799585a667a5507a8b2274d6f3db3c63b8fa77364b0853bd4714ccb","sha512":"135a8e3a078308489e337ba19b9c1f34725c8db055b8765d6467219f4eafe91c7f5e93509100aea08bad192d254f17fd6af74cb0a72fd4b9a899481f9ccd47a1","ssdeep":"","tlshash":"7921c6661d3873cbe63d1375ab06a89b348076a0ca28688c78185bd38bdc219230d20c","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":65,"dns":0,"connect":11,"send":0,"wait":25,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-static.flvto.biz/_next/static/images/img-main-8ddd4264b06a73b6515db09179cbbf55.webp","fqdn":"cdn-static.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.456Z","timestamp":1701623393456,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /_next/static/images/img-main-8ddd4264b06a73b6515db09179cbbf55.webp HTTP/1.1\r\nHost: cdn-static.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16394\r\nlast-modified: Wed, 15 Nov 2023 11:58:48 GMT\r\netag: \"6554b278-400a\"\r\nexpires: Sun, 24 Nov 2024 09:19:28 GMT\r\ncache-control: max-age=31536000, public\r\npragma: public\r\ncf-cache-status: HIT\r\nage: 719420\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=MbWyeqTPxrbcMkDD6renSf%2FJ25pkhSFJyx2nf09dw2rOV9hZiKAe1m5Ljn78H0ikn5NJqpCM2iySKhiCqiIAe%2BiGY%2BRDgCgsO4u2FgCfttzs0QT7YDsGaB4imqQjVJbcrhXHcXrCwA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b5fa92e569f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16394,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image\\012- data","md5":"9242834125f1193e9da85bd184283257","sha1":"6f4002deccbc6ecd889940f7912174277016247d","sha256":"f4d168275b24555befe16c253615213ee85a2c1e0f48f75691159b3c514cbdd5","sha512":"e8a886e1656ee0a40071ab50f638807072bc4834d0885f4d9e1d7374d3982b402fb47005388b3104a71ced079841bec1ece49dad0e051ad0d1d585a2b7a2b2bf","ssdeep":"384:xwTHy/oSFqkmjs2yuUMSS4uAj7/lBNC/92yE5wTtsiMPm:OTS/oWxuzUuu7NBN3t5wr","tlshash":"3872df3b3f114a64e74e077964082f233361752a51fb7d8ad5c4dfc2a314a8e88bca58","first_seen":"2023-05-09T10:30:10Z","last_seen":"2024-08-21T09:31:20.888056Z","times_seen":25,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-static.flvto.biz/_next/static/images/img-ai-6420d7da46a5410014a02cbbe16d6d5d.webp","fqdn":"cdn-static.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.460Z","timestamp":1701623393460,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /_next/static/images/img-ai-6420d7da46a5410014a02cbbe16d6d5d.webp HTTP/1.1\r\nHost: cdn-static.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23388\r\nlast-modified: Wed, 15 Nov 2023 11:58:48 GMT\r\netag: \"6554b278-5b5c\"\r\nexpires: Thu, 21 Nov 2024 13:15:34 GMT\r\ncache-control: max-age=31536000, public\r\npragma: public\r\ncf-cache-status: HIT\r\nage: 964454\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=BneYCm%2BxoVOubFNJ6EIlsVok5qZBFhw5s3CHk43pjhDAme0ityjHdSB%2F3VQcRS44ih4ez7FZiZXrkigqaGX9pLUTkBy8jIdn89zvrigCjmkWiC7DgofUAq2MhAYmbgNDlEvagqXvXA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b5fa92f569f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23388,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image\\012- data","md5":"4cba0a4c41c4a5b736d5d5b499dd12d3","sha1":"dc710b60dc50be5d6dfdbb38ede21f2b4c9aa6c8","sha256":"95aa9b1e46bf433501db0d65b2623d13d35b2c50e7780b359b9186e4e9c5475c","sha512":"1adbfda7b2c2644c30cd683d264b359cbb6c5014a3e33675e38a00cea3d1463720d162e78a6ee48132fbc75c207fc6f5053c1aba268893ea71f67cca04407d8d","ssdeep":"384:4wTPylSZE6GaNrDJ4iJzzVTIcUysY7ZzSearjs82V0NJW5dOXg+g7RvF49pa/rP4:9Ts96GKPjv1I0BZzjFvYJW5dW4RvU+/o","tlshash":"4cb2d0afb161d46efb53f7b21cd1f28907fa5aa43f9002b668448714de6238274048dd","first_seen":"2023-05-09T10:30:10Z","last_seen":"2024-08-21T09:31:20.9034Z","times_seen":25,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":12,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.tradertimerz.media/deliver/pixel/860301d4060ef8c","fqdn":"ad.tradertimerz.media","domain":"tradertimerz.media","tld":"media"},"ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.267Z","timestamp":1701623393267,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ad.tradertimerz.media","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Nov 2023 23:40:47 GMT","end":"Wed, 07 Feb 2024 23:40:46 GMT"},"fingerprint":{"sha1":"04:FC:4E:84:7F:0A:86:3E:C1:2F:6F:08:A1:28:5B:92:98:2C:EB:BE","sha256":"A9:B0:F7:73:EC:A7:90:E3:33:89:C8:8E:30:FB:74:A5:C2:92:13:EA:55:A9:25:1D:D2:8C:CE:2F:DA:D4:DB:0E"}}},"request":{"raw":"GET /deliver/pixel/860301d4060ef8c HTTP/1.1\r\nHost: ad.tradertimerz.media\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 176\r\ncache-control: max-age=4254, public, s-maxage=3872\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":176,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"902be29c59d79d139229e77e57b92986","sha1":"b5831c73828b116a9ad1b43f65404097a646a215","sha256":"608975898dfe616a7473b071992256a72b17a44159a40b257c60e426bd23019b","sha512":"859a95eff0265d03764437ce4aef732794126dad0f1c87e7c0078565d839a6b98e0c3928389d14de2f5c7b09363b61c328c0b780ff871e0cb85c83167e4098fa","ssdeep":"","tlshash":"4cd022069950aa0341d0928017e9ea1810131a902a93ee8127daf003aa98aa8cc237a8","first_seen":"2023-09-30T13:54:03Z","last_seen":"2024-08-21T05:28:14.116488Z","times_seen":46,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":189,"dns":30,"connect":52,"send":0,"wait":50,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.flvto.biz/_next/static/css/styles.94b5e2c8.chunk.css","fqdn":"cdn.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.274Z","timestamp":1701623393274,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /_next/static/css/styles.94b5e2c8.chunk.css HTTP/1.1\r\nHost: cdn.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/html\r\nlocation: https://cdn-static.flvto.biz/_next/static/css/styles.94b5e2c8.chunk.css\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=sRr1VQzxacPuR1KnmagLM82t2LZL6F%2Fm3jhnWXRjfK4%2FhBklQjJ4CNXr7FMmssIZawVLE6JShS5H2SrrNFLaHvijJFZgiyxuEYa6qSazYSmFem5hf6sHt1JIzr5QuXtL60kCe%2F6dGg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-77-nzt: EwwBuUwJDQHXaQsIAAwBuUwKCQH3UAgAAAwB1GY4nAH3TDMAAA\r\nx-77-nzt-ray: c0a4cc2873125c245cb66c6546796102\r\nx-accel-date: 1701096179\r\nx-77-cache: HIT\r\nx-77-age: 542469\r\nx-cache-lb: HIT, HIT\r\nx-age-lb: 2128, 527209\r\nx-77-pop: stockholmSE\r\ncf-cache-status: EXPIRED\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b5e9f96569f-OSL\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":5569,"size_decoded":0,"mime_type":"text/css","magic":"data","md5":"a5aade1fe8ca88a635195ec258e29979","sha1":"8d80d5f0dd6c7021643118b4b8e8dce38badb508","sha256":"d1ad8333e8d55c6174e1c6148d6f385ed90ff9cd858b3565dcb45bdde87f2f7a","sha512":"1e3c804dfdf4ad788d0c16578feaaa4cf1de2dd6d5e986ab6ea3ce146aa03305245b09f06a6875dd7a8d8854232418404c5e1a8e5200aae905473b4491f36fad","ssdeep":"96:mjlelvtIgImKC/4hZ9Mc4LUtWAzEbh611BrFtGH08Ljm0Tyh8J38HUIdfyN:ilStIN1CR7LUtW1lKDrWH08LKIAW8HNS","tlshash":"fab18d569e297c5bffe114a0e04db5b4c6d00abae63785993714888afd0301dedfe0b8","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.tradertimerz.media/deliver/token/860301d4060ef8c?loc=https%3A%2F%2Fad.tradertimerz.media%2Fdeliver%2Fpixel%2F860301d4060ef8c\u0026vid=b0ec9a95-ecea-4621-8404-f95090c8b966\u0026ref=https%3A%2F%2Fwww.flvto.biz%2F","fqdn":"ad.tradertimerz.media","domain":"tradertimerz.media","tld":"media"},"ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ad.tradertimerz.media/deliver/pixel/860301d4060ef8c","date":"2023-12-03T17:09:53.706Z","timestamp":1701623393706,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ad.tradertimerz.media","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Nov 2023 23:40:47 GMT","end":"Wed, 07 Feb 2024 23:40:46 GMT"},"fingerprint":{"sha1":"04:FC:4E:84:7F:0A:86:3E:C1:2F:6F:08:A1:28:5B:92:98:2C:EB:BE","sha256":"A9:B0:F7:73:EC:A7:90:E3:33:89:C8:8E:30:FB:74:A5:C2:92:13:EA:55:A9:25:1D:D2:8C:CE:2F:DA:D4:DB:0E"}}},"request":{"raw":"GET /deliver/token/860301d4060ef8c?loc=https%3A%2F%2Fad.tradertimerz.media%2Fdeliver%2Fpixel%2F860301d4060ef8c\u0026vid=b0ec9a95-ecea-4621-8404-f95090c8b966\u0026ref=https%3A%2F%2Fwww.flvto.biz%2F HTTP/1.1\r\nHost: ad.tradertimerz.media\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ad.tradertimerz.media/deliver/pixel/860301d4060ef8c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-length: 770\r\ncache-control: max-age=0, must-revalidate, private\r\npragma: no-cache\r\nexpires: Sun, 03 Dec 2023 17:09:48 GMT\r\nset-cookie: uuid=ff1e471a-5b5a2a9a-656cb65c-5d4e-7b449b88; expires=Wed, 30-Nov-2033 17:09:48 GMT; path=/; domain=ad.tradertimerz.media; secure; httponly; samesite=none\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":770,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (521)","md5":"67b8f0ce99ab67338617062763da0126","sha1":"cbed39dbde3ffdf16e8f6ed730d88c5641fe1955","sha256":"888b9b4a18277ce4da5523fffcf762c2e0fe8fab1aeed4bb450d082b9a68998e","sha512":"4e8a4713ccb660095ae851dcfccd6fa013366cb2dabd0ab061c9b590ef77b27e14c42dcb58effd9ded12be7b499e128ec7a3a3835cf69a07555d025a9b8b53b4","ssdeep":"","tlshash":"7e2132776ce45d76636620e6003a9b5c71a2b1170c0aa012f9ccf55c4b50f386dbbab1","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.tradertimerz.media/images/delivery/8238769382229c3f47a5.png","fqdn":"ad.tradertimerz.media","domain":"tradertimerz.media","tld":"media"},"ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ad.tradertimerz.media/deliver/pixel/860301d4060ef8c","date":"2023-12-03T17:09:53.778Z","timestamp":1701623393778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ad.tradertimerz.media","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Nov 2023 23:40:47 GMT","end":"Wed, 07 Feb 2024 23:40:46 GMT"},"fingerprint":{"sha1":"04:FC:4E:84:7F:0A:86:3E:C1:2F:6F:08:A1:28:5B:92:98:2C:EB:BE","sha256":"A9:B0:F7:73:EC:A7:90:E3:33:89:C8:8E:30:FB:74:A5:C2:92:13:EA:55:A9:25:1D:D2:8C:CE:2F:DA:D4:DB:0E"}}},"request":{"raw":"GET /images/delivery/8238769382229c3f47a5.png HTTP/1.1\r\nHost: ad.tradertimerz.media\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ad.tradertimerz.media/deliver/pixel/860301d4060ef8c\r\nCookie: uuid=ff1e471a-5b5a2a9a-656cb65c-5d4e-7b449b88\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 928\r\nlast-modified: Fri, 29 Sep 2023 09:20:59 GMT\r\netag: \"651696fb-3a0\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":928,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\\012- data","md5":"63797a6d2e6b7dc016f5a8e3d9a09b15","sha1":"6d72420b033c4034fc7c41a936ebe938d38ceb51","sha256":"31489288e85672dcc3dfb19e97f035fbef57b28ee36021a93de30463cc92cae3","sha512":"7c18c38e146136ba779e5cdc4f09bb213c4924c95586583c61dd60ace5105d9be84eef5c68748784691e2d0dd35fb305fda7553c3389bd2cc48066c84fcf02f1","ssdeep":"","tlshash":"d9115404ef801c429556d48318fba4328d975440c6d4f2756daee42b0c781f4b9596cf","first_seen":"2023-06-16T13:26:32Z","last_seen":"2026-05-06T20:52:36.040097Z","times_seen":260,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cuttlefly.com/direct-info/YTv6YJ23gQfJz1u7GF04EQ/1701625188/1/?lang=en","fqdn":"cuttlefly.com","domain":"cuttlefly.com","tld":"com"},"ip":{"addr":"116.202.21.68","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.774Z","timestamp":1701623393774,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cuttlefly.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Nov 2023 19:23:10 GMT","end":"Sun, 18 Feb 2024 19:23:09 GMT"},"fingerprint":{"sha1":"1E:F8:A3:42:3D:92:42:70:A5:B4:00:8D:F6:1B:E1:1C:78:56:E5:75","sha256":"41:32:28:A6:44:19:75:4B:07:14:4F:1C:29:4B:8B:5F:4E:3D:87:31:F9:EA:DA:7A:56:2C:25:48:DB:F1:7E:E4"}}},"request":{"raw":"GET /direct-info/YTv6YJ23gQfJz1u7GF04EQ/1701625188/1/?lang=en HTTP/1.1\r\nHost: cuttlefly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:49 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 171\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":171,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , ASCII text, with no line terminators","md5":"5e41baa8100c12a6652f91aadf3cefa8","sha1":"911008e8ff8f8b84feb0f8cfb789c17b82d6dda3","sha256":"30d1234454c80b75ffecce3cf231a42164412307c781e923d07c8ca70879cdfb","sha512":"a535bf020b1376fddefc85f4ae826dd289d8c3730f6f3745cc1a5a90b99a3981cfc984dc1e18c544f7746dc44807107d881dc03f2cb90d3dd09668c257b37a85","ssdeep":"","tlshash":"bbc0805b14547d014f6496d44e1315bc72db1211474f094580c5e5474419afde0ec4f0","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1197,"timings":{"blocked":157,"dns":53,"connect":43,"send":0,"wait":883,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/21?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.523Z","timestamp":1701623396523,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/21?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 943\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":943,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (943), with no line terminators","md5":"fc24c75e2ded68a1318a93a18fc164cf","sha1":"c353aeb9235a731ffcf5526c935a2722ac2a245b","sha256":"d8749e5cff31eeb0da3f90aede97a978a0a2480cbde7d9dbb903738c0c47e534","sha512":"8c8617d7287002a0b8b1810fcde54999bb36bb585eb145a6f8c03101b45b55ad7ee4c669e39b968110846e1cb1c618448082b4984080f3619ab146edd78f35fb","ssdeep":"","tlshash":"c911101b39a0087c0f659adb6df7b78c5cea827e6813d126609c0064c384b5f387556a","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":97,"dns":33,"connect":14,"send":0,"wait":74,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/118?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.534Z","timestamp":1701623396534,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/118?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 633\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":633,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- HTML document, ASCII text, with very long lines (633), with no line terminators","md5":"6b23eb59247d8143f4c164997850fb97","sha1":"e42e4fdda764a0741211b060f2b218ac1f67dde9","sha256":"9c62f798ca78dacd3bc758075d1df88cb11a7c1c1a2f24ab94a2551d7f3ad116","sha512":"0325a59067721b8c43e5221321f50cb3c19f9d653577291e808933f2b4cbbeaa98400808ae176b468325187acc15dc0bbeecd47717ca476112fdc5f04b9f9da4","ssdeep":"","tlshash":"f1f0d32b1c8188244a54d6c65de4c538e4eae5375081f61290dcdc26964477c658c527","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":88,"dns":24,"connect":16,"send":0,"wait":74,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/16?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.537Z","timestamp":1701623396537,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/16?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 943\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":943,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (943), with no line terminators","md5":"b888cb5e11690921c35acf04debf20a2","sha1":"ee34315fb31fa11f9aa3f8534395ae0a6f1e24ba","sha256":"0c282c809a3beb813406934864a2bd72db93d8ad72754576de813c2a68e21c96","sha512":"2000ee7f1a3d15480fa313324dcdd0b2ce0c2fb17a3a5613de06cfbe8aa74e95475f62f6e055345d9a5150f6d95de0ed0dd3554c425b0d961e612b6163e2ef35","ssdeep":"","tlshash":"bf11d06b1a9009bd0f615edb1eb7f78c5cdac17d5843913160ac0054d34876fb8a545a","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":87,"dns":20,"connect":16,"send":0,"wait":75,"receive":2,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/22?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.533Z","timestamp":1701623396533,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/22?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 943\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":943,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (943), with no line terminators","md5":"76c1b6e9d41a6a4ec24cf2ee96beae67","sha1":"f11066ac2694f6a07e7391d9b6340d73f1f771cd","sha256":"e880dedfcaee4baa612bff69ef070ea96303b8a57166bb0405b9752f0d207bcb","sha512":"55f372c46d4088d8c31301fc5e8a6424a34efb05d2af3d1c22e4894294ec0daa2b60947ff319e7d7def978599ed03f3446d9c2b02109a49c0d09a873fe8ff189","ssdeep":"","tlshash":"a311101b29e048ac0f215aeb6ef7b38c5ccaa27d6413d02161dc0054e74478f3ca945e","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":91,"dns":26,"connect":14,"send":0,"wait":79,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/77?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.531Z","timestamp":1701623396531,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/77?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":90,"dns":25,"connect":13,"send":0,"wait":99,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/17?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.539Z","timestamp":1701623396539,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/17?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":86,"dns":0,"connect":16,"send":0,"wait":102,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.zabanit.xyz/zone/5?lang=en\u0026siteCode=1","fqdn":"dl.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.540Z","timestamp":1701623396540,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /zone/5?lang=en\u0026siteCode=1 HTTP/1.1\r\nHost: dl.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 614\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=; path=/; expires=Mon, 04 Dec 2023 17:09:51 GMT; domain=zabanit.xyz; samesite=none; secure\r\nCache-Control: no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":614,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- HTML document, ASCII text, with very long lines (614), with no line terminators","md5":"04cba96cacf22c1f40439750c9161a4e","sha1":"d39343d5e1c50e971d5dac3483d887c8fa4f839e","sha256":"e1e43685ca63580968fdfcd7bdad3f3e75925a1a7e3bafcf8c03ff33c515b574","sha512":"45e6766f28f126f891c0c2db26629c776745b203110ffa1857a427ebfb76bed1cd7f707928e2d030c1d86154300f856693024f803e0a9f190570d3088bb27b4e","ssdeep":"","tlshash":"44f0023f3a8006d0cf41c6c964f4b128d2264b1b0262d07f92dc5a18f38d39e6a04db7","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ev.zabanit.xyz/pixel/ae52a80f54c27190/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjE2LCJzaXRlSWQiOjEsImJhbm5lcklkIjoyMzUsImNhbXBhaWduSWQiOjQ4LCJhZHZlcnRpc2VySWQiOjM4fQ%3D%3D","fqdn":"ev.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.902Z","timestamp":1701623396902,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /pixel/ae52a80f54c27190/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjE2LCJzaXRlSWQiOjEsImJhbm5lcklkIjoyMzUsImNhbXBhaWduSWQiOjQ4LCJhZHZlcnRpc2VySWQiOjM4fQ%3D%3D HTTP/1.1\r\nHost: ev.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 64\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nContent-Disposition: inline\r\nCache-Control: private, no-cache, proxy-revalidate, max-age=0, no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"bbfd7b49dc892a72a8a87d8d1ae3e4ee","sha1":"8152afda534c80d6b7f94f00b4fa5d84a83246a7","sha256":"d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1","sha512":"a5bcaa3bedf1ae3e85e188d088069351730f9d1523d6b98ec0c90332c54e0b8435686b4c7f71d051baac1918ba10e118d157319bf08c77fb4c1f9989935bd642","ssdeep":"","tlshash":"41a00213a6404443d2e6d072051c07517789a9701b6c8346989cf07cddb55b10806009","first_seen":"2023-05-07T22:22:50Z","last_seen":"2026-05-08T09:46:34.712745Z","times_seen":305,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":36,"dns":2,"connect":14,"send":0,"wait":43,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ev.zabanit.xyz/pixel/9dd38714dc2ebb19/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjIxLCJzaXRlSWQiOjEsImJhbm5lcklkIjoyNDUsImNhbXBhaWduSWQiOjQ4LCJhZHZlcnRpc2VySWQiOjM4fQ%3D%3D","fqdn":"ev.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.893Z","timestamp":1701623396893,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /pixel/9dd38714dc2ebb19/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjIxLCJzaXRlSWQiOjEsImJhbm5lcklkIjoyNDUsImNhbXBhaWduSWQiOjQ4LCJhZHZlcnRpc2VySWQiOjM4fQ%3D%3D HTTP/1.1\r\nHost: ev.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 64\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nContent-Disposition: inline\r\nCache-Control: private, no-cache, proxy-revalidate, max-age=0, no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"bbfd7b49dc892a72a8a87d8d1ae3e4ee","sha1":"8152afda534c80d6b7f94f00b4fa5d84a83246a7","sha256":"d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1","sha512":"a5bcaa3bedf1ae3e85e188d088069351730f9d1523d6b98ec0c90332c54e0b8435686b4c7f71d051baac1918ba10e118d157319bf08c77fb4c1f9989935bd642","ssdeep":"","tlshash":"41a00213a6404443d2e6d072051c07517789a9701b6c8346989cf07cddb55b10806009","first_seen":"2023-05-07T22:22:50Z","last_seen":"2026-05-08T09:46:34.712745Z","times_seen":305,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":51,"dns":5,"connect":14,"send":0,"wait":41,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ev.zabanit.xyz/pixel/f5cfbc818d33fc0a/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjIyLCJzaXRlSWQiOjEsImJhbm5lcklkIjoyNDUsImNhbXBhaWduSWQiOjQ4LCJhZHZlcnRpc2VySWQiOjM4fQ%3D%3D","fqdn":"ev.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.907Z","timestamp":1701623396907,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /pixel/f5cfbc818d33fc0a/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjIyLCJzaXRlSWQiOjEsImJhbm5lcklkIjoyNDUsImNhbXBhaWduSWQiOjQ4LCJhZHZlcnRpc2VySWQiOjM4fQ%3D%3D HTTP/1.1\r\nHost: ev.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 64\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nContent-Disposition: inline\r\nCache-Control: private, no-cache, proxy-revalidate, max-age=0, no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"bbfd7b49dc892a72a8a87d8d1ae3e4ee","sha1":"8152afda534c80d6b7f94f00b4fa5d84a83246a7","sha256":"d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1","sha512":"a5bcaa3bedf1ae3e85e188d088069351730f9d1523d6b98ec0c90332c54e0b8435686b4c7f71d051baac1918ba10e118d157319bf08c77fb4c1f9989935bd642","ssdeep":"","tlshash":"41a00213a6404443d2e6d072051c07517789a9701b6c8346989cf07cddb55b10806009","first_seen":"2023-05-07T22:22:50Z","last_seen":"2026-05-08T09:46:34.712745Z","times_seen":305,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":44,"dns":1,"connect":23,"send":0,"wait":43,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ev.zabanit.xyz/pixel/d7f55e179ac79d7a/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjExOCwic2l0ZUlkIjoxLCJiYW5uZXJJZCI6NDE5LCJjYW1wYWlnbklkIjo3NiwiYWR2ZXJ0aXNlcklkIjo2MX0%3D","fqdn":"ev.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.898Z","timestamp":1701623396898,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /pixel/d7f55e179ac79d7a/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjExOCwic2l0ZUlkIjoxLCJiYW5uZXJJZCI6NDE5LCJjYW1wYWlnbklkIjo3NiwiYWR2ZXJ0aXNlcklkIjo2MX0%3D HTTP/1.1\r\nHost: ev.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 64\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nContent-Disposition: inline\r\nCache-Control: private, no-cache, proxy-revalidate, max-age=0, no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"bbfd7b49dc892a72a8a87d8d1ae3e4ee","sha1":"8152afda534c80d6b7f94f00b4fa5d84a83246a7","sha256":"d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1","sha512":"a5bcaa3bedf1ae3e85e188d088069351730f9d1523d6b98ec0c90332c54e0b8435686b4c7f71d051baac1918ba10e118d157319bf08c77fb4c1f9989935bd642","ssdeep":"","tlshash":"41a00213a6404443d2e6d072051c07517789a9701b6c8346989cf07cddb55b10806009","first_seen":"2023-05-07T22:22:50Z","last_seen":"2026-05-08T09:46:34.712745Z","times_seen":305,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":54,"dns":1,"connect":23,"send":0,"wait":42,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ev.zabanit.xyz/pixel/6a854da85603afc1/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjUsInNpdGVJZCI6MSwiYmFubmVySWQiOjIwNiwiY2FtcGFpZ25JZCI6NDIsImFkdmVydGlzZXJJZCI6MTl9","fqdn":"ev.zabanit.xyz","domain":"zabanit.xyz","tld":"xyz"},"ip":{"addr":"135.181.107.135","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.912Z","timestamp":1701623396912,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"display.adcampo.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 20:31:12 GMT","end":"Thu, 01 Feb 2024 20:31:11 GMT"},"fingerprint":{"sha1":"CA:B0:51:D1:E1:C2:B1:E0:6A:9A:55:B2:60:DB:45:26:76:17:F6:CB","sha256":"8D:4A:4D:F8:3B:C0:8A:F0:2D:F2:CB:AC:05:ED:73:E4:39:5B:A9:91:2A:4F:73:E2:94:CD:35:87:BE:15:28:C1"}}},"request":{"raw":"GET /pixel/6a854da85603afc1/4nnfX0ho3bN4Ut46w-hlKw?ad=eyJ6b25lSWQiOjUsInNpdGVJZCI6MSwiYmFubmVySWQiOjIwNiwiY2FtcGFpZ25JZCI6NDIsImFkdmVydGlzZXJJZCI6MTl9 HTTP/1.1\r\nHost: ev.zabanit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: _zabs_d=uid=4nnfX0ho3bN4Ut46w-hlKw\u0026ex=1701709791\u0026fc=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 64\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept\r\nAccess-Control-Expose-Headers: X-Total-Count\r\nAccess-Control-Allow-Methods: GET\r\nAccess-Control-Allow-Credentials: true\r\nContent-Disposition: inline\r\nCache-Control: private, no-cache, proxy-revalidate, max-age=0, no-cache, no-store, must-revalidate\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"bbfd7b49dc892a72a8a87d8d1ae3e4ee","sha1":"8152afda534c80d6b7f94f00b4fa5d84a83246a7","sha256":"d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1","sha512":"a5bcaa3bedf1ae3e85e188d088069351730f9d1523d6b98ec0c90332c54e0b8435686b4c7f71d051baac1918ba10e118d157319bf08c77fb4c1f9989935bd642","ssdeep":"","tlshash":"41a00213a6404443d2e6d072051c07517789a9701b6c8346989cf07cddb55b10806009","first_seen":"2023-05-07T22:22:50Z","last_seen":"2026-05-08T09:46:34.712745Z","times_seen":305,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":55,"dns":8,"connect":15,"send":0,"wait":41,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rebindskayoes.com/tntRo7hYYuJWGQsC/60079","fqdn":"rebindskayoes.com","domain":"rebindskayoes.com","tld":"com"},"ip":{"addr":"23.109.82.122","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.900Z","timestamp":1701623396900,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rebindskayoes.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Oct 2023 23:13:56 GMT","end":"Wed, 17 Jan 2024 23:13:55 GMT"},"fingerprint":{"sha1":"9A:0E:A0:31:9A:22:C7:0F:A8:D0:C9:F1:6F:79:FB:AE:26:09:37:0E","sha256":"D6:FE:8D:5B:2F:91:BE:FE:55:5F:E3:C9:60:01:3B:5E:55:58:1F:AD:3A:DD:5E:AD:05:7B:A0:6E:A9:AC:47:C0"}}},"request":{"raw":"GET /tntRo7hYYuJWGQsC/60079 HTTP/1.1\r\nHost: rebindskayoes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:51 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Mon, 04-Dec-2023 17:09:51 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 04-Dec-2023 17:09:51 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-10T17:49:14.745959Z","times_seen":14371,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":362,"dns":138,"connect":22,"send":0,"wait":25,"receive":0,"ssl":210},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"platform.bidgear.com/async-v2.json?zoneid=2309\u0026wu=https://www.flvto.biz/nesgncsgwp/","fqdn":"platform.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.035Z","timestamp":1701623397035,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /async-v2.json?zoneid=2309\u0026wu=https://www.flvto.biz/nesgncsgwp/ HTTP/1.1\r\nHost: platform.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: 0\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=PoEnYOZo%2FkFelcAWbI2n2pqWVmyF9%2BuT%2FyGQLyBdWzyHx2Q9hRrVeFqi5ru4RdbYD0Vmmjk6UR%2B2rAyHKwa%2FPUb3W%2BZg3gC9TNTl8bk1NPSw3b1Rzoc1vCnA%2F803U%2F5ion6bWT1O\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b75e83d0afa-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1121,"size_decoded":0,"mime_type":"application/javascript","magic":"JSON data\\012- , ASCII text, with very long lines (948), with no line terminators","md5":"62c48089ca11c493d20c12f167e5a733","sha1":"99098bd013db719aab8fa5f9ef33fc961d06a941","sha256":"19f10b9bc8a9e7f34118efc35ff9f874f1ce1f019386f805f23ba55d65ceebaa","sha512":"83107d89b03fec0346fa2f87c9b96e641664387dfb2e89ff568e581ee60c622973b22e47691f6b00bd6331c832622eb57b205932b70c7160cade29deffe52014","ssdeep":"","tlshash":"7911401ba2e4801a94172470cd73ff3e287eb429ab2cac0dec7f6711c3b89982660106","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"platform.bidgear.com/pubbidgear-ad.js","fqdn":"platform.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.904Z","timestamp":1701623396904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /pubbidgear-ad.js HTTP/1.1\r\nHost: platform.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 14 Nov 2023 08:57:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65533693-1e6b\"\r\nexpires: Thu, 14 Dec 2023 08:59:06 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 896198\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=IQLtcsVH2vssRMS5rNlJceoze%2BQP2wfuuZGoO3hoyhxAgcyGdXZ4GcyFL63BtnlUPWZZLjnBmppPAUAqhCoM3rR2exH4eGRjwYj9oPGd9Jx%2BEIKhTeV1OAfwd45VZSvMVNJuwb%2Bq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b755fb60afa-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2831,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"b42012082533dfb1a327520711319a5f","sha1":"f308dfb13966b2733955d1dbd6d3c2b317fa2b3d","sha256":"1ed1267a95aa559c7074d29be17adf536c5a3f865ba0d89dcbd0499a88e137ff","sha512":"03414da343486d4bef4f632eefbb23181a8d38e0da9da06b8cadc19132e7c8c744e5d260130e99a1329dce1753f54ea99aba7e2acbabaa858748f3e794868459","ssdeep":"96:VdOIAC5G54AScZf6ljZ7WSMn0ZX/pcHpkZRCRAzBN4/:VS5DXN6zCdn0ZXkGZscN4/","tlshash":"d5f1422b2144113a827273799b77e62cf939b92b6601e9547a8cc71c2fb4c0549f6fec","first_seen":"2023-11-15T22:02:42Z","last_seen":"2023-12-13T22:59:19Z","times_seen":23,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":32,"dns":1,"connect":5,"send":0,"wait":8,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imp9.bidgear.com/rec?t=1\u0026z=2309\u0026uuid=f4afceb73efa4ad496971e7c50a3fc24\u0026p=85\u0026g=NO\u0026token=4a44335432\u0026tbg=1701623391","fqdn":"imp9.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.212Z","timestamp":1701623397212,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /rec?t=1\u0026z=2309\u0026uuid=f4afceb73efa4ad496971e7c50a3fc24\u0026p=85\u0026g=NO\u0026token=4a44335432\u0026tbg=1701623391 HTTP/1.1\r\nHost: imp9.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 599\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=UCtOBmGY62SxCF76SLiK1hH%2Be31LL540ztGJvbJrSv%2FbFL%2FYMOVJ48E1SlseDs0qlM78RP%2B3xwezyjOmr9i8Kh1qTyZ6k%2FRJldNcrLt0aeq1FjNBokQrKphaoOw59hxdkKA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b77095e0afa-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":599,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1x1, components 3\\012- data","md5":"ca49a7e783b806a4e8576ea80346203d","sha1":"6fe9d083221dae98f6c76f7121c37bc884b02d82","sha256":"3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28","sha512":"b564eb9ab87f42e8ec4794647a1ccb84972b435062a81569ce543c3a6e2252125c2c966a35885d0269635212e1f7d44ee64eb0a2378f7ad849e704aecfa48651","ssdeep":"","tlshash":"e9f0202aab132610df1395be040a24b3a1db45823d603a312db186a5c620cf48449708","first_seen":"2023-04-05T02:54:02Z","last_seen":"2024-08-21T09:44:12.864116Z","times_seen":1585,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"platform.bidgear.com/pubbidgear-ad.js","fqdn":"platform.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.904Z","timestamp":1701623396904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /pubbidgear-ad.js HTTP/1.1\r\nHost: platform.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 14 Nov 2023 08:57:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65533693-1e6b\"\r\nexpires: Thu, 14 Dec 2023 08:59:06 GMT\r\ncache-control: max-age=2592000\r\naccess-control-allow-origin: *\r\ncf-cache-status: HIT\r\nage: 896198\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gPEnfUE5eDZ4qpoLR8fcn7NfmpuqZO6NjsHen9p6pPBWA%2BlvfsVEh2x9v0FNUo2fjsZb4qtZp4W2dsH9PZCczszFhWaY%2B8hAxPsz7HtFKChd%2BPkYi0WB4KOAzBzgQAxNSSxJSeIt\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b754fb00afa-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2735,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"b42012082533dfb1a327520711319a5f","sha1":"f308dfb13966b2733955d1dbd6d3c2b317fa2b3d","sha256":"1ed1267a95aa559c7074d29be17adf536c5a3f865ba0d89dcbd0499a88e137ff","sha512":"03414da343486d4bef4f632eefbb23181a8d38e0da9da06b8cadc19132e7c8c744e5d260130e99a1329dce1753f54ea99aba7e2acbabaa858748f3e794868459","ssdeep":"96:VdOIAC5G54AScZf6ljZ7WSMn0ZX/pcHpkZRCRAzBN4/:VS5DXN6zCdn0ZXkGZscN4/","tlshash":"d5f1422b2144113a827273799b77e62cf939b92b6601e9547a8cc71c2fb4c0549f6fec","first_seen":"2023-11-15T22:02:42Z","last_seen":"2023-12-13T22:59:19Z","times_seen":23,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":32,"dns":1,"connect":5,"send":0,"wait":8,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bullbatmohalim.com/tbRQgNGbpIk3I/38707","fqdn":"bullbatmohalim.com","domain":"bullbatmohalim.com","tld":"com"},"ip":{"addr":"23.109.248.183","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.193Z","timestamp":1701623397193,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bullbatmohalim.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Oct 2023 23:11:04 GMT","end":"Fri, 05 Jan 2024 23:11:03 GMT"},"fingerprint":{"sha1":"B8:39:9E:F5:2D:AC:20:57:08:DF:B6:A0:98:C3:40:8B:4C:88:B0:F9","sha256":"40:B1:DB:D0:DA:80:F3:8A:C4:9C:89:37:C8:C9:4A:C2:32:4A:B6:51:01:DB:F2:EF:28:79:48:31:A2:53:0E:9D"}}},"request":{"raw":"GET /tbRQgNGbpIk3I/38707 HTTP/1.1\r\nHost: bullbatmohalim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:52 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Mon, 04-Dec-2023 17:09:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 04-Dec-2023 17:09:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-10T17:49:14.745959Z","times_seen":14371,"resource_available":true,"data":null}},"time_used":463,"timings":{"blocked":215,"dns":30,"connect":22,"send":0,"wait":31,"receive":0,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luzulabeguile.com/tzpWQhVtwaCMFq/38708","fqdn":"luzulabeguile.com","domain":"luzulabeguile.com","tld":"com"},"ip":{"addr":"142.91.159.89","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.214Z","timestamp":1701623397214,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"luzulabeguile.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Oct 2023 23:36:27 GMT","end":"Sat, 13 Jan 2024 23:36:26 GMT"},"fingerprint":{"sha1":"48:61:EB:E5:E2:16:17:26:80:07:19:1E:79:B5:29:95:1A:C0:4F:C0","sha256":"0D:A1:CB:6E:01:61:E3:C3:B7:67:48:1B:40:28:A3:87:05:A9:09:8E:C5:DC:C2:79:64:46:2D:7A:37:D3:FE:72"}}},"request":{"raw":"GET /tzpWQhVtwaCMFq/38708 HTTP/1.1\r\nHost: luzulabeguile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:52 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Mon, 04-Dec-2023 17:09:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 04-Dec-2023 17:09:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-10T17:49:14.745959Z","times_seen":14371,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":201,"dns":123,"connect":23,"send":0,"wait":36,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luzulabeguile.com/tzpWQhVtwaCMFq/38708","fqdn":"luzulabeguile.com","domain":"luzulabeguile.com","tld":"com"},"ip":{"addr":"142.91.159.89","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.214Z","timestamp":1701623397214,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"luzulabeguile.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Oct 2023 23:36:27 GMT","end":"Sat, 13 Jan 2024 23:36:26 GMT"},"fingerprint":{"sha1":"48:61:EB:E5:E2:16:17:26:80:07:19:1E:79:B5:29:95:1A:C0:4F:C0","sha256":"0D:A1:CB:6E:01:61:E3:C3:B7:67:48:1B:40:28:A3:87:05:A9:09:8E:C5:DC:C2:79:64:46:2D:7A:37:D3:FE:72"}}},"request":{"raw":"GET /tzpWQhVtwaCMFq/38708 HTTP/1.1\r\nHost: luzulabeguile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 03 Dec 2023 17:09:52 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Mon, 04-Dec-2023 17:09:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 04-Dec-2023 17:09:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-05-10T17:49:14.745959Z","times_seen":14371,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":201,"dns":123,"connect":23,"send":0,"wait":36,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl16330037.safestcontentgate.com/de/9a/cd/de9acd36b9bdfc08a8f10363b274b170.js","fqdn":"pl16330037.safestcontentgate.com","domain":"safestcontentgate.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:56.915Z","timestamp":1701623396915,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"safestcontentgate.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Nov 2023 07:24:10 GMT","end":"Tue, 13 Feb 2024 07:24:09 GMT"},"fingerprint":{"sha1":"B1:31:6C:86:D9:2F:59:A3:F1:45:B2:70:58:75:7C:B7:1F:12:35:FE","sha256":"6A:26:05:7C:3A:F9:19:57:8E:43:65:70:BB:81:67:BE:00:CB:90:E8:B1:B0:97:CD:3A:5F:34:13:24:E4:60:83"}}},"request":{"raw":"GET /de/9a/cd/de9acd36b9bdfc08a8f10363b274b170.js HTTP/1.1\r\nHost: pl16330037.safestcontentgate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 03 Dec 2023 17:09:52 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nX-Request-ID: 70de0d69333d5e32e8fcfd183dd5a351\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15422,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (42802), with no line terminators","md5":"670f3c62d250e8f2128a818b3cae3716","sha1":"a0899e98c983dcbf4ccba35dbfda9cee7160f6ea","sha256":"f7281ab7bc03a9e992d6603537c12e88089568a533dceb501f08edb4bedf5be4","sha512":"27df181ac2d4e48fd05eb1a093a1e6980871967ef1d56e6d0e33152219e4f0c4d158a1269ee483374c163a73918a092765cb19360d13bae0bbbb8f1f2bf41f39","ssdeep":"768:E5aMeFcdWGRiuWoe/EIetdqS9h6wsRtfVAQRpZmDAQahPfU8Djy:Q1WgtouhbcxpGuU5","tlshash":"b51372447bd0a909139b9f3f322bf5e5f85a085f3c80899bd111fc80a69562bfaf2535","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1583,"timings":{"blocked":678,"dns":332,"connect":113,"send":0,"wait":116,"receive":112,"ssl":228},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m03.amazontrust.com/","fqdn":"ocsp.r2m03.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"54.230.218.11","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:09:57.996070937Z","timestamp":1701623397996,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m03.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Sun, 03 Dec 2023 17:09:52 GMT\r\nLast-Modified: Sun, 03 Dec 2023 16:39:15 GMT\r\nServer: ECAcc (ska/F6ED)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P1\r\nX-Amz-Cf-Id: Gmbr9OeAc0I2VtKZKiTTn3rgr8nU252Xym8-aFmmtPXWgId3Q1DwVw==\r\nAge: 1837\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"ebc0f19a7067085e95ff0e35ee441f4d","sha1":"23c3d68afd4c1c6cdecce9007aa3bddc793bc52d","sha256":"6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d","sha512":"ce01eb5e4e0d0b3f37942f1c00f2318ed69fec2b0f2945e18a704f1955c9b089417505f46f6a9a541fc0e80d7442b669a00d6abd906cbbe945e53841eed35f51","ssdeep":"","tlshash":"7bf05c000e2078ca16069e8e9fb7fe6831c3a265bd836232307808030d0bfb5aa0f256","first_seen":"2023-12-03T17:48:02Z","last_seen":"2023-12-04T16:50:09Z","times_seen":122,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"proftrafficcounter.com/stats","fqdn":"proftrafficcounter.com","domain":"proftrafficcounter.com","tld":"com"},"ip":{"addr":"18.184.210.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.836Z","timestamp":1701623397836,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"proftrafficcounter.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Tue, 21 Nov 2023 00:00:00 GMT","end":"Thu, 19 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"E3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6","sha256":"66:22:F4:5A:8A:F6:B0:E3:CF:BA:D2:3D:3C:B7:D4:0B:FE:00:4D:DE:4E:A2:B5:68:D3:ED:C6:E6:D9:5B:06:12"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: proftrafficcounter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://www.flvto.biz\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=765b6c07-6c9a-461b-8f26-95f8ba9987dd:1:1; expires=Wed, 30 Nov 2033 17:09:52 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"c6dc7c91ce8f102a412e58de531cebac","sha1":"0305ba78070b18c3d4499d21a3b65642cfc5d628","sha256":"3cbe5ea417249cbcdfe28795eea5d6873968ca5415f6c7c7da1b0b0b8483b3ad","sha512":"e8ca06665404899d064af9b7f82db0c3bc74819eb77eae36e56894e64c7ecc76332d62e7c08bbc9858bd12fb27a4fe0558a1a2de699de71c7ee57d8fa463a892","ssdeep":"","tlshash":"c99004d551303c15135d0440cc10c0c450c4d31f4cc450535031c551111171100df71f","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":161,"dns":26,"connect":33,"send":0,"wait":26,"receive":0,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.900Z","timestamp":1701623400900,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 04:00:51 GMT\r\nexpires: Fri, 29 Nov 2024 04:00:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 02 May 2023 15:17:22 GMT\r\ncontent-type: font/woff2\r\nage: 306542\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\\012- data","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-05-10T18:28:51.602236Z","times_seen":212190,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.purpleads.io/x/v2/f?pid=77a039e9e192436b8520470179cd037d\u0026ts=1701623397268","fqdn":"api.purpleads.io","domain":"purpleads.io","tld":"io"},"ip":{"addr":"34.234.32.221","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.707Z","timestamp":1701623397707,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.purpleads.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 01 Oct 2023 00:00:00 GMT","end":"Mon, 28 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97","sha256":"60:91:68:98:3D:A2:BB:60:32:A2:5A:15:5B:D7:E3:F5:63:63:2D:AC:24:63:D7:3C:53:92:1F:24:23:E9:A9:85"}}},"request":{"raw":"OPTIONS /x/v2/f?pid=77a039e9e192436b8520470179cd037d\u0026ts=1701623397268 HTTP/1.1\r\nHost: api.purpleads.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:52 GMT\r\naccess-control-allow-origin: https://www.flvto.biz\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: pa-user-id\r\naccess-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":784,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Applesoft BASIC program data, first line number 50\\012- data","md5":"fbad802ced4f2dc6ada48a255804e77f","sha1":"6c2332fce05d7e77c2c4e193c4b8f756699bd876","sha256":"1b9c5102cc59d0d853de11cbae39b25139375766e99d8ea95cf5b1e1a5c4330b","sha512":"9c4212937d1b6b725151dfb1ada28a82a59a57763eddb495f095c99328764a1a3870b2c7eaa43a5ea929826fd3afc95ca9570181b59c1974b5117ebba08fbe74","ssdeep":"","tlshash":"760170f9a3905f02868a7b1cec2a48947a0ad14a8627495ecd300e8f948237bfd90c10","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":13,"connect":104,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saycaptain.com/sbar.json?key=de9acd36b9bdfc08a8f10363b274b170\u0026uuid=765b6c07-6c9a-461b-8f26-95f8ba9987dd%3A1%3A1","fqdn":"saycaptain.com","domain":"saycaptain.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:58.336Z","timestamp":1701623398336,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"saycaptain.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Nov 2023 10:57:35 GMT","end":"Mon, 26 Feb 2024 10:57:34 GMT"},"fingerprint":{"sha1":"4F:F1:FE:38:A4:6B:B4:3C:FD:7A:DA:CB:10:9E:F7:94:60:6D:69:22","sha256":"A2:72:D0:B3:71:AF:17:6B:59:2A:9B:5F:A1:64:79:84:33:5F:86:18:62:71:7E:47:F5:B6:A2:7C:83:F2:9F:81"}}},"request":{"raw":"GET /sbar.json?key=de9acd36b9bdfc08a8f10363b274b170\u0026uuid=765b6c07-6c9a-461b-8f26-95f8ba9987dd%3A1%3A1 HTTP/1.1\r\nHost: saycaptain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 03 Dec 2023 17:09:53 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nCustom-Referer: https://www.flvto.biz\r\nAccess-Control-Allow-Origin: https://www.flvto.biz\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: u_pl=16229538; expires=Mon, 04 Dec 2023 17:09:53 GMT; secure; SameSite=None\nuid_id2=765b6c07-6c9a-461b-8f26-95f8ba9987dd:1:1; expires=Sun, 10 Dec 2023 17:09:53 GMT; secure; SameSite=None\npdhtkv=true; expires=Mon, 04 Dec 2023 17:09:53 GMT; secure; SameSite=None\nuncs=1; expires=Mon, 04 Dec 2023 17:09:53 GMT; secure; SameSite=None\npdhtkv29=true; expires=Mon, 04 Dec 2023 17:09:53 GMT; secure; SameSite=None\nuncs29=1; expires=Mon, 04 Dec 2023 17:09:53 GMT; secure; SameSite=None\nslecde9acd36b9bdfc08a8f10363b274b170=[4766299]; expires=Sun, 03 Dec 2023 17:09:58 GMT; secure; SameSite=None\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nX-Request-ID: 7908b83ef6c7f34c07532f32a6cb67c5\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4279,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON data\\012- , ASCII text, with very long lines (6002), with no line terminators","md5":"7a0d622e4f9a96d55194058c840b37ab","sha1":"5b0ff0058765fc7abc274df05577ef66e21d5f98","sha256":"4bcdfe43da3e9be81c86a163c288c13a7375b78ac93efc5ae904996cc94df665","sha512":"c8d5d39b1a94d17fef55ff3f042b0dfd845779132f5ab85c61540b75f2aad5a60bd2d2b05ba46ece587856182519d6aa4b32e78004f92a925b9e9e352b54f18d","ssdeep":"96:9w0YxC5JAtViju+rll+gOF/s7pWHesq/vgzvUkqWJxnVZ9TtyHbwZ3bLn+OSAbSt:9wQHQd+hlexKpgesq/vqvUHWJxtqef+T","tlshash":"51c16caabb876a3772b82cc2da252d942c0d1d175d5c3bc18b9c125a66f2b0d2238d24","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1071,"timings":{"blocked":368,"dns":19,"connect":114,"send":0,"wait":334,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"script.4dex.io/localstore.js","fqdn":"script.4dex.io","domain":"4dex.io","tld":"io"},"ip":{"addr":"172.67.75.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:09:59.067870669Z","timestamp":1701623399067,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /localstore.js HTTP/1.1\r\nHost: script.4dex.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 03 Dec 2023 17:09:53 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: public, max-age=1800\r\nETag: W/\"922cffdd75f7192f75231d92684885aa\"\r\nLast-Modified: Mon, 27 Nov 2023 07:14:08 GMT\r\nVary: Accept-Encoding\r\nCF-Cache-Status: HIT\r\nAge: 550411\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=LQRpRCbvB75OOVOK9%2BTXhlP7wN5pdqJOIgUn6Bv8eIGVH8%2BXO6oSfcQcBjSXA%2FR9d8LSR25bWkN%2FKNY8Yd26FJer4f445Pp69Nf2kJLcQk4ZtFwVW1SdkSE1LQxEwZrs\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 82fd6b8288c01bfe-OSL\r\nContent-Encoding: br\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":268,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (482)","md5":"922cffdd75f7192f75231d92684885aa","sha1":"48ae21017844de388e0a32206a2691fa4c109669","sha256":"e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389","sha512":"a9cb40cff446b48af0f70c282334ff6d05225538255d774ab797662790421e7c8d3c314fbcad0f6225ef8921a553b8b93d7d119fd9a9bbe97ddc1651b3bcdf80","ssdeep":"","tlshash":"60f0591939c9611511e331be973fb25ca2731699589de02054108ec12c1872fc571a9c","first_seen":"2023-03-07T01:03:09Z","last_seen":"2024-08-21T09:43:40.472115Z","times_seen":1128,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"mp.4dex.io/prebid","fqdn":"mp.4dex.io","domain":"4dex.io","tld":"io"},"ip":{"addr":"172.64.153.78","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:09:59.126504672Z","timestamp":1701623399126,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /prebid HTTP/1.1\r\nHost: mp.4dex.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\ncontent-type: text/plain\r\nContent-Length: 1570\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.flvto.biz\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: 0\r\npragma: no-cache\r\nvary: Origin, Accept-Encoding\r\nx-err: Shapings: no adunits with size and seat and mapping\r\nx-version: 3.0.0-gcp-ams\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 82fd6b829e8a568d-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":581,"size_decoded":0,"mime_type":"application/x-gzip","magic":"gzip compressed data, from Unix\\012- data","md5":"e2d93419f0199c9a4b307e062d07c162","sha1":"5f2e364e76c38a5c469b5c47c2cd55a3fa9c53cc","sha256":"7f690f71a24c445d34eed18a68fcf5887d4cddf93bcf1fb99e20a9f1944d5983","sha512":"448c372beed7188a38b5e63882e465ffedf9cb1ef902768a47b6253495119d436ef320cd8483db728384a28b0859797746871c275c9b56f1f35ca81a97c2660c","ssdeep":"","tlshash":"6af041881b587f82e894de507d98d73863f4b68868c0987ea190dad09d39318188c10d","first_seen":"2023-12-02T22:01:46Z","last_seen":"2023-12-03T18:10:16Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"script.4dex.io/adagio.js","fqdn":"script.4dex.io","domain":"4dex.io","tld":"io"},"ip":{"addr":"172.67.75.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:09:59.139188321Z","timestamp":1701623399139,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /adagio.js HTTP/1.1\r\nHost: script.4dex.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 03 Dec 2023 17:09:53 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=1800\r\nETag: W/\"6faf3acfde3bb82adada71be4fc1deb0\"\r\nLast-Modified: Mon, 27 Nov 2023 07:14:07 GMT\r\nVary: Origin, Accept-Encoding\r\nAccess-Control-Expose-Headers: \r\nCF-Cache-Status: HIT\r\nAge: 547832\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=dkrNDFKx7w11bJwLRfTLliePGOqlzefshAEL6vXausnQpTU9VPXshDBnaOGH6lB1r8A8nePRasQQOwFk%2BA%2B0pUbYbF%2BwJrVtFgSN8G27gTgL9AtrOTaZyu648FISrssd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 82fd6b82ec7056bd-OSL\r\nContent-Encoding: br\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":23478,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65354)","md5":"6faf3acfde3bb82adada71be4fc1deb0","sha1":"20f08498f821936592273d8f755d94f31c9b9c7a","sha256":"26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d","sha512":"baf4dd121fe4a6fdc3901c49233a85c9a8333ecd83ac01d08b081fa294740d9a7c7cab7f5075975a04d6955c9643a7a4975f042b6bd68d1d4f82955143973a16","ssdeep":"1536:jSaG+zmLoyauVi4u4O9MEw44bY3YF/cFRBASla:NyVi4Qw46YqiBASla","tlshash":"5c73e7de7296b03685d7707a513f110eb33a6405a4998008f97adee62d38d4fa223f7c","first_seen":"2023-11-27T08:24:53Z","last_seen":"2024-08-20T17:45:51.849844Z","times_seen":914,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"prebid.a-mo.net/a/c","fqdn":"prebid.a-mo.net","domain":"a-mo.net","tld":"net"},"ip":{"addr":"147.75.84.158","port":0,"asn":54825,"as":"PACKET","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:09:59.156824255Z","timestamp":1701623399156,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /a/c HTTP/1.1\r\nHost: prebid.a-mo.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\ncontent-type: text/plain\r\nContent-Length: 1318\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.flvto.biz\r\ncache-control: max-age=0, private, must-revalidate\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\nserver: envoy\r\nvary: origin, Accept-Encoding\r\nx-nbr: 1\r\nx-envoy-upstream-service-time: 4\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saycaptain.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3o0n8eCyIB6EAT2sYCbd89%2FuYTGuWYMxCftDDp7qrydlarqaqu7pyXgJuyB7nAUPHjtvkg2ry%2BJ6EBEEmXiRgLDjQXIwIN73IqxXmcnA6Afd3%2Fe%2BV4f3XtXn%2B9kZCZDR082PTV9pTZfqZb90ZUvFwuSutH67FPhl%2F2ppS8WN2tVSb%2FKz3XcDv1723y7dkHzHLFX8wPcDPyitKCsj01uaslDJ4zAoh365VikH9Rp69v%2FYZR4c9SC6Z%2BQSlBi%2FtP3LUyg%2BQtz55rp0O6lJ3vmgk2maGouuOLoT78Qmj9GZj5H1EMVHs9MwbkzIlxdg4qOZA5juwcQBmBoT7%2FcALD6ayQTrHp4rZRoyBhMvI%2B%2BOIPUIio7AzT0o8YwAXGB9A3Hn4bqxOd09Z%2BmEHZOFF39D5WOy8MdlxJ0ny1r1SreMzlJlYodeVED1RlDtEZLsGGnfg8qPwdO7UOJXsvRiDXHnYMNpAyVO32o26qzB%2FeZig4d0sdYI2GIrqjQWw3rUYjQMW00hphEpNYKKRtByAOo8ZJNPecgiD1nioSNOS7QeRr7fjFhUrbZqnPNqlfN6qyHqolprRT4yPvEwQJoMwPUA3O4hsXvYUQ%2Be1S%2FBZj%2FBbRdwwoNLCbqiQC4JckeQU4JcEeQpQd4tDoV2FVc8FNplLJj1yqxXi6FJ2%2Fv00KRtGRNQO9hPzsir0%2Fz%2BOQB25GlJyJByUW2wkImI%2By3aigK%2F2qiySrPGgqYPpwood2Hqtq%2FG5LW7F5GoMVn4%2FhCMHsPpY3D1Jmj2Bmg%2BbFZ80O1hreWjHz%2BKdDc1Zab6EKZAki4g3fX29Rl5fSriwx8%2BgeQn177o%2F3njyeXPwG2BxBb4VP1M0Nb3hzdNTg5umtyRpxtJqjqqTycXfCulqbz41UdyNzdWrF53g0fv8QkxGR%2Ffli5do7FQcduRr5eVENKuGMsl%2BXHVbUm2mbnt5czGWbK2%2Bf7Kaiex0jll4hGoGhPy%2FFtwNSavPHfTx3vlzl9QdgSbFehkJ2RWUOYYPNmDS%2BY7ZwisnmOWeMizYmgrbL7UikDLOaasgPsPZvN5391H23qg6T3EnQJdW6CrC1A9gMsuDtPEnlz7rTotMO0NmbbeAdNWPzgP16nTkqxHfiT9imRRyKIm9UUY1UJGw0A2WZ0GSN1Y6u%2FovwAAAP%2F%2FAQAA%2F%2F87D7L2lAQAAA%3D%3D","fqdn":"saycaptain.com","domain":"saycaptain.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.086Z","timestamp":1701623399086,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"saycaptain.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Nov 2023 10:57:35 GMT","end":"Mon, 26 Feb 2024 10:57:34 GMT"},"fingerprint":{"sha1":"4F:F1:FE:38:A4:6B:B4:3C:FD:7A:DA:CB:10:9E:F7:94:60:6D:69:22","sha256":"A2:72:D0:B3:71:AF:17:6B:59:2A:9B:5F:A1:64:79:84:33:5F:86:18:62:71:7E:47:F5:B6:A2:7C:83:F2:9F:81"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3o0n8eCyIB6EAT2sYCbd89%2FuYTGuWYMxCftDDp7qrydlarqaqu7pyXgJuyB7nAUPHjtvkg2ry%2BJ6EBEEmXiRgLDjQXIwIN73IqxXmcnA6Afd3%2Fe%2BV4f3XtXn%2B9kZCZDR082PTV9pTZfqZb90ZUvFwuSutH67FPhl%2F2ppS8WN2tVSb%2FKz3XcDv1723y7dkHzHLFX8wPcDPyitKCsj01uaslDJ4zAoh365VikH9Rp69v%2FYZR4c9SC6Z%2BQSlBi%2FtP3LUyg%2BQtz55rp0O6lJ3vmgk2maGouuOLoT78Qmj9GZj5H1EMVHs9MwbkzIlxdg4qOZA5juwcQBmBoT7%2FcALD6ayQTrHp4rZRoyBhMvI%2B%2BOIPUIio7AzT0o8YwAXGB9A3Hn4bqxOd09Z%2BmEHZOFF39D5WOy8MdlxJ0ny1r1SreMzlJlYodeVED1RlDtEZLsGGnfg8qPwdO7UOJXsvRiDXHnYMNpAyVO32o26qzB%2FeZig4d0sdYI2GIrqjQWw3rUYjQMW00hphEpNYKKRtByAOo8ZJNPecgiD1nioSNOS7QeRr7fjFhUrbZqnPNqlfN6qyHqolprRT4yPvEwQJoMwPUA3O4hsXvYUQ%2Be1S%2FBZj%2FBbRdwwoNLCbqiQC4JckeQU4JcEeQpQd4tDoV2FVc8FNplLJj1yqxXi6FJ2%2Fv00KRtGRNQO9hPzsir0%2Fz%2BOQB25GlJyJByUW2wkImI%2By3aigK%2F2qiySrPGgqYPpwood2Hqtq%2FG5LW7F5GoMVn4%2FhCMHsPpY3D1Jmj2Bmg%2BbFZ80O1hreWjHz%2BKdDc1Zab6EKZAki4g3fX29Rl5fSriwx8%2BgeQn177o%2F3njyeXPwG2BxBb4VP1M0Nb3hzdNTg5umtyRpxtJqjqqTycXfCulqbz41UdyNzdWrF53g0fv8QkxGR%2Ffli5do7FQcduRr5eVENKuGMsl%2BXHVbUm2mbnt5czGWbK2%2Bf7Kaiex0jll4hGoGhPy%2FFtwNSavPHfTx3vlzl9QdgSbFehkJ2RWUOYYPNmDS%2BY7ZwisnmOWeMizYmgrbL7UikDLOaasgPsPZvN5391H23qg6T3EnQJdW6CrC1A9gMsuDtPEnlz7rTotMO0NmbbeAdNWPzgP16nTkqxHfiT9imRRyKIm9UUY1UJGw0A2WZ0GSN1Y6u%2FovwAAAP%2F%2FAQAA%2F%2F87D7L2lAQAAA%3D%3D HTTP/1.1\r\nHost: saycaptain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: u_pl=16229538; uid_id2=765b6c07-6c9a-461b-8f26-95f8ba9987dd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 03 Dec 2023 17:09:53 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nX-Request-ID: 71c8241323ab3cc74420dadf410b5bb4\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7,"size_decoded":0,"mime_type":"image/gif","magic":"ASCII text, with no line terminators","md5":"132d6af1b46048b45cf86cdee7991d31","sha1":"eb7007d03d59b65bc6da7e098c4d38fc6dfb6285","sha256":"ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c","sha512":"ff7c468000b64b64a67199d0110afecead13da2dfd018e709392f39058d43155747ded8f3f8b30fbf8737851cb7839855d1c0b893da3258ab90e4af995dfef1e","ssdeep":"","tlshash":"fe4000000000000c000000000003c000000c0030330000000c00000000300030003000","first_seen":"2023-04-05T23:50:35Z","last_seen":"2026-05-09T00:57:49.425772Z","times_seen":19287,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"bs.yandex.ru/prebid/2493166?imp-id=1\u0026target-ref=www.flvto.biz\u0026ssp-id=10500\u0026ssp-cur=USD","fqdn":"bs.yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"213.180.193.90","port":0,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:09:59.359974611Z","timestamp":1701623399359,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /prebid/2493166?imp-id=1\u0026target-ref=www.flvto.biz\u0026ssp-id=10500\u0026ssp-cur=USD HTTP/1.1\r\nHost: bs.yandex.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\ncontent-type: text/plain\r\nContent-Length: 215\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 204 No Content\r\nuniformat: true\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\naccess-control-allow-origin: https://www.flvto.biz\r\nset-cookie: yandexuid=1642289361701623393; domain=.yandex.ru; path=/; expires=Wed, 30-Nov-2033 17:09:53 GMT\r\naccess-control-allow-credentials: true\r\nuniformat-product-type: None\r\npragma: no-cache\r\np3p: CP=\"NOI DEVa TAIa OUR BUS UNI STA\"\r\nexpires: Sun, 03 Dec 2023 17:09:53 GMT\r\nx-yandex-req-id: 1701623393931820-1741367299322406451500281-production-app-host-sas-pcode-315\r\nlast-modified: Sun, 03 Dec 2023 17:09:53 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\ncontent-type: application/json; charset=utf-8\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png","fqdn":"cdn.creative-bars1.com","domain":"creative-bars1.com","tld":"com"},"ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.354Z","timestamp":1701623399354,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-bars1.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 21 Oct 2023 15:38:40 GMT","end":"Fri, 19 Jan 2024 15:38:39 GMT"},"fingerprint":{"sha1":"2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34","sha256":"79:4B:8A:52:C3:34:AC:4B:98:34:14:C1:CE:3B:CC:6C:D5:8B:22:C1:64:76:B2:7D:D3:70:F7:2F:7D:38:2E:D3"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1\r\nHost: cdn.creative-bars1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nlast-modified: Mon, 21 Feb 2022 10:06:44 GMT\r\netag: \"62136434-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncf-cache-status: HIT\r\nage: 1673706\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=QrTakO3inQykP19t9p5DzPVKuMgjSmxvmQuYueaA9638Hc5KaZgH7k6wddf4kqQQSyFWVpPQ7SAGuJbdSadhc4pHDAcoDJK118u8g1TppdBTE4yIvhFoOjePvA8MWUpvIaa57nVsPNGi\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b847ea271bd-LHR\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-05-10T18:32:08.981397Z","times_seen":5441,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png","fqdn":"cdn.cloudimagesb.com","domain":"cloudimagesb.com","tld":"com"},"ip":{"addr":"45.133.44.9","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.355Z","timestamp":1701623399355,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cloudimagesb.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Nov 2023 05:00:53 GMT","end":"Wed, 21 Feb 2024 05:00:52 GMT"},"fingerprint":{"sha1":"71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF","sha256":"DB:84:5A:F0:34:CD:8D:C1:AC:E1:09:48:B6:88:E6:8F:A5:34:1F:B4:37:02:AB:78:1F:31:7E:D5:D6:C2:28:30"}}},"request":{"raw":"GET /si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png HTTP/1.1\r\nHost: cdn.cloudimagesb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 20001\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 20 Nov 2023 14:52:40 GMT\r\netag: \"655b72b8-4e21\"\r\nexpires: Tue, 05 Dec 2023 17:09:54 GMT\r\ncache-control: max-age=172800\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20001,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ea31001ce8fa95eb2ac1617515105332","sha1":"d505ca04808c25cfa33a555c96886f421ddbbde7","sha256":"0267f5cd21fe5609405724c20d6f021b8932a696ada766b8e86e42c670000ab3","sha512":"b18a7212d50aee85dbaff64ca70a754a0e55aa4209b4e7a7ee4389d4ab547df8d4f3016c819b14c57ec73c3e07cd3a64ef7e35498affb8583ac2065249c63f71","ssdeep":"","tlshash":"","first_seen":"2023-11-20T17:19:29Z","last_seen":"2023-12-08T20:31:22Z","times_seen":417,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":107,"dns":45,"connect":25,"send":0,"wait":26,"receive":27,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png","fqdn":"cdn.cloudimagesb.com","domain":"cloudimagesb.com","tld":"com"},"ip":{"addr":"45.133.44.9","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.353Z","timestamp":1701623399353,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cloudimagesb.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Nov 2023 05:00:53 GMT","end":"Wed, 21 Feb 2024 05:00:52 GMT"},"fingerprint":{"sha1":"71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF","sha256":"DB:84:5A:F0:34:CD:8D:C1:AC:E1:09:48:B6:88:E6:8F:A5:34:1F:B4:37:02:AB:78:1F:31:7E:D5:D6:C2:28:30"}}},"request":{"raw":"GET /si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png HTTP/1.1\r\nHost: cdn.cloudimagesb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 9016\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 20 Nov 2023 14:51:52 GMT\r\netag: \"655b7288-2338\"\r\nexpires: Tue, 05 Dec 2023 17:09:54 GMT\r\ncache-control: max-age=172800\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9016,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a56f06ca83ee06488a213b352e00bd90","sha1":"aec437b74eb6f1143683872fb2d664286da4a664","sha256":"7144c526762a9d91bdde1939194c2835f2cb1afe0ebac298bbdf1e9239b539ec","sha512":"797456b9182d3dee5c917fa84de1a4d07f09802467237311d36e6b22ab34c982d42e44dc06c589fc55859608b8ef70327a70c105d4a0c6649e61f17c2dde658b","ssdeep":"","tlshash":"","first_seen":"2023-11-20T17:19:29Z","last_seen":"2023-12-08T20:31:22Z","times_seen":422,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":116,"dns":43,"connect":28,"send":0,"wait":50,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.753Z","timestamp":1701623399753,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 29 Nov 2023 21:13:56 GMT\r\nexpires: Thu, 28 Nov 2024 21:13:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 11 May 2022 19:24:42 GMT\r\ncontent-type: font/woff2\r\nage: 330958\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15860,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\\012- data","md5":"e9f5aaf547f165386cd313b995dddd8e","sha1":"acdef5603c2387b0e5bffd744b679a24a8bc1968","sha256":"f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860","sha512":"2a71edb5490f286642a874d52a1969f54282bc43cb24e8d5a297e13b320321fb7b7af5524eac609cf5f95ee08d5e4ec5803e2a3c8d13c09f6cc38713c665d0ce","ssdeep":"384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N","tlshash":"1a62d0058ba5850bf5b907fb0e1ab7ee30664b523c8c42278348073970db47a6b2b1fd","first_seen":"2023-04-05T14:47:55Z","last_seen":"2026-05-10T18:39:02.687081Z","times_seen":90984,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js","fqdn":"cdn.creative-bars1.com","domain":"creative-bars1.com","tld":"com"},"ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.357Z","timestamp":1701623399357,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-bars1.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 21 Oct 2023 15:38:40 GMT","end":"Fri, 19 Jan 2024 15:38:39 GMT"},"fingerprint":{"sha1":"2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34","sha256":"79:4B:8A:52:C3:34:AC:4B:98:34:14:C1:CE:3B:CC:6C:D5:8B:22:C1:64:76:B2:7D:D3:70:F7:2F:7D:38:2E:D3"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1\r\nHost: cdn.creative-bars1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 21 Feb 2022 10:06:46 GMT\r\netag: W/\"62136436-1499c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncf-cache-status: HIT\r\nage: 471991\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=XrY1bBkBUkF5rkRTLVK57tcbOyjYe5RUompIFZrlTmQIotE6s%2F%2Fg%2B%2FLA3HsN8wHi7GqaSpyOMuqYgbgsh7aQWq1FBAtfiXtosHwSspNBramFqFvhD%2B1Y6fEl3G%2BNUbMfX%2B0cB2tHoT7q\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b848eae71bd-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46356,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-10T18:32:08.990633Z","times_seen":17716,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saycaptain.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTtaTeDAExIMwoIcI7mz39Pz0mEMwxsRg3F3ywx481V%2FPllvT1VR1T8%2BOlyUByXECHjz2vtnNEg3BeBARBJn1IgtCxoPswQXxnosQrzKzA6MfdH%2Ff%2B14d3ntVn%2B%2FmJyRATo%2FXPzYDpTVdaVT9yoUNlQhTuMrq7UrgV%2F2LlQ2VNOsXK%2F3pz%2FbeDfxG1X%2B7ck3yLbNS8wPfD%2FygclVZGZv%2ByoyFSh%2B3g2rbr9Zr1aBRR9%2F%2BH7vcg6MeRO%2BEnIMSk5c2f3kKxcdIut9ckW4rM%2Bk7H3RzTTNj0RMHd5KtxBQJuosxth7i5GB%2BGsZNCPnyDExyMHcA09ubOgBTE%2BL9HoAlB3OZYL39U6VMQyZg4mUUvTGkHkPRMbi5ByWeEYALrK4h6T5cNbag26csnbITsvTib6hiQpb%2BOI%2Bk%2B%2BSyVv3KLaPzTJnEoR%2BXUP0xVGeMND9ENvCgikPw7C6U%2BJWsvLiBpLu35rSBEsdvtZoN1uR%2Ba7nJ23S53gzYchTXmsvtRhwx2m5HLSFmESk1horH0HII6jzk0095yGMPeeqhK44rtNGOfb8VszgMozrnPAw5b0RN0RBhPYp95HzqYYgsHYLrIbjdQWp3sKUePGucg81%2Fgtss4YQHlxH0RIlCEhSOoKAEhSIoMoKiV%2B4L7WqufCi0y1kw77V5D8uRyTq7dN9kHZkQUDvcTU%2FIq7P8%2FtkDtuRxRcg25SJssjYTMfcjGsWBHzZDVmvVWdDy4VQJ5c7M3A7UhLx29yxSNSFL3%2B%2BD0UM4fQiu3gTN3wAtRq2aD7o5qkc%2BBsmjWPcyU2VqAGFKpNkSsm1vV5%2BQ12ciPvzhE0h%2BdOmLwZ%2FXnpz%2FDNyWSG2JT9XPBB19f3TTFGTvpikcebqWZqqrBnR6wbcymsmzX30ktwtjxfUrbvjoPT4lpuPj29JlN2giVNJx5OvLSghprxrLJfnxutuQbD13m5dzm%2BTpjfX3r17vplY6p0wyBlUTQp5%2FC64m5JXnbvZ4L9z5C8qOYfMS3fyIzAvKHIKnO3DpYucMgdULzFIPRV6ObI0tlloRaLnAlJVw%2F8FsMe%2B6%2B%2BhYDzS7h6RbomdL9HQJqodw%2BdlRltqjS7%2BFswLT3ohp6%2B0xbfWD03CdOq40grqMWNTiQjDJRdCqhVHo%2BzUh6q22DNrI3ETq7%2Bi%2FAAAA%2F%2F8BAAD%2F%2Fy8HPBCUBAAA","fqdn":"saycaptain.com","domain":"saycaptain.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.744Z","timestamp":1701623399744,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"saycaptain.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Nov 2023 10:57:35 GMT","end":"Mon, 26 Feb 2024 10:57:34 GMT"},"fingerprint":{"sha1":"4F:F1:FE:38:A4:6B:B4:3C:FD:7A:DA:CB:10:9E:F7:94:60:6D:69:22","sha256":"A2:72:D0:B3:71:AF:17:6B:59:2A:9B:5F:A1:64:79:84:33:5F:86:18:62:71:7E:47:F5:B6:A2:7C:83:F2:9F:81"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTtaTeDAExIMwoIcI7mz39Pz0mEMwxsRg3F3ywx481V%2FPllvT1VR1T8%2BOlyUByXECHjz2vtnNEg3BeBARBJn1IgtCxoPswQXxnosQrzKzA6MfdH%2Ff%2B14d3ntVn%2B%2FmJyRATo%2FXPzYDpTVdaVT9yoUNlQhTuMrq7UrgV%2F2LlQ2VNOsXK%2F3pz%2FbeDfxG1X%2B7ck3yLbNS8wPfD%2FygclVZGZv%2ByoyFSh%2B3g2rbr9Zr1aBRR9%2F%2BH7vcg6MeRO%2BEnIMSk5c2f3kKxcdIut9ckW4rM%2Bk7H3RzTTNj0RMHd5KtxBQJuosxth7i5GB%2BGsZNCPnyDExyMHcA09ubOgBTE%2BL9HoAlB3OZYL39U6VMQyZg4mUUvTGkHkPRMbi5ByWeEYALrK4h6T5cNbag26csnbITsvTib6hiQpb%2BOI%2Bk%2B%2BSyVv3KLaPzTJnEoR%2BXUP0xVGeMND9ENvCgikPw7C6U%2BJWsvLiBpLu35rSBEsdvtZoN1uR%2Ba7nJ23S53gzYchTXmsvtRhwx2m5HLSFmESk1horH0HII6jzk0095yGMPeeqhK44rtNGOfb8VszgMozrnPAw5b0RN0RBhPYp95HzqYYgsHYLrIbjdQWp3sKUePGucg81%2Fgtss4YQHlxH0RIlCEhSOoKAEhSIoMoKiV%2B4L7WqufCi0y1kw77V5D8uRyTq7dN9kHZkQUDvcTU%2FIq7P8%2FtkDtuRxRcg25SJssjYTMfcjGsWBHzZDVmvVWdDy4VQJ5c7M3A7UhLx29yxSNSFL3%2B%2BD0UM4fQiu3gTN3wAtRq2aD7o5qkc%2BBsmjWPcyU2VqAGFKpNkSsm1vV5%2BQ12ciPvzhE0h%2BdOmLwZ%2FXnpz%2FDNyWSG2JT9XPBB19f3TTFGTvpikcebqWZqqrBnR6wbcymsmzX30ktwtjxfUrbvjoPT4lpuPj29JlN2giVNJx5OvLSghprxrLJfnxutuQbD13m5dzm%2BTpjfX3r17vplY6p0wyBlUTQp5%2FC64m5JXnbvZ4L9z5C8qOYfMS3fyIzAvKHIKnO3DpYucMgdULzFIPRV6ObI0tlloRaLnAlJVw%2F8FsMe%2B6%2B%2BhYDzS7h6RbomdL9HQJqodw%2BdlRltqjS7%2BFswLT3ohp6%2B0xbfWD03CdOq40grqMWNTiQjDJRdCqhVHo%2BzUh6q22DNrI3ETq7%2Bi%2FAAAA%2F%2F8BAAD%2F%2Fy8HPBCUBAAA HTTP/1.1\r\nHost: saycaptain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: u_pl=16229538; uid_id2=765b6c07-6c9a-461b-8f26-95f8ba9987dd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 03 Dec 2023 17:09:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nX-Request-ID: 905d8287b0ae1afea26e05d9c6c7fff8\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7,"size_decoded":0,"mime_type":"image/gif","magic":"ASCII text, with no line terminators","md5":"132d6af1b46048b45cf86cdee7991d31","sha1":"eb7007d03d59b65bc6da7e098c4d38fc6dfb6285","sha256":"ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c","sha512":"ff7c468000b64b64a67199d0110afecead13da2dfd018e709392f39058d43155747ded8f3f8b30fbf8737851cb7839855d1c0b893da3258ab90e4af995dfef1e","ssdeep":"","tlshash":"fe4000000000000c000000000003c000000c0030330000000c00000000300030003000","first_seen":"2023-04-05T23:50:35Z","last_seen":"2026-05-09T00:57:49.425772Z","times_seen":19287,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css","fqdn":"cdn.creative-bars1.com","domain":"creative-bars1.com","tld":"com"},"ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.238Z","timestamp":1701623399238,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-bars1.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 21 Oct 2023 15:38:40 GMT","end":"Fri, 19 Jan 2024 15:38:39 GMT"},"fingerprint":{"sha1":"2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34","sha256":"79:4B:8A:52:C3:34:AC:4B:98:34:14:C1:CE:3B:CC:6C:D5:8B:22:C1:64:76:B2:7D:D3:70:F7:2F:7D:38:2E:D3"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1\r\nHost: cdn.creative-bars1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 21 Feb 2022 10:06:42 GMT\r\netag: W/\"62136432-13591\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ec3lSZFaEOXPVER4wMrk5Ci08TdMrfrStRuen7IUYbcrDYEWcuIqUuhL9HJHGSKRmqTf4wbMGJkhE%2B5XHG59q0gOpULGn5Q%2ByH%2Baq%2FZzU80YmBoqjNNbMUskLoSPyJ3V%2BiU8IzZiqn8P\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b847e9071bd-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4847,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e1d8acd5ee9d1a90ea09313cbd8f2b02","sha1":"8a8327b115d1356715e63270d1ce6d46124c7b1a","sha256":"3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a","sha512":"b942379b39b29577123ce4017a6566c046fe68c5a862f234302ddfdb08127e9e2d6b22bbf660ebcd5a196f63df0b34e4eaaa13c5f728e28b7cedfab2669f52f3","ssdeep":"384:ZFu8uVWgnu5uLlFlH/O/Qu7u/sjzbg/jxXlIPfL4jKgZQMkL0Vvaj7Z:ZFu8uEgnu5uBu7uhKgZQMkL0Vvaj7Z","tlshash":"bc731fad2991148452638a1d83df8e68673ce573181a9cef73c2488bcf8bf9c67c9147","first_seen":"2023-04-05T07:35:42Z","last_seen":"2026-05-10T05:52:22.143272Z","times_seen":4224,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":110,"dns":32,"connect":30,"send":0,"wait":170,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.900Z","timestamp":1701623400900,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 04:00:51 GMT\r\nexpires: Fri, 29 Nov 2024 04:00:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 02 May 2023 15:17:22 GMT\r\ncontent-type: font/woff2\r\nage: 306544\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\\012- data","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-05-10T18:28:51.602236Z","times_seen":212190,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.outbrainimg.com/transform/v3/eyJpdSI6ImY0ZDAwMTE1MWUwZWEyY2UxMDliY2ZiMTEyY2RiMWNjZDZmYjlhNGFjYTEzYzFlMzcyMTY4OWVkMjYxMWVmYjUiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp","fqdn":"images.outbrainimg.com","domain":"outbrainimg.com","tld":"com"},"ip":{"addr":"23.38.201.176","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.875Z","timestamp":1701623400875,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.outbrainimg.com","organization":"Outbrain Inc"},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Sat, 02 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"4F:05:15:71:93:78:ED:64:53:30:81:ED:DA:9C:FE:4F:7B:F9:41:BE","sha256":"1C:76:AE:86:AC:BE:6D:D3:76:6A:4D:E7:EF:D8:FF:EB:15:DA:C9:D1:EA:05:19:C6:C8:87:33:5A:5D:EA:55:DC"}}},"request":{"raw":"GET /transform/v3/eyJpdSI6ImY0ZDAwMTE1MWUwZWEyY2UxMDliY2ZiMTEyY2RiMWNjZDZmYjlhNGFjYTEzYzFlMzcyMTY4OWVkMjYxMWVmYjUiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp HTTP/1.1\r\nHost: images.outbrainimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 7908\r\nlast-modified: Sun, 26 Nov 2023 14:57:21 GMT\r\nx-traceid: 6d1274c136eb6a3829748d36c019f971\r\ncache-control: max-age=2010211\r\ndate: Sun, 03 Dec 2023 17:09:55 GMT\r\naccess-control-allow-credentials: false\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7908,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 270x240, Scaling: [none]x[none], YUV color, decoders should clamp\\012- data","md5":"cb85c5e73b47dbd53066820cf574bb97","sha1":"36ddc49a69f0e14d95f6ec282bd38223e90a1457","sha256":"9a58844e5ce20622a15426309758bb8695a3c3a4f10c51f1501e71b40f6be33e","sha512":"e7e348a108647209abd4df507f6e570cc95cab70f528bbe663f627bd5c2bbc7b3160e961a99d42f4ba58ef47745f574cbe15667965da4f5d5f2340a94cfca0b6","ssdeep":"","tlshash":"","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":66,"dns":56,"connect":1,"send":0,"wait":10,"receive":1,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"platform.bidgear.com/async-v2.json?zoneid=2221\u0026wu=https://www.flvto.biz/nesgncsgwp/","fqdn":"platform.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.037Z","timestamp":1701623397037,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /async-v2.json?zoneid=2221\u0026wu=https://www.flvto.biz/nesgncsgwp/ HTTP/1.1\r\nHost: platform.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: 0\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gbrWXXzOfbgJs30CTLYpXtTzSJp4IYGvOqmNSexIrr4PA9NwIPVb00CMiOvu9jWCJP%2FpL0KxvxmTmwDvpSsK%2FT8BHXbusSYPgwiIrytMeGuiXVvlDKY3USKJoFiUe%2BFGvzEwoUjJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b75e83c0afa-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":690,"size_decoded":0,"mime_type":"application/javascript","magic":"JSON data\\012- , ASCII text, with very long lines (1232), with no line terminators","md5":"6e3a541cfae266bfb373f0a81f552aa9","sha1":"8efcc309507650c54c64c61f3535d5dc41302f35","sha256":"f7208c8747bd86f3ff033a7909fb676ceed4bd812dc3654f08b22adfaf2dbf02","sha512":"8a2ab4cf3719cd15b19219e3f78ed8b52b0649a095674c9e8e2afcc2ccf2267d9c602cf47fe3cb2c85d78f5c2f2f6f538fb44e49f4342c5696b1e58ac8cf13da","ssdeep":"","tlshash":"7321445f6af0e11158131466cc73fb7e38baa0099b589c2ebcbf1726d3b49a81652105","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.870Z","timestamp":1701623400870,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css?family=Lato\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 03 Dec 2023 17:09:53 GMT\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":358,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"665ba724bfd78c3241e8331cadac8f69","sha1":"a1d86f02c847dec4ec4334864764514dccc16673","sha256":"bc1e9374c14d92d97954e64a30e9720f0667c92f552e5d09ee84959cda233725","sha512":"b98dc36c9546d84570982ac3264154bd199c302be2eab5bd908e0cadda562b488343bffbd77e437bb56dd4cf74ad99516ed80683a6edff2de14cb01eff799a4c","ssdeep":"","tlshash":"cee0c0544d42ffb1d95684f2491296a5a3dbe2942007cc786ccca503045c6ce0e6c2e9","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.prplads.com/prebid-2023-10-03.js","fqdn":"cdn.prplads.com","domain":"prplads.com","tld":"com"},"ip":{"addr":"104.26.2.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:10:01.392807797Z","timestamp":1701623401392,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /prebid-2023-10-03.js HTTP/1.1\r\nHost: cdn.prplads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=1209600\r\ncf-bgj: minify\r\ncf-polished: origSize=323203\r\netag: W/\"c7c7415b80d5bb12e941595d2cc6b7f7\"\r\nlast-modified: Tue, 03 Oct 2023 08:29:24 GMT\r\nx-amz-id-2: cFsOaZRD+HjQqhV0tKhvlHDsz3Gv2Okd3uxT0Aia0nz96NIND3VWt5DmqRQv0jaYe3oHjqyXvt0=\r\nx-amz-request-id: 57Y77SA59NV0433T\r\ncf-cache-status: HIT\r\nage: 263543\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=3LrBLOEmU8stj1WB55KbmIMVdeDFtjbwwlNn3kkaVVZp8HaPidH6%2BzaJ9vz8vCniNBDW4JUIwLbJef0dklcAEDh6kSmjZTVNb1fUyQaasZZa2YXsu0BPlbRzl86OFJMx7Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b812ba7568d-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":101812,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"22c6991529f172186b30126ef7602734","sha1":"3c24b11bbbf27e04dbb073ca1d27dbafe407b606","sha256":"f6c7add2b831f224789f67233e1064f9a3ceb1b55ac76644fa4eadc20cbe5c63","sha512":"a50cd11e8abe11844203c787b836be68f2f79dce5501f6d1417422446195e56fe04866baddb48f6c71fe4c474d616d4c15490f0156eedb9d9843d5d1eff656e6","ssdeep":"3072:m75t+DOQJBxVAwfKIGcog9ZdqeL1qDpb0pv9A8/AOrtE37G8T/m+KNs:e5tKxJBDBbmeL12+V9Aa87/uNs","tlshash":"4264a5cdb6c6f06653a720b4807f120eb33bad54354d9410f526e9d53c78aafa223e6d","first_seen":"2023-10-14T16:53:24Z","last_seen":"2023-12-15T18:28:08Z","times_seen":69,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgncsgwp/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T17:10:08.208220737Z","timestamp":1701623408208,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /nesgncsgwp/ HTTP/1.1\r\nHost: www.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 03 Dec 2023 17:10:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 41\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncontent-language: ne\r\nlocation: /nesgn/\r\nvary: Accept\r\nset-cookie: connect.sid=s%3AhtiZG8Eu3Cw8sk23THXRyMk5jicT2NYi.exii4I4nTN9S%2BiamJbK9sMPv%2FAU7a7uzduN%2FjNix2cs; Path=/; Expires=Sun, 03 Dec 2023 18:10:02 GMT; HttpOnly\r\ncache-control: no-cache, no-store, must-revalidate\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=UWINp4XUxcYIW%2BTdlqaKvrAHZ0IoLMN95v%2B8%2FjJmLd7iybeH13psyE7%2BWoTwPOlduIAR9xfAYdoB7toMh1%2Fy2t%2BjMxwc8ozn0f9bZhZ%2B%2BwU9ACkrg7I%2F5wGsHkYroE5U\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6bbae92456af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":41,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"c0e87dbaf856464f5cdcf1b75f969ed5","sha1":"d26ac997afe22163332c0a92a715893d0deede02","sha256":"843e9582975c6e80241773ee4c265566259ede0e7e321fd26dba74d36807c5d8","sha512":"f4226c04968fbfca9d08c7a4b2ecfe3bac206df9f558527d29f2da0f0928c017f5c07e7048c51447c3a7e22257b71dd38b6cf30e78e0a06fa63605eca17d401c","ssdeep":"","tlshash":"8f90044cd74010f451d7171cd4400334575cc014570c07170430c3c454010d71d700d1","first_seen":"2023-05-18T11:11:58Z","last_seen":"2024-08-21T09:00:33.305765Z","times_seen":5,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-static.flvto.biz/_next/static/css/styles.94b5e2c8.chunk.css","fqdn":"cdn-static.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.453Z","timestamp":1701623393453,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /_next/static/css/styles.94b5e2c8.chunk.css HTTP/1.1\r\nHost: cdn-static.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 15 Nov 2023 11:58:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6554b278-3eec\"\r\nexpires: Thu, 21 Nov 2024 13:12:09 GMT\r\ncache-control: max-age=31536000, public\r\npragma: public\r\ncf-cache-status: HIT\r\nage: 964659\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FSZv4b6KH3yQ2LQTmQSppYarIiKTAyhm19ZUwMgMc0EdiqfsafThepM%2BbWeRztq9tj3Iqcdyj0CXmbM9TgMDyvSz8rlmSV5YVeYCYbeCn1Q4QEDrHxQu%2F%2BoO%2FmW8Xn0FBlHRGBTk5Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b5fa92d569f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16108,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.flvto.biz/_next/static/images/img-main-8ddd4264b06a73b6515db09179cbbf55.webp","fqdn":"cdn.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.279Z","timestamp":1701623393279,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /_next/static/images/img-main-8ddd4264b06a73b6515db09179cbbf55.webp HTTP/1.1\r\nHost: cdn.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/html\r\nlocation: https://cdn-static.flvto.biz/_next/static/images/img-main-8ddd4264b06a73b6515db09179cbbf55.webp\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=wxc7ZhdOV%2BWrtwJFFI5oa34dsorFTvJECxgKjKILnfIs4p68prYCEeYdK48m%2FFUhgA0zSf69iyroZ%2FbnsR7fkHdN3VnH%2BjDTdRxvot%2BFGA8J5aXvcqYhOOnIG5dM%2FWMN39QzKOU6AA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-77-nzt: EwwBuUwJDQHXwCcIAAwBuUwKAQH3RwMAAAwB1GY4nAH3BgEAAA\r\nx-77-nzt-ray: c0a4cc28731266245cb66c6521e39b02\r\nx-accel-date: 1701088924\r\nx-77-cache: HIT\r\nx-77-age: 535565\r\nx-cache-lb: HIT, HIT\r\nx-age-lb: 839, 534464\r\nx-77-pop: stockholmSE\r\ncf-cache-status: EXPIRED\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b5e9f97569f-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":16394,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.prplads.com/load.js?publisherId=865f9b57212f5a3261580bd6ab9b23bc:6d77b29e1174de9720da61fb75014900be589c158a6320d7794579fb7ceaa31c457b7fca2efaa090f3c987963e93dce95b55919a8cd5caad6bcc1f84e0318412","fqdn":"cdn.prplads.com","domain":"prplads.com","tld":"com"},"ip":{"addr":"104.26.2.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.201Z","timestamp":1701623397201,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prplads.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 13 Oct 2023 12:28:33 GMT","end":"Thu, 11 Jan 2024 12:28:32 GMT"},"fingerprint":{"sha1":"1D:DC:5D:E3:C9:52:D6:68:A1:9C:80:1E:CF:12:47:DA:C4:CF:72:EF","sha256":"AE:6E:7F:66:F7:6E:D8:6F:7E:D0:94:D4:4C:AD:7E:A0:8B:F3:47:CC:D8:59:DE:2D:EA:8B:99:05:1D:34:76:39"}}},"request":{"raw":"GET /load.js?publisherId=865f9b57212f5a3261580bd6ab9b23bc:6d77b29e1174de9720da61fb75014900be589c158a6320d7794579fb7ceaa31c457b7fca2efaa090f3c987963e93dce95b55919a8cd5caad6bcc1f84e0318412 HTTP/1.1\r\nHost: cdn.prplads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: application/javascript\r\ncf-bgj: minify\r\netag: W/\"5f7635c53c62d2ead8c8e735f3506c20\"\r\nlast-modified: Thu, 20 Jul 2023 08:28:30 GMT\r\nx-amz-id-2: ZjOkANAv2k5sqBeBDZqe8mMS18FEebK8OS1V8xiP+fqQ8syfdoiDTieI+jrxEptIubiIi3A2WGw=\r\nx-amz-request-id: 8YK73PQPP6XC0QSV\r\ncache-control: max-age=86400\r\ncf-cache-status: HIT\r\nage: 3557\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=J%2Fjbc20koLxReYlKAsxwEsIj6BEcO3ux%2BPpLK7mzeXn%2Fck9El5araQPT0lSlcPjfhmu3xx6z%2BG%2FXxMwsSa96C9mR8sQiz3t2iBccfHUxuiDtTy5L8HamfQw7R8kpx6eGdw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b771a45568d-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45231,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":21,"dns":15,"connect":1,"send":0,"wait":17,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.flvto.biz/_next/static/images/img-ai-6420d7da46a5410014a02cbbe16d6d5d.webp","fqdn":"cdn.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.275Z","timestamp":1701623393275,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /_next/static/images/img-ai-6420d7da46a5410014a02cbbe16d6d5d.webp HTTP/1.1\r\nHost: cdn.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/html\r\nlocation: https://cdn-static.flvto.biz/_next/static/images/img-ai-6420d7da46a5410014a02cbbe16d6d5d.webp\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=bvAiHtJYFIhS1t97JTH3t%2F0EsMil6r5pkgQNqp0LXB9WX6mPhk%2FL2bXwwPPnVEutuclz2%2FV0rDhm8Iba%2FaoBXvuj99EpWyVP%2BRZien85g9wt8iNy%2BZBYtcixvAb9YDvHYmQuBB4W1Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-77-nzt: EwwBuUwJDQHXHwYIAAwBuUwKCQH3VgsAAAwB1GY4nAH3Dp0AAA\r\nx-77-nzt-ray: c0a4cc28aa097d245cb66c658b61dd02\r\nx-accel-date: 1701097533\r\nx-77-cache: HIT\r\nx-77-age: 568963\r\nx-cache-lb: HIT, HIT\r\nx-age-lb: 2902, 525855\r\nx-77-pop: stockholmSE\r\ncf-cache-status: EXPIRED\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b5e9f98569f-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":23388,"size_decoded":0,"mime_type":"image/webp","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"friendshipmale.com/sfp.js","fqdn":"friendshipmale.com","domain":"friendshipmale.com","tld":"com"},"ip":{"addr":"172.64.134.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.835Z","timestamp":1701623397835,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Sat, 18 Feb 2023 00:00:00 GMT","end":"Sat, 17 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37","sha256":"82:4E:6A:8D:E6:9B:EA:74:3D:E2:A4:3F:17:C0:E9:50:1B:15:F3:8F:64:56:CD:91:82:2E:74:C0:A3:75:C8:1A"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: friendshipmale.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:52 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: max-age=14400\r\nx-request-id: f864dfcb45143d20481bd4352dba74e8\r\nstrict-transport-security: max-age=0; includeSubdomains\r\ncf-cache-status: EXPIRED\r\nlast-modified: Sun, 03 Dec 2023 17:09:52 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=B3x3GqaflqWf60aFeNV6A5sOKShYqrbnoQm4rWvrf5OaCpXhIEQI1xkOF3iK6vt5dcjfv0B9ysh8UQyKUw4qm%2Ffp2D9%2F2R1ta%2B9f5zvH7aMidfr%2BahGn%2F%2FPjPy97F1FxN87V9v8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b7baaec653e-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85468,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":105,"dns":30,"connect":32,"send":0,"wait":131,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flvto.biz/","fqdn":"flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-03T17:09:52.332Z","timestamp":1701623392332,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 03 Dec 2023 17:09:47 GMT\r\ncontent-type: text/html\r\nlocation: https://www.flvto.biz/\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=CzmgpYAkTnoXjg%2BrAFx49oX3ndB%2B1fpYgfhCeJt9FIPw4T2fUNpax8aBoGNatgvIxM2WdnSsH9%2F3%2BEJd0jN%2FJSFlUbINcyP1hDb83dfMjYHX200279pBKMhpwQs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b58dff956cc-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":66491,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":47,"dns":0,"connect":1,"send":0,"wait":116,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.tradertimerz.media/deliver/js/860301d4060ef8c","fqdn":"ad.tradertimerz.media","domain":"tradertimerz.media","tld":"media"},"ip":{"addr":"5.75.199.190","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ad.tradertimerz.media/deliver/pixel/860301d4060ef8c","date":"2023-12-03T17:09:53.587Z","timestamp":1701623393587,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ad.tradertimerz.media","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Nov 2023 23:40:47 GMT","end":"Wed, 07 Feb 2024 23:40:46 GMT"},"fingerprint":{"sha1":"04:FC:4E:84:7F:0A:86:3E:C1:2F:6F:08:A1:28:5B:92:98:2C:EB:BE","sha256":"A9:B0:F7:73:EC:A7:90:E3:33:89:C8:8E:30:FB:74:A5:C2:92:13:EA:55:A9:25:1D:D2:8C:CE:2F:DA:D4:DB:0E"}}},"request":{"raw":"GET /deliver/js/860301d4060ef8c HTTP/1.1\r\nHost: ad.tradertimerz.media\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ad.tradertimerz.media/deliver/pixel/860301d4060ef8c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-length: 1337\r\ncache-control: max-age=4157, public, s-maxage=3599\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2877,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (2943), with no line terminators","md5":"83802af56a8d8d3a6d59b29c6f074a74","sha1":"60fcaa3ba445211b74c7f7f11aaef086b058a766","sha256":"f7ab6889f0f5e8057a22dc4ade8299d64061c64199cffb3f27e6066b38cf59b5","sha512":"109bd9f2076504845b0ac635a24c4d72ae11ec184fb13cde139186d3c403f0d16a48fca89924b9b78eca201e02722bcb4887a155c2ef8ac2d42c173ec2a6eee7","ssdeep":"","tlshash":"de5171a9bf51e86081f20150207fd32db2356624786ae000ab9ddce85c70ff69b56a6a","first_seen":"2023-10-01T18:49:04Z","last_seen":"2024-08-21T05:23:48.923478Z","times_seen":34,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imp9.bidgear.com/rec?t=1\u0026z=2309\u0026uuid=14443b83ab964dda9e02c4ef7c730b63\u0026p=85\u0026g=NO\u0026token=4a44335432\u0026tbg=1701623391","fqdn":"imp9.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.173Z","timestamp":1701623397173,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /rec?t=1\u0026z=2309\u0026uuid=14443b83ab964dda9e02c4ef7c730b63\u0026p=85\u0026g=NO\u0026token=4a44335432\u0026tbg=1701623391 HTTP/1.1\r\nHost: imp9.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 599\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=5JZZYge4MsBivgd3fq96HoKHsnhoJIheqp7MbIDJW9j5TSOaD1eZncSqWVJrFxDezu9pNaIvsPVS15YNbjhqGGkRhPSwKVLjczIWz0F54jl6r6mdfuQ1KS0Y7Cav3ZD3n78%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b76d9280afa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":599,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1x1, components 3\\012- data","md5":"ca49a7e783b806a4e8576ea80346203d","sha1":"6fe9d083221dae98f6c76f7121c37bc884b02d82","sha256":"3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28","sha512":"b564eb9ab87f42e8ec4794647a1ccb84972b435062a81569ce543c3a6e2252125c2c966a35885d0269635212e1f7d44ee64eb0a2378f7ad849e704aecfa48651","ssdeep":"","tlshash":"e9f0202aab132610df1395be040a24b3a1db45823d603a312db186a5c620cf48449708","first_seen":"2023-04-05T02:54:02Z","last_seen":"2024-08-21T09:44:12.864116Z","times_seen":1585,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.purpleads.io/x/v2/f?pid=77a039e9e192436b8520470179cd037d\u0026demand=unifiedPb\u0026ts=1701623399392","fqdn":"api.purpleads.io","domain":"purpleads.io","tld":"io"},"ip":{"addr":"34.234.32.221","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.547Z","timestamp":1701623399547,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.purpleads.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 01 Oct 2023 00:00:00 GMT","end":"Mon, 28 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97","sha256":"60:91:68:98:3D:A2:BB:60:32:A2:5A:15:5B:D7:E3:F5:63:63:2D:AC:24:63:D7:3C:53:92:1F:24:23:E9:A9:85"}}},"request":{"raw":"GET /x/v2/f?pid=77a039e9e192436b8520470179cd037d\u0026demand=unifiedPb\u0026ts=1701623399392 HTTP/1.1\r\nHost: api.purpleads.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/\r\nContent-Type: application/json\r\nx-purpleads-version: 2.0.4\r\nx-request-url: aHR0cHM6Ly93d3cuZmx2dG8uYml6L25lc2duY3Nnd3Av\r\nAuthorization: Bearer 865f9b57212f5a3261580bd6ab9b23bc:6d77b29e1174de9720da61fb75014900be589c158a6320d7794579fb7ceaa31c457b7fca2efaa090f3c987963e93dce95b55919a8cd5caad6bcc1f84e0318412\r\npa-user-id: ecd1fb6f-d99c-4f38-a766-755a5e924f47\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: https://www.flvto.biz\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: pa-user-id\r\netag: W/\"583-9VWRQzy+OEoiQfMD9sLunCdwuNs\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1411,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1466), with no line terminators","md5":"c67fbd128db086a1b53ce155835dcc2b","sha1":"86bb925eb8edc7ff7c4e9176b027d215bd1d03d7","sha256":"5d75b5db304de5a32f3a4f4df231c06028709ec14aa1f9e817644e48f2db7df7","sha512":"bf59b39f2c6449e7ca618a1f66a63e43b19049fa1dac5d55b569e99e0a1869c72c2ae8aaef59e4eb9a996889ba6fda1ea05fcb52a3e4dddd8fcad24c531cf763","ssdeep":"","tlshash":"7a3194c65018ec26dfc8e9dda4f20e10b20a618b1e6acce471e25e1bc1402f597e4af3","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html","fqdn":"cdn.barscreative1.com","domain":"barscreative1.com","tld":"com"},"ip":{"addr":"45.133.44.4","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.087Z","timestamp":1701623399087,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.barscreative1.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Nov 2023 03:00:51 GMT","end":"Fri, 09 Feb 2024 03:00:50 GMT"},"fingerprint":{"sha1":"55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F","sha256":"C7:41:66:27:25:F6:F0:53:1A:D0:15:07:00:08:7F:B2:E1:EC:F7:D6:29:BD:85:9D:FD:6D:DF:FA:2C:98:D9:02"}}},"request":{"raw":"GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1\r\nHost: cdn.barscreative1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx/1.21.6\r\nlast-modified: Tue, 29 Mar 2022 08:27:10 GMT\r\netag: W/\"6242c2de-602\"\r\ncache-control: max-age=3600\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nexpires: Sun, 03 Dec 2023 18:09:53 GMT\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1538,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document, ASCII text, with very long lines (1639), with no line terminators","md5":"97b357c624104a8e915d01424dfe16ce","sha1":"6bd7fcedfb7986b149601b1bc840f525b67a8f06","sha256":"8d010e7163298acf3671bb429a2e0b1d69033a5adc314fa4bddebf74b9775e6e","sha512":"646d41bd4235723301380f7bb9ab2721892ec78e7986bd6110de224a4c35697fbfd045869c4038dec7abd60311afef1e1cef9214847f06716382e318596cc75f","ssdeep":"","tlshash":"d731356a39cd497b15d3ca8d7b343f6eac91f5808c1a5d0233fcada84395ca8d9a3503","first_seen":"2023-04-05T07:51:04Z","last_seen":"2025-03-09T17:34:22.730198Z","times_seen":612,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":84,"dns":3,"connect":26,"send":0,"wait":27,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css","fqdn":"cdn.creative-bars1.com","domain":"creative-bars1.com","tld":"com"},"ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.240Z","timestamp":1701623399240,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-bars1.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 21 Oct 2023 15:38:40 GMT","end":"Fri, 19 Jan 2024 15:38:39 GMT"},"fingerprint":{"sha1":"2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34","sha256":"79:4B:8A:52:C3:34:AC:4B:98:34:14:C1:CE:3B:CC:6C:D5:8B:22:C1:64:76:B2:7D:D3:70:F7:2F:7D:38:2E:D3"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1\r\nHost: cdn.creative-bars1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 21 Feb 2022 10:59:09 GMT\r\netag: W/\"6213707d-1048\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=SIgQUmN%2BZw%2FJahW8VuedAUB5v3kK%2BaQmWOZaMH5VfZYddOVsnKUiFQv396X8yhzrOkM6JNDrWUmYY0Qyl2HGpzqI63jGSQ%2B71hrSxhmtEDB3mj9n2Ikqcz5tkJZ6SUA%2Ba7YzJ6HEfmtw\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b847e8271bd-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4168,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4404), with no line terminators","md5":"68b1992666e9738c9fe476446c9554c6","sha1":"7ed918e75115fd3be8bd1df1f6106d3f53129c78","sha256":"c3ca1c3bc15dfab20c6c3733049214afc18b2deaba8d9685c57cc3f238b687d8","sha512":"f8a9ddc70f622d09771d21b480a63bcab7b8bdb9f3042d2125946224d9d4ab908c316a1e66bf1e446e9bceccec327cf1c7a9c87983df5374995a504724c0b785","ssdeep":"96:WPUvwh1CtntEPyMfib3PPlqD3x0HwFz5bOWmvWDbOWmv6bOWw1Pc:KjhcbEaMiPlqTxFFz5vZvXvv","tlshash":"dd91001fae134674a012cfa2bfd65b53232d7223863652293fc0634b439e694d5c176e","first_seen":"2023-04-05T09:26:54Z","last_seen":"2024-08-21T09:33:03.754796Z","times_seen":591,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":105,"dns":31,"connect":32,"send":0,"wait":300,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.purpleads.io/x/v2/f?pid=77a039e9e192436b8520470179cd037d\u0026demand=unifiedPb\u0026ts=1701623399392","fqdn":"api.purpleads.io","domain":"purpleads.io","tld":"io"},"ip":{"addr":"34.234.32.221","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.445Z","timestamp":1701623399445,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.purpleads.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 01 Oct 2023 00:00:00 GMT","end":"Mon, 28 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97","sha256":"60:91:68:98:3D:A2:BB:60:32:A2:5A:15:5B:D7:E3:F5:63:63:2D:AC:24:63:D7:3C:53:92:1F:24:23:E9:A9:85"}}},"request":{"raw":"OPTIONS /x/v2/f?pid=77a039e9e192436b8520470179cd037d\u0026demand=unifiedPb\u0026ts=1701623399392 HTTP/1.1\r\nHost: api.purpleads.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url\r\nReferer: https://www.flvto.biz/\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\naccess-control-allow-origin: https://www.flvto.biz\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: pa-user-id\r\naccess-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-03T17:09:52.523Z","timestamp":1701623392523,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Sun, 03 Dec 2023 17:09:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncontent-language: ne\r\nlocation: /nesgn/\r\nvary: Accept\r\nset-cookie: connect.sid=s%3AS7ELQsXOwcWWJmunfzSzPDvlc2BoiNo4.KRrLl8vLm5FCHa%2F23jBhycRc6hi%2FGBpljhRkAeOe%2FI8; Path=/; Expires=Sun, 03 Dec 2023 18:09:47 GMT; HttpOnly\r\ncache-control: no-cache, no-store, must-revalidate\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2BZJ8wxd9zHBtM99qSb6WTbVBb%2BdoOrvHuQk0SCrhi1WULKYGDrTlMydTF4NleP0dc7NQWs8ru2pVkBMiweCtgIzFQ6KdYNoBzscBqeWRzv2q86qZc9cDf9oIRM4q35Ae\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b59e827569f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":66491,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imp9.bidgear.com/rec?t=1\u0026z=2221\u0026uuid=cf60add65e2d4732b8614987f8d0360b\u0026p=85\u0026g=NO\u0026token=4a44335432\u0026tbg=1701623391","fqdn":"imp9.bidgear.com","domain":"bidgear.com","tld":"com"},"ip":{"addr":"172.67.74.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:57.196Z","timestamp":1701623397196,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 01 May 2023 00:00:00 GMT","end":"Tue, 30 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B","sha256":"8E:33:A6:A8:55:B7:FD:60:51:2F:C8:3B:62:DB:24:47:9D:CE:3D:1F:1D:23:E7:49:65:DB:77:53:DB:00:99:96"}}},"request":{"raw":"GET /rec?t=1\u0026z=2221\u0026uuid=cf60add65e2d4732b8614987f8d0360b\u0026p=85\u0026g=NO\u0026token=4a44335432\u0026tbg=1701623391 HTTP/1.1\r\nHost: imp9.bidgear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 599\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=mS7WKluomGY6b4DKGM%2BkKLH41ZSj6EVGkq%2FS5sr8RT%2B5iKNiG0LZ6UThwKBsY6IEPMnkltQgu93F%2Bln%2F7YwuUMzbngUVemqkCZpg6%2FNT1CHsqtYHrXJXjqy2LMnzVhfa4f4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b76e9460afa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":599,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1x1, components 3\\012- data","md5":"ca49a7e783b806a4e8576ea80346203d","sha1":"6fe9d083221dae98f6c76f7121c37bc884b02d82","sha256":"3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28","sha512":"b564eb9ab87f42e8ec4794647a1ccb84972b435062a81569ce543c3a6e2252125c2c966a35885d0269635212e1f7d44ee64eb0a2378f7ad849e704aecfa48651","ssdeep":"","tlshash":"e9f0202aab132610df1395be040a24b3a1db45823d603a312db186a5c620cf48449708","first_seen":"2023-04-05T02:54:02Z","last_seen":"2024-08-21T09:44:12.864116Z","times_seen":1585,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"log.outbrainimg.com/loggerServices/log-viewability?requestId=01012b47923b017bad2bd7bcc373499d\u0026position=0","fqdn":"log.outbrainimg.com","domain":"outbrainimg.com","tld":"com"},"ip":{"addr":"70.42.32.191","port":443,"asn":22075,"as":"AS-OUTBRAIN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.884Z","timestamp":1701623400884,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.outbrainimg.com","organization":"Outbrain Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 14 Mar 2023 00:00:00 GMT","end":"Sat, 13 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4","sha256":"79:9C:B0:CC:46:FD:5C:1C:22:F6:8B:DE:DA:89:06:D6:91:6E:50:5D:86:6A:C8:FC:8F:1D:D3:4B:DA:8C:27:34"}}},"request":{"raw":"GET /loggerServices/log-viewability?requestId=01012b47923b017bad2bd7bcc373499d\u0026position=0 HTTP/1.1\r\nHost: log.outbrainimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 03 Dec 2023 17:09:55 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 4\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET,POST\r\nX-TraceId: 9dbe86fa67b0985980cc4a277312cb85\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-05-10T18:26:40.367438Z","times_seen":384962,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":347,"dns":62,"connect":92,"send":0,"wait":93,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/get-rtb-url","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:53.644Z","timestamp":1701623393644,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /get-rtb-url HTTP/1.1\r\nHost: www.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flvto.biz/nesgncsgwp/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3AS7ELQsXOwcWWJmunfzSzPDvlc2BoiNo4.KRrLl8vLm5FCHa%2F23jBhycRc6hi%2FGBpljhRkAeOe%2FI8; lng=ne; is_user=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:48 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\netag: W/\"53-JYb2BlDl+z47zLO4BoZ7iPGpBr4\"\r\ncache-control: no-cache, no-store, must-revalidate\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=jF0ThJ%2FL2lUTau2C%2F7tg%2BXBznU8n72cX8CSKegKmR%2Bg87qnLjw3EpOe2Y3Uweb%2F%2Fz4rZyTNupWZrpr38wuGM9r3hoKjqT4W8DlGnd3Q%2BVEXeLRnFVv31aQeR5KizEOQF\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b60bb0b569f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"troff or preprocessor input, ASCII text, with no line terminators","md5":"e572ca77f961e36153ed900bbe38303c","sha1":"a99cfcb4ed4d5e627757988ab0fe80559ede0bf1","sha256":"2d83944194cc038da53e4d86d4590c41446a05aee966414ab4670890d4141b00","sha512":"73ff1611fc4c7c5dbaa1d7acba98e9c4f971d336cc2341e16e2ff35c03bb7a98a75db3928042d4e51d27ef8590ecd7596c06b819896b6b3c348558047a36f11c","ssdeep":"","tlshash":"6fb012c1605500f9b62010c37a5b7d054811314be8699d65cc213000c0801915204c13","first_seen":"2023-12-03T18:10:16Z","last_seen":"2023-12-03T18:10:16Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js","fqdn":"cdn.creative-bars1.com","domain":"creative-bars1.com","tld":"com"},"ip":{"addr":"172.64.108.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.469Z","timestamp":1701623399469,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-bars1.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 21 Oct 2023 15:38:40 GMT","end":"Fri, 19 Jan 2024 15:38:39 GMT"},"fingerprint":{"sha1":"2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34","sha256":"79:4B:8A:52:C3:34:AC:4B:98:34:14:C1:CE:3B:CC:6C:D5:8B:22:C1:64:76:B2:7D:D3:70:F7:2F:7D:38:2E:D3"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1\r\nHost: cdn.creative-bars1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 21 Feb 2022 10:06:46 GMT\r\netag: W/\"62136436-3be\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncf-cache-status: MISS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=YUFY4D9%2F4wa9DckdzXmyUIqGGsRuLgc432BtFRFAYSlbwIkYhaD%2BLsdIYURXLHPdK2V3oPC0fESZWHajiqmvq2MEYirCpbNcB9TFjSX78Yif%2FuDKuHsqzQesyVjbIa1NaRyRD8Md7tEK\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82fd6b85480371bd-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":958,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1009), with no line terminators","md5":"04835fd7dd7f8cfbad901bee8cff2170","sha1":"38e9ed1e93f8f0beba9447a99afe3995e63b6f3e","sha256":"be63bbd38c66ca9a9ee1c8abfed042fd5fc090c40b91ad561e922744ece47c41","sha512":"96fd3a27c3f1326ee5093375977e61d0a0871ddfa204b668f8f0241db8775fdab0a794146c807ec099f714ef335a93d7b238c002107d79afdb18820251b7313a","ssdeep":"","tlshash":"a8119e272518c2f46217f267a27725f6e93316acd422430b371c054e0ec6761a3d5af6","first_seen":"2023-04-05T09:26:54Z","last_seen":"2025-03-09T17:34:22.738598Z","times_seen":758,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"saycaptain.com/pixel/sbs?c=1","fqdn":"saycaptain.com","domain":"saycaptain.com","tld":"com"},"ip":{"addr":"173.233.137.36","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.745Z","timestamp":1701623399745,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"saycaptain.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Nov 2023 10:57:35 GMT","end":"Mon, 26 Feb 2024 10:57:34 GMT"},"fingerprint":{"sha1":"4F:F1:FE:38:A4:6B:B4:3C:FD:7A:DA:CB:10:9E:F7:94:60:6D:69:22","sha256":"A2:72:D0:B3:71:AF:17:6B:59:2A:9B:5F:A1:64:79:84:33:5F:86:18:62:71:7E:47:F5:B6:A2:7C:83:F2:9F:81"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: saycaptain.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nCookie: u_pl=16229538; uid_id2=765b6c07-6c9a-461b-8f26-95f8ba9987dd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 03 Dec 2023 17:09:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":299,"dns":1,"connect":99,"send":0,"wait":99,"receive":1,"ssl":199},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-03","alert":"Sinkholed","trigger":"saycaptain.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.755Z","timestamp":1701623399755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.flvto.biz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 04:57:34 GMT\r\nexpires: Fri, 29 Nov 2024 04:57:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 303140\r\nlast-modified: Wed, 11 May 2022 19:24:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\\012- data","md5":"15d9f621c3bd1599f0169dcf0bd5e63e","sha1":"7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52","sha256":"f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615","sha512":"d35a47162fc160cd5f806c3bb7feb50ec96fdfc81753660ead22ef33f89be6b1bfd63d1135f6b479d35c2e9d30f2360ffc8819efca672270e230635bcb206c82","ssdeep":"384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/","tlshash":"8162e00158a163ade9b2327ed10b1b91c40660a27d2504e8c6e4fc95fe3d7ed5487b76","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-05-10T18:13:59.996808Z","times_seen":160015,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=01012b47923b017bad2bd7bcc373499d\u0026pvId=01012b47923b017bad2bd7bcc373499d\u0026sid=9435690\u0026pid=45718\u0026idx=0\u0026wId=140\u0026pad=1\u0026org=0\u0026tm=0\u0026eT=3\u0026cnsnt=no_consent","fqdn":"log.outbrainimg.com","domain":"outbrainimg.com","tld":"com"},"ip":{"addr":"70.42.32.191","port":443,"asn":22075,"as":"AS-OUTBRAIN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.882Z","timestamp":1701623400882,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.outbrainimg.com","organization":"Outbrain Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 14 Mar 2023 00:00:00 GMT","end":"Sat, 13 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"20:D2:F0:B3:C3:92:99:66:27:4F:78:12:57:9F:4D:C0:BF:9A:8F:C4","sha256":"79:9C:B0:CC:46:FD:5C:1C:22:F6:8B:DE:DA:89:06:D6:91:6E:50:5D:86:6A:C8:FC:8F:1D:D3:4B:DA:8C:27:34"}}},"request":{"raw":"GET /loggerServices/widgetGlobalEvent?rId=01012b47923b017bad2bd7bcc373499d\u0026pvId=01012b47923b017bad2bd7bcc373499d\u0026sid=9435690\u0026pid=45718\u0026idx=0\u0026wId=140\u0026pad=1\u0026org=0\u0026tm=0\u0026eT=3\u0026cnsnt=no_consent HTTP/1.1\r\nHost: log.outbrainimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 03 Dec 2023 17:09:55 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 4\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET,POST\r\nX-TraceId: 344883be51aaab6457f51b75037cff2e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-05-10T18:26:40.367438Z","times_seen":384962,"resource_available":true,"data":null}},"time_used":821,"timings":{"blocked":351,"dns":65,"connect":93,"send":0,"wait":111,"receive":4,"ssl":192},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flvto.biz/nesgn/","fqdn":"www.flvto.biz","domain":"flvto.biz","tld":"biz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-03T17:09:52.606Z","timestamp":1701623392606,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flvto.biz","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 18:05:13 GMT","end":"Thu, 04 Jan 2024 18:05:12 GMT"},"fingerprint":{"sha1":"0B:42:D5:C9:76:A0:F2:0D:7D:43:32:D9:AD:AF:A4:28:B1:13:90:37","sha256":"BF:8D:8D:23:8E:23:49:13:84:02:2A:20:1E:78:26:2A:8E:47:99:A8:4B:87:C6:81:51:26:15:B6:AA:4E:FC:F2"}}},"request":{"raw":"GET /nesgn/ HTTP/1.1\r\nHost: www.flvto.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: connect.sid=s%3AS7ELQsXOwcWWJmunfzSzPDvlc2BoiNo4.KRrLl8vLm5FCHa%2F23jBhycRc6hi%2FGBpljhRkAeOe%2FI8\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 03 Dec 2023 17:09:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncontent-language: ne\r\ncache-control: public, must-revalidate, max-age=3599, s-maxage=3599, stale-while-revalidate=3600, no-cache, no-store, must-revalidate\r\nx-cache-status: MISS\r\nx-cache-expired-at: 3599999\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=j%2FKV6RdZOXo42qkifioSIH07K%2B9joDLwlhuJSc9dQ4On%2F5xqooQ%2BjfO%2BRvZ%2BgNfCc0jRGpc3TKrx0lt04AdVm0x3PkayWZyLGZSdJoUmavd%2FK8eP9sepuTCIYdR2bdvO\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82fd6b5a4897569f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66491,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":397,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:09:59.351Z","timestamp":1701623399351,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 03 Dec 2023 17:09:53 GMT\r\ndate: Sun, 03 Dec 2023 17:09:53 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6824,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (7013), with no line terminators","md5":"49475c425d6c00477bb339179326c49b","sha1":"bd97deeb753f44f43a21feafa92d98239fa511bd","sha256":"598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09","sha512":"05f81d5ed74a7ff2f757ea0d6d43c60518dfe9fd3269a57355e82e76f70dac6103ae888e9744d31a0b91afb0174ac6e032ed7d30a109344aa06fc2dd33918d7a","ssdeep":"96:/APRFZ6XBIOCVc+ouNNARWXFZrgZFJ4Vc+on+pNBvTEFZuIQUDFVc+o6GNF:/AP0XBIOY5oRWjgZFJCE+dvTrIQUDR1I","tlshash":"6ce17c81581b6400ea830ee637df7a35bd0f2b2560729232abfd68ae9cc7d22535475d","first_seen":"2023-05-05T09:30:59Z","last_seen":"2024-08-22T11:17:46.945494Z","times_seen":2798,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.purpleads.io/x/a/08e041cf37baceb032f33975af81c443:515764493427986ff132cb534dae00f751155322467fdb1a8074c4beb0be19874853ffc6b82682988c8c218157cc1f95267b0cf2eeb4815a73d115169946f79e5f764d6812a1d2885e8670c71731e8ce4d8f8a81caa0ac271db3c39a12040406/i?id=5fcaac34-a051-48d7-8e05-23c949eafb52","fqdn":"api.purpleads.io","domain":"purpleads.io","tld":"io"},"ip":{"addr":"34.234.32.221","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flvto.biz/nesgn/","date":"2023-12-03T17:10:00.879Z","timestamp":1701623400879,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.purpleads.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 01 Oct 2023 00:00:00 GMT","end":"Mon, 28 Oct 2024 23:59:59 GMT"},"fingerprint":{"sha1":"B0:5E:5A:FD:17:53:FC:15:87:A2:00:EC:D8:9B:FD:48:04:8B:A2:97","sha256":"60:91:68:98:3D:A2:BB:60:32:A2:5A:15:5B:D7:E3:F5:63:63:2D:AC:24:63:D7:3C:53:92:1F:24:23:E9:A9:85"}}},"request":{"raw":"GET /x/a/08e041cf37baceb032f33975af81c443:515764493427986ff132cb534dae00f751155322467fdb1a8074c4beb0be19874853ffc6b82682988c8c218157cc1f95267b0cf2eeb4815a73d115169946f79e5f764d6812a1d2885e8670c71731e8ce4d8f8a81caa0ac271db3c39a12040406/i?id=5fcaac34-a051-48d7-8e05-23c949eafb52 HTTP/1.1\r\nHost: api.purpleads.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flvto.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 03 Dec 2023 17:09:55 GMT\r\naccess-control-allow-origin: api.purpleads.io\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: pa-user-id\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-10T18:28:11.940725Z","times_seen":14967665,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}