{"report_id":"35e28d18-0fa1-4b54-afb8-015615f71739","version":6,"status":"done","tags":[],"date":"2025-10-21T05:40:05Z","url":{"schema":"http","addr":"eztv.unblockit.mov/","fqdn":"eztv.unblockit.mov","domain":"unblockit.mov","tld":"mov"},"ip":{"addr":"172.233.219.49","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"title":"Parking Page"},"submit":{"url":{"schema":"http","addr":"eztv.unblockit.mov/","fqdn":"eztv.unblockit.mov","domain":"unblockit.mov","tld":"mov"},"ip":{"addr":"172.233.219.49","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-25T05:40:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":11,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.451875+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":536},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":675,\"bytes_toclient\":1654,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.684379+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1300,\"bytes_toclient\":3642,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56240,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.899989+0000\",\"flow_id\":168678878245443,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56240,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:42.684611+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56256,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.118878+0000\",\"flow_id\":916159954075042,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56256,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:42.900514+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56268,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.338704+0000\",\"flow_id\":204700769047455,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56268,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.119711+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56278,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.553536+0000\",\"flow_id\":1161926572714963,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56278,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.338899+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56294,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.782609+0000\",\"flow_id\":727320979534569,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56294,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.553705+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56304,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.995754+0000\",\"flow_id\":891435974914483,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56304,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.782771+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56320,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.214730+0000\",\"flow_id\":1609234531693136,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56320,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.995920+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56324,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.429919+0000\",\"flow_id\":1542797830145924,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56324,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:44.214916+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56334,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.644277+0000\",\"flow_id\":934712065429505,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56334,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:44.430081+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"parkiter.parklogic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"parking3.parklogic.com","ip":{"addr":"172.232.7.47","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"domain_registered":"2007-02-28","domain_rank":497061,"first_seen":"2023-05-10T10:50:24Z","last_seen":"2025-10-19T22:40:56.837974Z","alert_count":0,"request_count":2,"received_data":2721,"sent_data":1084,"comment":"","tags":null,"fingerprints":null},{"fqdn":"eztv.unblockit.mov","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-06-05","domain_rank":0,"first_seen":"2025-10-21T05:40:06.270856Z","last_seen":"2025-10-21T05:40:06.270856Z","alert_count":18,"request_count":3,"received_data":5318,"sent_data":1251,"comment":"","tags":null,"fingerprints":null},{"fqdn":"router.parklogic.com","ip":{"addr":"172.234.216.100","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"domain_registered":"2007-02-28","domain_rank":346495,"first_seen":"2025-03-19T10:23:50.028513Z","last_seen":"2025-10-19T22:57:43.595933Z","alert_count":0,"request_count":1,"received_data":210,"sent_data":504,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cm.mgid.com","ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-12-30","domain_rank":16282,"first_seen":"2016-01-25T16:51:08Z","last_seen":"2025-10-14T21:14:17.74279Z","alert_count":0,"request_count":1,"received_data":472,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"parkiter.parklogic.com","ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"domain_registered":"2007-02-28","domain_rank":3764553,"first_seen":"2025-06-11T02:47:15.69285Z","last_seen":"2025-10-17T07:07:21.245964Z","alert_count":3,"request_count":3,"received_data":12560,"sent_data":1520,"comment":"","tags":null,"fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"MGID","description":"MGID is a programmatic advertising platform frequently used by misinformation websites.","website":"https://www.mgid.com","common_platform_enumeration":"","icon":"MGID.png","categories":["Advertising"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"s-img.mgid.com","ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-12-30","domain_rank":54165,"first_seen":"2018-11-16T20:19:28Z","last_seen":"2025-10-20T10:12:56.03522Z","alert_count":0,"request_count":15,"received_data":242490,"sent_data":11489,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"push-sdk.com","ip":{"addr":"178.63.248.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2022-10-25","domain_rank":36212,"first_seen":"2022-12-23T14:43:48Z","last_seen":"2025-10-20T17:38:39.098234Z","alert_count":0,"request_count":2,"received_data":55838,"sent_data":906,"comment":"","tags":null,"fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}]},{"fqdn":"c.mgid.com","ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-12-30","domain_rank":40830,"first_seen":"2017-01-30T05:04:01Z","last_seen":"2025-10-20T05:37:13.473254Z","alert_count":0,"request_count":4,"received_data":1809,"sent_data":4645,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"servicer.mgid.com","ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-12-30","domain_rank":50695,"first_seen":"2016-11-28T18:20:31Z","last_seen":"2025-10-20T22:42:08.889382Z","alert_count":0,"request_count":2,"received_data":23053,"sent_data":2578,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"jsc.mgid.com","ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-12-30","domain_rank":51187,"first_seen":"2012-09-30T18:50:35Z","last_seen":"2025-10-20T22:42:09.196072Z","alert_count":0,"request_count":1,"received_data":426528,"sent_data":423,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.mgid.com","ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-12-30","domain_rank":64450,"first_seen":"2015-07-16T13:23:35Z","last_seen":"2025-10-15T01:30:54.621062Z","alert_count":0,"request_count":2,"received_data":4916,"sent_data":907,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-10-19T22:16:58.186948Z","alert_count":0,"request_count":1,"received_data":90137,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.451875+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":536},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":675,\"bytes_toclient\":1654,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.684379+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1300,\"bytes_toclient\":3642,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56240,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.899989+0000\",\"flow_id\":168678878245443,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56240,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:42.684611+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56256,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.118878+0000\",\"flow_id\":916159954075042,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56256,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:42.900514+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56268,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.338704+0000\",\"flow_id\":204700769047455,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56268,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.119711+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56278,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.553536+0000\",\"flow_id\":1161926572714963,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56278,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.338899+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56294,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.782609+0000\",\"flow_id\":727320979534569,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56294,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.553705+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56304,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.995754+0000\",\"flow_id\":891435974914483,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56304,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.782771+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56320,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.214730+0000\",\"flow_id\":1609234531693136,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56320,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.995920+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56324,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.429919+0000\",\"flow_id\":1542797830145924,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56324,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:44.214916+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56334,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.644277+0000\",\"flow_id\":934712065429505,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56334,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:44.430081+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bea11a28f92ccb6ff4efc37bb7fce95e","sha1":"16455e28eac3a531a4a56e7b767ce9afedcf24a1","sha256":"fcc906aa1129b5bfbc5be55f37078fd06a5d0d43c290ffee3277dc42e1c7d1a5","sha512":"a6818ad6076736034ad3f21f44e9fa3a6c7f18316b6bf995b255f99dd644681067539a26ebedf070f0f366e34612b0610e74ba1e04dec89494b678c7ad020e12","ssdeep":"","tlshash":"fe11681e2633b23411b732c9671ba11c35319057b280c0897b8c53068f75e6ec9eb68d","size":891,"data":"","first_seen":"2025-10-03T04:48:10.292882Z","last_seen":"2025-11-06T03:04:34.297155Z","times_seen":4009,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T14:41:59.157509Z","times_seen":444871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parking3.parklogic.com/page/enhance.js?pcId=53\u0026domain=unblockit.mov","fqdn":"parking3.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.232.7.47","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"325da6eada1c6e24d1c157d5db802eed","sha1":"2a0dab812701af805bab836d51fd5e7dc9511222","sha256":"16cfbf5d06f0cf663b3b8440585c9e27e85c5768e9f3b6cb19c30bc33e5ba48f","sha512":"3ab1b4bbe088b14cf6016b1970938145ba216c167ddf155b6c8c13deac30d4d85c67e3aa06829ddc0a38e630f5d6355f81bcd390ee5add154477545594a6c7b9","ssdeep":"","tlshash":"0741954e48601a7185b3203db507b2143f3bd696320adb51be6cca506f9ed6b43727de","size":2400,"data":"","first_seen":"2025-10-21T05:40:12.456229Z","last_seen":"2025-11-05T20:58:31.482764Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"push-sdk.com/f/sdk.js?z=1804925","fqdn":"push-sdk.com","domain":"push-sdk.com","tld":"com"},"ip":{"addr":"178.63.248.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4d87b22393ed5eef57d01d86c6a88f6","sha1":"5e1aaee78cd735c23cc423fc863decca30aee219","sha256":"91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee","sha512":"bba6ac4eafefb3415063cea1a572f7b56625300e5e671bedeb71eee84b72c532bd7815491602cc3a7059a2bfc1ace5a35ff6065709b60bbf9891e3849c82767c","ssdeep":"1536:/7LMSZcnLitlCr8WoeisV69SDG3nY+kH+sYK:/7L1Y2NViBYK","tlshash":"a933818877c6713412a7a4ac056f50daeb2b3c34944e890adc53f3a2297576eef23d74","size":54787,"data":"","first_seen":"2025-04-01T19:54:23.10118Z","last_seen":"2026-04-04T06:10:58.823222Z","times_seen":7949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"eztv.unblockit.mov/","fqdn":"eztv.unblockit.mov","domain":"unblockit.mov","tld":"mov"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7e730aba7e36cf9932aec17a9dcdf3b","sha1":"b1c455d4e1e64b49da1c64822f38f0e6d1707638","sha256":"326141a99e399fc2fa8fa38ad4761c92b1ed10fca1dea379611b70196ef1c6e4","sha512":"481c8e771887fe28c48db02edd68f76556a19138f9269ce99937b0411c2eb647bcf5ba9960aeb7b7afe144066a613b53f6514df79f4f279a909e717c7305528e","ssdeep":"96:ItDJYtoAJS8ffKH1NPIX4rDIcQ0ucq4o5nZWD5wS5I7Bma8:IVJYtoA1ffqzr/IcQ0ybWD5Pmoa8","tlshash":"3391e736b7c630299be514ea957f9b28723e9205340b4072dbbdf8e23c20a4f5096fd5","size":4311,"data":"","first_seen":"2025-10-21T05:40:12.512562Z","last_seen":"2025-10-21T05:40:12.512562Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.451875+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":536},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":675,\"bytes_toclient\":1654,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"985fc03237c0627c6917c1318eddb2dd","sha1":"bc7ed05f47cdccd9678eb254287fd852a315b09e","sha256":"25e130b987458c7e6c8f17c8b2a170f1f53800b163b9832711eabd699a3693e9","sha512":"2e081b50154fc3da4dfcbff10fbad2f3c30e7dbb8b6faaf508a4e05fd16c4e5436205d9523341d6344d1271d88547be6a8f10386585236dd40719b0e67e9e4b6","ssdeep":"","tlshash":"0da0125601046224c9d72143092a6454810341a0aa40c4c0318c685119524330011c8d","size":80,"data":"","first_seen":"2023-04-11T21:41:08Z","last_seen":"2026-04-04T13:41:12.739234Z","times_seen":7440,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsc.mgid.com/site/1034216.js","fqdn":"jsc.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcabbd13f6351dee9d21fa629c233db2","sha1":"7de1a2c26f876005cfd8714448cc8b0a6320bc80","sha256":"f9690e9a3b9baf8fe55bfa31c6a36c393ec31bf939c33fca662ce11e42aa388c","sha512":"02f864e62a99797f04b9bf4c1478dd68e3c282a7ebe1d39e18ee341fcfaebe666236b15236120bc3a6e041bd9d99afa8fbc46a3fc1e165e875d4f598cf51e319","ssdeep":"6144:wrGWEvlDZJWfmbVNqXwsi5UkWigviOSkaw49EU2hcrxxWSP28olZNo02RvkGVo0u:dWEvNSfmbVNKwshktRlPTolZu02dk/N","tlshash":"77942a6532e5643342ca415c5c2b7202b331a8d9757a882cbe7cd8eb5e9cd8731b6f78","size":425642,"data":"","first_seen":"2025-10-21T04:40:09.270998Z","last_seen":"2025-10-22T15:19:55.765714Z","times_seen":273,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"96027b26a8f3d53c8347f782059b8e2e","sha1":"89594530c508137391869ac5aa5dcdfb46f93ad4","sha256":"b0115dba38080ff0b4a157de91f0986496bc6ffd20e40f73fbb9694dd144ef05","sha512":"d889acbb4e9ba3a3c7417570928b48b663435d0fa667d803f0a801f534caad1e1c5eb190b7846db9c8332fec41b446b528227880ba221bd1f263aa775d3b2491","ssdeep":"","tlshash":"6da0245d0013d0d4543000340f77105cc0c3105510d4003003117f30743d7075403d0d","size":71,"data":"","first_seen":"2024-05-13T05:25:53Z","last_seen":"2026-04-04T06:32:02.909526Z","times_seen":5597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"99db3d687e7a58035ce33f6f5ed3bbef","sha1":"f54e857912dc4033611d956e0a45300927b1f4f2","sha256":"ce45d048167d2de9a633e7696f5ad90586dc60db0abc3f8037b42f0f95ef5e6d","sha512":"eb369ca6ead8d341b37e259fcfdda1cab47b6f69dd96ecb76efb732cf9a5383a945fb0e19eb18a2871777c6dfe658bade598799db5d5923b0b09ce1a8a52c053","ssdeep":"","tlshash":"55e0866d6d02d83ca079ee017f5bb78b7c3b674541038a108549496076711c7e4c6bc5","size":327,"data":"","first_seen":"2025-04-07T21:11:27.900628Z","last_seen":"2026-04-04T06:32:02.954933Z","times_seen":4384,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"servicer.mgid.com/1808445/10?cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190701870350204\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1653\u0026w=950\u0026h=2165\u0026tl=150\u0026tlp=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15\u0026sz=304x296;304x301;471x371;308x298\u0026szp=1,2,5,6;3,4;7,8,9,10,14,15;11,12,13\u0026szl=1,2,3;4,5,6;7,8;9,10;11,12,13;14,15\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812","fqdn":"servicer.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"034a763869d7909b7a18ec25bf57af97","sha1":"7caa2f4f5d7dff159af55e12142e01fe95d2c30a","sha256":"97493d89a2adc44c544a33c1083f1ce57b7486c11af940494b282d889e5875a6","sha512":"47d468308a169698f8357752fbba054fbd60314528dc9963c46ef6bc725e8c43d87c71042df31042d5d68e4ef5926573cd54460ac3dc5bea321b0ca919ede76e","ssdeep":"384:C9yjZtBErWXct9amLcwcGPz8oevYRNNd5khQkSeo/k53530Lt3JRVl32S+xSB7Wg:C9wDBtrm5j78o1RN9/Veo63kJjv2oBSg","tlshash":"7da2d73f432c89a38d6f0a9918677409d0fd2a3f9bed28d5d4a11d5e06ef3062778d28","size":22051,"data":"","first_seen":"2025-10-21T05:40:12.217234Z","last_seen":"2025-10-21T05:40:12.217234Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3e3efd79b3e264f6556c167694441bf5","sha1":"392ce3b94f4dab72da564d9d5b2b5135b96efb71","sha256":"e0da5f87688722f45908af6796b39c9c8d5694074fd063ab6bfaa28afb17c553","sha512":"8334d12bdc920d1d21d0c7e64f72c2128b89a9cbfc7c6659da293c31ff1ccc9539b5ce4cb4e9d58d786a1fe1042554bb33e1780cc9c6f2cf4aef5b81efd8aa6a","ssdeep":"","tlshash":"7331863e951261349f97d531bd16ef4eff3a220066014470d48fcb2d29560a6c8e3bc9","size":1628,"data":"","first_seen":"2024-08-30T05:04:13Z","last_seen":"2026-04-04T06:40:06.491488Z","times_seen":5886,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"s-img.mgid.com/g/15584672/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvMTAxOTI0L2FlNWM2NWMxOTlkNTQyODgwNzA1NjhhYWNiZjNlYzZlLmpwZw.webp?v=1761025190-ykQA_K04kfEbUJRnEnsnnRAPV6SanRRGKcvnVKy6FvE","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/15584672/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvMTAxOTI0L2FlNWM2NWMxOTlkNTQyODgwNzA1NjhhYWNiZjNlYzZlLmpwZw.webp?v=1761025190-ykQA_K04kfEbUJRnEnsnnRAPV6SanRRGKcvnVKy6FvE HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6372\r\ncf-ray: 991e6ab2fc600daa-OSL\r\nx-mg-request-uuid: 1f2f536a-9f0c-4402-bee0-63497c9791b2\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 09:11:40 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2131754\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6372,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"311d9d116dda8a0a12d33dc116fc70a1","sha1":"bb5e041d99630c24bd1a3e8e560b8589f5ebc70b","sha256":"5236fc4ab6a0a1e1c7e0593dfa96ded18d0804e501635eb3dc18007e32252fcf","sha512":"1569efaaa2f84be71fad1649f6efd20bd1f26a9d27bb5172a4c00f26d466a5d84889465fb1739f727be002f78788ec8eef0e93fd4c67a3ee3d0c4f3eb74cd038","ssdeep":"192:sceByvCnL1h5GuyQlSofWZoj/zabYqvG9QQEYp:5eByvU1ntDfWmj/WLu9QQtp","tlshash":"dad1c0205be5d97f268e21b03fe40a093a2cd160f8511c45005a91f7f476b6ff89a03c","first_seen":"2024-08-29T17:53:21.170347Z","last_seen":"2026-01-29T13:09:22.423405Z","times_seen":69,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"push-sdk.com/event?z=1804925","fqdn":"push-sdk.com","domain":"push-sdk.com","tld":"com"},"ip":{"addr":"178.63.248.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"push-sdk.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 11:06:22 GMT","end":"Tue, 25 Nov 2025 11:06:21 GMT"},"fingerprint":{"sha1":"BD:DD:75:88:5F:0F:2F:A6:EA:FF:1B:29:49:86:BB:EC:C1:90:4A:79","sha256":"89:8C:73:02:C1:8B:65:46:0D:EE:E7:41:24:34:AE:25:5A:28:56:20:4F:E2:7C:EB:1C:D8:91:6C:BC:2A:16:12"}}},"request":{"raw":"POST /event?z=1804925 HTTP/1.1\r\nHost: push-sdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 94\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Angie\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: https://parkiter.parklogic.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\ncache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 00:00:00 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.mgid.com/pv/?pv_types=pv\u0026ns=1\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025189626458563161\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747893\u0026site=1034216\u0026cid=1808445\u0026i=1\u0026nullid=0\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812","fqdn":"c.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /pv/?pv_types=pv\u0026ns=1\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025189626458563161\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747893\u0026site=1034216\u0026cid=1808445\u0026i=1\u0026nullid=0\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812 HTTP/1.1\r\nHost: c.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 991e6aab3e2d56b9-OSL\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"57f187c7a868faeac558007a8eb6cb2e","sha1":"11ab10ab109fdb53d91d444ac781101f5a6360c6","sha256":"aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22","sha512":"3844065e1dd778a05e8cc39901fbf3191ded380d594359df137901ec56ca52e03d57eb60acc2421a0ee74f0733bbb5d781b7744685c26fb013a236f49b02fed3","ssdeep":"","tlshash":"5f900407c1500051c151c4310444cf1017407570010d030d50dc1055dc1715d0d01100","first_seen":"2023-04-07T09:22:11Z","last_seen":"2026-04-04T14:48:01.918977Z","times_seen":56027,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/12068025/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvMTAxOTI0LzdiNGNkMmQ2NzMxOWU3MzZkMDNiMGNjNmUyODJjYzAyLmpwZw.webp?v=1761025190-riNVa6U5uNakQjLN-dhxctGGELEm4-l0ge_1BZd8hpE","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/12068025/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvMTAxOTI0LzdiNGNkMmQ2NzMxOWU3MzZkMDNiMGNjNmUyODJjYzAyLmpwZw.webp?v=1761025190-riNVa6U5uNakQjLN-dhxctGGELEm4-l0ge_1BZd8hpE HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10954\r\ncf-ray: 991e6ab30c830daa-OSL\r\nx-mg-request-uuid: 5da8ea29-6390-45b5-9573-a9253cfc4520\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 07:30:28 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2124938\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10954,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c65145a09aaef3312725fe83675b81af","sha1":"9fd62278b3a5a4bccda97437845abc10c8df2ed7","sha256":"ae9691b238a7ed1532bc036f6a06f3030edc29995e973627dec313ed639e2aaf","sha512":"341513b32bd01db8374b735f3a2a8b1b4226e1dd8c2f262211c72a0b9c9690c069e8b1ab9240a045fdc8e11e89d3b42ad92e0fecbc940488e7bc4515a763f4f5","ssdeep":"192:xTGnphvNdxfg02NAQEh3RRDw3J+dpMYR6MA0XCd0xpYjcqiOoxpV:xT0hvNLINAvk3xYMMAzdhwqiOot","tlshash":"9d32ae0c426071e73d99d8c5ef09568077d89b2725e27fc62f001d95a8c359f6b2e8a1","first_seen":"2025-01-10T20:57:49.206064Z","last_seen":"2025-11-10T04:54:51.396753Z","times_seen":63,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":79,"dns":19,"connect":1,"send":0,"wait":14,"receive":1,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.mgid.com/wr?cid=1808445\u0026h2=McWJCZZsM7jqXO6rYqITMRosjIvxjQ-oynnYn6aW6okCxQVIyhFlf97PBeF6OmlMniddNs2le_7EEMQUuO6n0g**\u0026cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190791955996004\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1742\u0026w=950\u0026h=2165\u0026tl=150\u0026tlp=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15\u0026sz=304x296;304x301;471x371;308x298\u0026szp=1,2,5,6;3,4;7,8,9,10,14,15;11,12,13\u0026szl=1,2,3;4,5,6;7,8;9,10;11,12,13;14,15\u0026advsrcid=165234\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812","fqdn":"c.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /wr?cid=1808445\u0026h2=McWJCZZsM7jqXO6rYqITMRosjIvxjQ-oynnYn6aW6okCxQVIyhFlf97PBeF6OmlMniddNs2le_7EEMQUuO6n0g**\u0026cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190791955996004\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1742\u0026w=950\u0026h=2165\u0026tl=150\u0026tlp=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15\u0026sz=304x296;304x301;471x371;308x298\u0026szp=1,2,5,6;3,4;7,8,9,10,14,15;11,12,13\u0026szl=1,2,3;4,5,6;7,8;9,10;11,12,13;14,15\u0026advsrcid=165234\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812 HTTP/1.1\r\nHost: c.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 991e6ab2bbd256b9-OSL\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"57f187c7a868faeac558007a8eb6cb2e","sha1":"11ab10ab109fdb53d91d444ac781101f5a6360c6","sha256":"aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22","sha512":"3844065e1dd778a05e8cc39901fbf3191ded380d594359df137901ec56ca52e03d57eb60acc2421a0ee74f0733bbb5d781b7744685c26fb013a236f49b02fed3","ssdeep":"","tlshash":"5f900407c1500051c151c4310444cf1017407570010d030d50dc1055dc1715d0d01100","first_seen":"2023-04-07T09:22:11Z","last_seen":"2026-04-04T14:48:01.918977Z","times_seen":56027,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eztv.unblockit.mov/","fqdn":"eztv.unblockit.mov","domain":"unblockit.mov","tld":"mov"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-21T05:39:41.701Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: eztv.unblockit.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":299,"dns":0,"connect":106,"send":0,"wait":0,"receive":0,"ssl":116},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.451875+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":536},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":675,\"bytes_toclient\":1654,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"c.mgid.com/pv/?pv_types=ppv\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190768144288907\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747893\u0026site=1034216\u0026cid=1808445\u0026i=1\u0026nullid=0\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812","fqdn":"c.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /pv/?pv_types=ppv\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190768144288907\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747893\u0026site=1034216\u0026cid=1808445\u0026i=1\u0026nullid=0\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812 HTTP/1.1\r\nHost: c.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 991e6ab25b8c56b9-OSL\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"57f187c7a868faeac558007a8eb6cb2e","sha1":"11ab10ab109fdb53d91d444ac781101f5a6360c6","sha256":"aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22","sha512":"3844065e1dd778a05e8cc39901fbf3191ded380d594359df137901ec56ca52e03d57eb60acc2421a0ee74f0733bbb5d781b7744685c26fb013a236f49b02fed3","ssdeep":"","tlshash":"5f900407c1500051c151c4310444cf1017407570010d030d50dc1055dc1715d0d01100","first_seen":"2023-04-07T09:22:11Z","last_seen":"2026-04-04T14:48:01.918977Z","times_seen":56027,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/14649886/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvMTAxOTI0LzRiMzg4MWVhNDEyMGU2MmI0NjBlM2E1YTk2ZWVlYmQ3LmpwZw.webp?v=1761025190-5bdNt97bzna_uwSfu1nYGqWMkj5glJZ3UPBfbu9npzc","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/14649886/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvMTAxOTI0LzRiMzg4MWVhNDEyMGU2MmI0NjBlM2E1YTk2ZWVlYmQ3LmpwZw.webp?v=1761025190-5bdNt97bzna_uwSfu1nYGqWMkj5glJZ3UPBfbu9npzc HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8528\r\ncf-ray: 991e6ab30c760daa-OSL\r\nx-mg-request-uuid: f88d8ac0-070b-475e-8aef-662b99117b0a\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 09:04:54 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2129160\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8528,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d9b21dec1c26cda25ec0736346f411e","sha1":"db93b046fb6e66906b486e5481adc20c0d462c40","sha256":"f4542060e865822a97e93d529e66db23b57bd9f04048f929ffc8f8f494fbf17a","sha512":"3a4656050336ad88394b7bba19c9f7c4fb944dabd69aa2ad44cb5ec19c3812cd889d25ad4080834d400d55683be6dba79a67312bdeb06aa00df4405bd59b7cdc","ssdeep":"192:pIz/t9RiwRDKKJS2qAJnxNElPIbVx87xmAysgwEmsi2:pILtCIDXSoxNfxsqsgwEmsi2","tlshash":"f002afb752fc3e3342a569a67f80207b7208baaccd0db7c4668136450c4e197dca6b8c","first_seen":"2024-09-28T07:44:13.427396Z","last_seen":"2025-11-10T06:43:22.561638Z","times_seen":45,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":74,"dns":17,"connect":1,"send":0,"wait":20,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/15584626/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvMTAxOTI0L2U5YTA2NzQyZmVhZjc0YTQwZGVmZjlhYzc1NWZhMWU3LmpwZWc.webp?v=1761025190-nJfTlCbLKGYm_WF2TqjLW6KNFtA1pmI0brdPikBSmfs","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/15584626/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvMTAxOTI0L2U5YTA2NzQyZmVhZjc0YTQwZGVmZjlhYzc1NWZhMWU3LmpwZWc.webp?v=1761025190-nJfTlCbLKGYm_WF2TqjLW6KNFtA1pmI0brdPikBSmfs HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 54682\r\ncf-ray: 991e6ab2fc570daa-OSL\r\nx-mg-request-uuid: bc75f62f-5173-4588-afdd-03b808e0f717\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 07:31:26 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2123603\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54682,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1787074a6ebb514377f9b12e7c3744e2","sha1":"acf14149f687f1a3f692e52291f9e0b98d3bdb36","sha256":"29cd99ab133c2a4ec9ac017d4716c5acc287aa2762970753bd9ee1a71e120e6a","sha512":"d3564d7472f38dd94dbd903acc70efcd183d7f971097df1d62d14dd5a447b6cf9193645ec2e4b04963491746471014f40bb26201068bd696802fe01b2cec5e09","ssdeep":"1536:T4rbXSdX8V4cZxJrdeV0d7p8gt5fstZ53h:T6GpW40prsn9h","tlshash":"02330225a6ac8de0935b610ced43eba24f75befb83bf866d07d7612843844d2585d03e","first_seen":"2024-08-19T16:24:16.147882Z","last_seen":"2025-11-10T04:15:09.067142Z","times_seen":52,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/12068045/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvMTAxOTI0LzYwZTBlNDJiMDI3YmEzOTU1Yjg5NDQxNWNkNjNiMjFlLmpwZWc.webp?v=1761025190-oDzapHOKMfTWYio1tQs6oVBI_9V1GAx-AWV5ooOa58M","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/12068045/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvMTAxOTI0LzYwZTBlNDJiMDI3YmEzOTU1Yjg5NDQxNWNkNjNiMjFlLmpwZWc.webp?v=1761025190-oDzapHOKMfTWYio1tQs6oVBI_9V1GAx-AWV5ooOa58M HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6474\r\ncf-ray: 991e6ab2fc590daa-OSL\r\nx-mg-request-uuid: ab64c131-0af8-4b95-8e53-78ea76a644be\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 13:15:21 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2131729\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6474,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0e86f000fc881a3e305823932f9f3239","sha1":"81d8c86969e251ca9d532ac8fa25c61323c3e16e","sha256":"f1c92f8e07eeb377abae9a0926f93d5475f9b928f4f3b84bec0467a3acbec6df","sha512":"4ce7219d1f67e8e5c821e6423b5de301d0947796d7a1e4449280fa8543b2257799717593a1a1400a0af61b0bcdfe465e7dc43267776ce8f9a052cfa117100a7b","ssdeep":"96:xhdov+ewmDqMXPc9QSJFFYvo5urxeL9m902Kgxt0bokvipTkHAxrFeAdXH/S:DddmDzXPhPeLU9ikkvi5gAxpXq","tlshash":"7cd19e966312ca79d3922f321e6aeb5f7433326641023e3e1db1f2566dc991358f14b2","first_seen":"2025-08-21T21:12:54.459861Z","last_seen":"2025-11-09T15:25:44.587393Z","times_seen":52,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/24239322/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI1LTA1LzEwMTkyNC81MjBmMzdjNWU4ODVlZTZhNzQxNjExZGVhZGJmY2M1NC5qcGc.webp?v=1761025190-qe7_TH6mfMT94-2nSy2ZqXfbJGwP9Np7ovQFAi4xKsI","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/24239322/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI1LTA1LzEwMTkyNC81MjBmMzdjNWU4ODVlZTZhNzQxNjExZGVhZGJmY2M1NC5qcGc.webp?v=1761025190-qe7_TH6mfMT94-2nSy2ZqXfbJGwP9Np7ovQFAi4xKsI HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14892\r\ncf-ray: 991e6ab2fc5b0daa-OSL\r\nx-mg-request-uuid: 19b4a53f-1b73-44a5-baed-04b90d57eba7\r\naccess-control-allow-origin: *\r\nlast-modified: Fri, 25 Jul 2025 08:27:59 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2132372\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14892,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a9243e44ac5621b22a4ffffab52a878","sha1":"dee55c7c199b04bc79af72ebbcd342ea1f17bf88","sha256":"b880e202287c6fd9b9124ad7fff26f55dc3e7a6c846d7dfbc25e49eb307dac8f","sha512":"27aeb063496730651a0fd32a221a64352fbed32ffd1e284c01c259c46bc7dc13029a28116e806b81d8ed6ecdd7435019503b23aea5fd6b8b9b2ffec677c99d05","ssdeep":"384:oGN+8SD4WMbA9piTQlhKGcgHD1RWM4xK1ANTAhTbGRY:WD5MbAOklHcaDgPNTAhj","tlshash":"3862d10fa3ef24fb6736261b94840751fbecbbe6f48307e850b5a558441b50db419874","first_seen":"2025-07-26T22:38:31.442034Z","last_seen":"2026-03-20T07:46:33.409056Z","times_seen":74,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"servicer.mgid.com/1808445/10?cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190701870350204\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1653\u0026w=950\u0026h=2165\u0026tl=150\u0026tlp=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15\u0026sz=304x296;304x301;471x371;308x298\u0026szp=1,2,5,6;3,4;7,8,9,10,14,15;11,12,13\u0026szl=1,2,3;4,5,6;7,8;9,10;11,12,13;14,15\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812","fqdn":"servicer.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /1808445/10?cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190701870350204\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1653\u0026w=950\u0026h=2165\u0026tl=150\u0026tlp=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15\u0026sz=304x296;304x301;471x371;308x298\u0026szp=1,2,5,6;3,4;7,8,9,10,14,15;11,12,13\u0026szl=1,2,3;4,5,6;7,8;9,10;11,12,13;14,15\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812 HTTP/1.1\r\nHost: servicer.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: application/x-javascript; charset=utf-8\r\ncf-ray: 991e6ab1fb5256b9-OSL\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22051,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (1484)","md5":"034a763869d7909b7a18ec25bf57af97","sha1":"7caa2f4f5d7dff159af55e12142e01fe95d2c30a","sha256":"97493d89a2adc44c544a33c1083f1ce57b7486c11af940494b282d889e5875a6","sha512":"47d468308a169698f8357752fbba054fbd60314528dc9963c46ef6bc725e8c43d87c71042df31042d5d68e4ef5926573cd54460ac3dc5bea321b0ca919ede76e","ssdeep":"384:C9yjZtBErWXct9amLcwcGPz8oevYRNNd5khQkSeo/k53530Lt3JRVl32S+xSB7Wg:C9wDBtrm5j78o1RN9/Veo63kJjv2oBSg","tlshash":"7da2d73f432c89a38d6f0a9918677409d0fd2a3f9bed28d5d4a11d5e06ef3062778d28","first_seen":"2025-10-21T05:40:12.217234Z","last_seen":"2025-10-21T05:40:12.217234Z","times_seen":1,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/20805208/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDkvMTAxOTI0L2YxN2VlMDBmNDJlM2Q5YTViMmRhMTllNDQ1YzcyOTJmLmpwZw.webp?v=1761025190-5DEYQEpknwPvZ01bQRcTyt5Bx8G2hysiP57bjtmLOMw","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/20805208/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDkvMTAxOTI0L2YxN2VlMDBmNDJlM2Q5YTViMmRhMTllNDQ1YzcyOTJmLmpwZw.webp?v=1761025190-5DEYQEpknwPvZ01bQRcTyt5Bx8G2hysiP57bjtmLOMw HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17462\r\ncf-ray: 991e6ab32ca90daa-OSL\r\nx-mg-request-uuid: ff699f63-61e4-4375-899d-adf57c91121c\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 07:30:05 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2003016\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17462,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"72b4ac2238e749e53cb00af1cc0468d1","sha1":"3bbef7c9397f10302e8f1e64506e98910a6d5267","sha256":"e37ad699507e98bd508019fcaaa3f52f7cab024fd438d3936caca50041e0e8bd","sha512":"9f015d332945c08d45def8b7db956ffdb27d924f9e308c0cbee624becc7a92430b91bd5a0857e3dd48951f8218074ccbaba66698fc770bc3a7fcba8bdcb39685","ssdeep":"384:9IhVkzgsl0qz0ebQO8FGB9CKOgB+R8YV/UV/LEciHEgs:9IhVyF0qDsO8FGixgB+R8jdEcIEZ","tlshash":"9a72d16c1cec358a5492482ff33af15831987f664329905ef51292ea1917fe6e83f435","first_seen":"2025-05-10T21:28:09.085476Z","last_seen":"2026-02-27T10:40:41.895942Z","times_seen":49,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":87,"dns":12,"connect":13,"send":0,"wait":9,"receive":1,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/13268984/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzVjYzc5ZGE5NGYyMzA2YTFjNWNjNzdhMmVkYTM3ZTVjLmpwZWc.webp?v=1761025190-APU5U-ccxybR0ucfzyKld4Ji_AZnn5xidpCQL_bjVSI","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/13268984/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzVjYzc5ZGE5NGYyMzA2YTFjNWNjNzdhMmVkYTM3ZTVjLmpwZWc.webp?v=1761025190-APU5U-ccxybR0ucfzyKld4Ji_AZnn5xidpCQL_bjVSI HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14088\r\ncf-ray: 991e6ab2fc700daa-OSL\r\nx-mg-request-uuid: 0d79226e-41ea-4521-a1f5-0f9027bece29\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 07:29:35 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2132392\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14088,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"94c6e94e35cd8dcf8d8b199306f31ce0","sha1":"2470a20120a11cc322e7c015717ed665a5497beb","sha256":"4ac0c06593455fca2352500376142266aaa51580dd69de9f23787a6b7eb887f4","sha512":"971de3cdd1f597f79743b4d26371294e33b4704463b8b3eadca36886b3e62b46ca0dae9d3c7afaa810784b2ccc5a7b84ce2f05a698dd95ed8cb6493c08278721","ssdeep":"384:Ej/MJKBpE7D+PDekCU/YhRtA8KDUWAwOmGXNXwC:EjJjE7D+7IUwhRS8hW5tGXNXt","tlshash":"b252e0969f5166f558330efb33264eba430d86e191bb95738e2683520c7009f03161bf","first_seen":"2025-07-25T09:39:09.153487Z","last_seen":"2025-11-10T00:10:26.775164Z","times_seen":55,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"eztv.unblockit.mov/","fqdn":"eztv.unblockit.mov","domain":"unblockit.mov","tld":"mov"},"ip":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-21T05:39:42.232Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: eztv.unblockit.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 21 Oct 2025 05:39:42 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-CH: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64\r\nPermissions-Policy: ch-ua=(self \"https://*.parklogic.com\"), ch-ua-arch=(self \"https://*.parklogic.com\"), ch-ua-bitness=(self \"https://*.parklogic.com\"), ch-ua-full-version=(self \"https://*.parklogic.com\"), ch-ua-full-version-list=(self \"https://*.parklogic.com\"), ch-ua-mobile=(self \"https://*.parklogic.com\"), ch-ua-model=(self \"https://*.parklogic.com\"), ch-ua-platform=(self \"https://*.parklogic.com\"), ch-ua-platform-version=(self \"https://*.parklogic.com\"), ch-ua-wow64=(self \"https://*.parklogic.com\")\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4406,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4406), with no line terminators","md5":"2943558e3e8b27adebf2d71981a06521","sha1":"0af67975de45da40f0965cddade4e822e8129173","sha256":"23e7f4b38cc3302d06024f6014dc810b1d3a9a02b7fe4499674aa18fb8e54db4","sha512":"6ea0cc42e84936d0122513c4c52b520f1923e849fc8f1b79c5f3bf5e6f034aeacac8cd6a126c42fc6aa9263bd3327b126d9fa9d5902192dfefa94a5eb5e29333","ssdeep":"96:nItDJYtoAJS8ffKH1NPIX4rDIcQ0ucq4o5nZWD5wS5I7BmaL:IVJYtoA1ffqzr/IcQ0ybWD5PmoaL","tlshash":"49910976b7c6302d9be514ea957f9b28763e9201300b4072dbadf8d23c20a4f5096fd5","first_seen":"2025-10-21T05:40:12.277806Z","last_seen":"2025-10-21T05:40:12.277806Z","times_seen":1,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":106,"dns":1,"connect":106,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.451875+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":536},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":675,\"bytes_toclient\":1654,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"router.parklogic.com/","fqdn":"router.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.234.216.100","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://eztv.unblockit.mov/","date":"2025-10-21T05:39:42.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"router-lb01.parklogic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 Aug 2025 08:20:02 GMT","end":"Wed, 26 Nov 2025 08:20:01 GMT"},"fingerprint":{"sha1":"3E:D5:12:73:BC:89:8A:A8:7C:34:59:63:38:1A:67:BE:5C:77:E8:0B","sha256":"74:75:91:EB:04:F9:6E:7F:12:E9:1B:A6:AE:E7:11:EB:E5:20:4C:AB:A1:48:E6:11:17:53:B8:AF:54:2D:AA:83"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: router.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 435\r\nOrigin: http://eztv.unblockit.mov\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://eztv.unblockit.mov/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:48 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"e3e6c89aa25fad5e3fc199200a14ad08","sha1":"a35b5d68777b4127245230b778d3a569293830ce","sha256":"d2df3ac6fdc30873125ba8ff86a93da8e7478364aea365f4d849cc99d6e9a087","sha512":"8a554df29986714569b75ff5561f28fb48343665633374401d549ce1ccb3771f635eec827ba59acdc3072516fbb86b0667839dbcd00941f6cc837cc3c511915e","ssdeep":"","tlshash":"10a02232002888832a000ac830302fa820f003080a8282e2c28c8ec000a0ca20030f22","first_seen":"2025-10-21T05:40:12.295976Z","last_seen":"2025-10-27T03:13:27.467435Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5980,"timings":{"blocked":225,"dns":1,"connect":106,"send":0,"wait":5529,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsc.mgid.com/site/1034216.js","fqdn":"jsc.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /site/1034216.js HTTP/1.1\r\nHost: jsc.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 125387\r\ncf-ray: 991e6aa88dcb0b4d-OSL\r\nx-amz-id-2: XquBxdWjQElAJRbzKZQzDoHVPoAacxVUWswp5xJcwrd4fT8pwDXObzZFGWbs0splBzsWdU8sQXsgWnt4dkk4YA==\r\nx-amz-request-id: ME50MPHF1DNVK49E\r\nlast-modified: Mon, 06 Oct 2025 10:51:34 GMT\r\netag: \"758ea137381f0276b30d39d0e57e60b5\"\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: KnE35Je7QNoIfbagCaZankH7_aSsGq1D\r\ncf-cache-status: HIT\r\nage: 3606\r\nexpires: Tue, 21 Oct 2025 08:39:49 GMT\r\ncache-control: public, max-age=10800\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-cntry\r\nx-cntry: NO\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":425642,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (35639)","md5":"bcabbd13f6351dee9d21fa629c233db2","sha1":"7de1a2c26f876005cfd8714448cc8b0a6320bc80","sha256":"f9690e9a3b9baf8fe55bfa31c6a36c393ec31bf939c33fca662ce11e42aa388c","sha512":"02f864e62a99797f04b9bf4c1478dd68e3c282a7ebe1d39e18ee341fcfaebe666236b15236120bc3a6e041bd9d99afa8fbc46a3fc1e165e875d4f598cf51e319","ssdeep":"6144:wrGWEvlDZJWfmbVNqXwsi5UkWigviOSkaw49EU2hcrxxWSP28olZNo02RvkGVo0u:dWEvNSfmbVNKwshktRlPTolZu02dk/N","tlshash":"77942a6532e5643342ca415c5c2b7202b331a8d9757a882cbe7cd8eb5e9cd8731b6f78","first_seen":"2025-10-21T04:40:09.270998Z","last_seen":"2025-10-22T15:19:55.765714Z","times_seen":273,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":31,"dns":19,"connect":1,"send":0,"wait":12,"receive":7,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.mgid.com/images/mgid/mgid_ua.svg","fqdn":"cdn.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /images/mgid/mgid_ua.svg HTTP/1.1\r\nHost: cdn.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: br\r\nx-amz-id-2: MOk8JprxYEf86XFfW6gaMV7PDAFH+nfN1y18kUUPHeKJTBLb4OqcZfd8Z+sAuLP+dCRy+MR6JS0=\r\nx-amz-request-id: B99PEW4Y8WBE0EX0\r\nlast-modified: Tue, 08 Mar 2022 17:05:01 GMT\r\netag: W/\"617c205137825561208ef7c1a2d8f319\"\r\nx-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root\r\nx-amz-version-id: null\r\ncf-cache-status: HIT\r\nage: 702\r\nexpires: Wed, 22 Oct 2025 05:39:50 GMT\r\ncache-control: public, max-age=86400\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 991e6ab1cb2956b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2302,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"617c205137825561208ef7c1a2d8f319","sha1":"e7604cbfe99a485c9cdf01da77f47d80cbd470ed","sha256":"70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155","sha512":"bd9c5af3c4ca00c3daf9c31e446f2855a45af35d41cc8299fb1466d8204e84d3b5dadc4039cdca344232b5ec45f2c8b79b39dbf89b4ab351ab091b77578a365b","ssdeep":"","tlshash":"034130e0755c86e8fc0dfb7dc62b286420b634fd31a70a4593e07aa561940be858fcd7","first_seen":"2023-06-17T23:06:13Z","last_seen":"2026-04-04T06:40:06.420298Z","times_seen":3708,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/13780614/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMTAxOTI0LzBiMDg1ODg5OTQ4NzBhOWI3N2VjM2RmMDgzM2EwZTI5LmpwZw.webp?v=1761025190-fDr-wpqjqL1Q3bCaxyCnhBj0AysQUyCFNXPOSCOIJpA","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/13780614/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMTAxOTI0LzBiMDg1ODg5OTQ4NzBhOWI3N2VjM2RmMDgzM2EwZTI5LmpwZw.webp?v=1761025190-fDr-wpqjqL1Q3bCaxyCnhBj0AysQUyCFNXPOSCOIJpA HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11744\r\ncf-ray: 991e6ab2ec4b0daa-OSL\r\nx-mg-request-uuid: 8348fc6b-d250-47af-9f83-137726a1b892\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 07:30:46 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2129110\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11744,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e807e0ea32aecad010a7a691bb468b23","sha1":"c0796a400bc81b0a616dd3e5b0fd2894e6f42131","sha256":"dc81a28230feaab3f58fb2b775a7ccfd06f25d58077dca5224d18830393c6f78","sha512":"d0209afe0890792ea279b6d3ae734cd500483c5a538dc094ce59dbda3eeafefbc04bb3d5fb0cf6dc66090418602ef542aa91f7bac8a0d5d3edf42c2ea5f4b723","ssdeep":"192:VgBufYsskvVdVL4l3iZcVDq9H2907wgkIFI/TzpcGzs2TFNU1EbW3Ablo:VgBvavVdVL4NpswghFILzpRzs2TYGWcS","tlshash":"e832cfa5e3db800c68545b9c222152f506213f72ba3f27a005dabe06ef7312632e33d5","first_seen":"2024-06-30T10:53:45Z","last_seen":"2025-11-30T12:59:39.110411Z","times_seen":70,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":64,"dns":16,"connect":1,"send":0,"wait":11,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/3805605/492x277/0x52x766x431/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2E0ZjcxNjYxZjQ4YWM3YTNmYmExMjEyMTM4ODVlZGJkLmpwZw.webp?v=1761025190-7yRNKm3C5wDpEfs2Ywahyevrf4TrT9j7PwllEYPQxtA","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/3805605/492x277/0x52x766x431/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2E0ZjcxNjYxZjQ4YWM3YTNmYmExMjEyMTM4ODVlZGJkLmpwZw.webp?v=1761025190-7yRNKm3C5wDpEfs2Ywahyevrf4TrT9j7PwllEYPQxtA HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11850\r\ncf-ray: 991e6ab2fc550daa-OSL\r\nx-mg-request-uuid: abb25f3f-3fbf-4ad7-a8de-3b9ad4a63891\r\naccess-control-allow-origin: *\r\nlast-modified: Wed, 10 Aug 2022 16:50:45 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2126806\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11850,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c15a456516c9ce497a464c71a2983af4","sha1":"ec4506d64326c7831019e3ae6f9d7712f4b34c10","sha256":"4c052249ad1cf5ef2cdf9a1a4fdea58d4c88687c41217f3a666450b44da037c3","sha512":"34bdae75f690d97f327b3514198824f53f9744cb30423b93a8239c076b435c202bd7dd9ff58cb6af1b2dd5e0f1c9ee5c93a91d03a3197c9f5882f283b98edcff","ssdeep":"192:u7fYRQwOwn99cQ9oiZAVsMfeuDXtLYl3kgr1/+CUQbkZQAR1N06Mmtb:usRFOwn9vSyAVNeOL1gZ+dmkZ9b0Ytb","tlshash":"cf32bee0e8be0c88f8ec1e78207bd10e298b678d56d27b65e16146711c6a4331e7f49e","first_seen":"2024-05-07T01:48:58Z","last_seen":"2026-03-20T07:46:33.391936Z","times_seen":96,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"eztv.unblockit.mov/favicon.ico","fqdn":"eztv.unblockit.mov","domain":"unblockit.mov","tld":"mov"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://eztv.unblockit.mov/","date":"2025-10-21T05:39:42.584Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: eztv.unblockit.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://eztv.unblockit.mov/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":3805,"timings":{"blocked":101,"dns":1746,"connect":1851,"send":1958,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56224,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.684379+0000\",\"flow_id\":1524331618143331,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56224,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1300,\"bytes_toclient\":3642,\"start\":\"2025-10-21T05:39:42.232547+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:42Z","timestamp":1761025182,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56240,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:42.899989+0000\",\"flow_id\":168678878245443,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56240,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:42.684611+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56256,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.118878+0000\",\"flow_id\":916159954075042,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56256,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:42.900514+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56268,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.338704+0000\",\"flow_id\":204700769047455,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56268,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.119711+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56278,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.553536+0000\",\"flow_id\":1161926572714963,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56278,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.338899+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56294,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.782609+0000\",\"flow_id\":727320979534569,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56294,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.553705+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:43Z","timestamp":1761025183,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56304,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:43.995754+0000\",\"flow_id\":891435974914483,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56304,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.782771+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56320,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.214730+0000\",\"flow_id\":1609234531693136,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56320,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:43.995920+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56324,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.429919+0000\",\"flow_id\":1542797830145924,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56324,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:44.214916+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-21T05:39:44Z","timestamp":1761025184,"ip_dst":{"addr":"172.233.219.78","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.17","port":56334,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-10-21T05:39:44.644277+0000\",\"flow_id\":934712065429505,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":56334,\"dest_ip\":\"172.233.219.78\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"eztv.unblockit.mov\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://eztv.unblockit.mov/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":633,\"bytes_toclient\":206,\"start\":\"2025-10-21T05:39:44.430081+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"eztv.unblockit.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\nage: 3014778\r\nx-served-by: cache-lga21931-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 715317\r\nx-timer: S1761025189.256563,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T14:41:59.157509Z","times_seen":444871,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":66,"dns":0,"connect":29,"send":0,"wait":27,"receive":11,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parking3.parklogic.com/page/scribe.php?pcId=53\u0026domain=unblockit.mov\u0026aId=261\u0026pId=2447\u0026usid=null\u0026utid=null\u0026query=null\u0026domainJs=parkiter.parklogic.com\u0026path=/\u0026ss=true\u0026lp=1\u0026tzB=UTC\u0026wd=false\u0026gpu=null","fqdn":"parking3.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.232.7.47","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"enhance-lb01.parklogic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Sep 2025 23:32:37 GMT","end":"Fri, 26 Dec 2025 23:32:36 GMT"},"fingerprint":{"sha1":"E4:B4:52:E3:8A:92:A3:76:06:60:BD:5B:7B:C4:F8:77:5D:4B:AE:6C","sha256":"52:70:EE:88:F9:99:66:53:99:78:C9:63:98:C2:04:D5:41:08:DD:C1:CD:AA:66:0C:3D:DC:AA:5B:B0:DD:2A:74"}}},"request":{"raw":"GET /page/scribe.php?pcId=53\u0026domain=unblockit.mov\u0026aId=261\u0026pId=2447\u0026usid=null\u0026utid=null\u0026query=null\u0026domainJs=parkiter.parklogic.com\u0026path=/\u0026ss=true\u0026lp=1\u0026tzB=UTC\u0026wd=false\u0026gpu=null HTTP/1.1\r\nHost: parking3.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":562,"timings":{"blocked":227,"dns":1,"connect":106,"send":0,"wait":107,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/8164860/492x277/0x0x831x467/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1761025190-95kiXdzwCg3Ou_lEXDpZ4oQi62GTs6L3K94pYvIE7mE","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/8164860/492x277/0x0x831x467/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1761025190-95kiXdzwCg3Ou_lEXDpZ4oQi62GTs6L3K94pYvIE7mE HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7418\r\ncf-ray: 991e6ab2fc5d0daa-OSL\r\nx-mg-request-uuid: e0033793-f664-4806-9cea-3e81639b570d\r\naccess-control-allow-origin: *\r\nlast-modified: Sat, 01 Mar 2025 05:48:09 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2132028\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7418,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ff30b34baf548798f4f9335cd854ef1f","sha1":"6e231a9880ea26e15e5a5d10d22f3e2e98a8325e","sha256":"d2503273502f1beebb8d2061f105bf67fbe3e997230ac2d7f257881509117ef6","sha512":"7083f9256d06c2d0e0e4060efec4180d13d8ea817617299ac778b42eee69ead3d89ba6a8950ae30ed183de961268081380139c76f4c4317de0cc12c92b15c51d","ssdeep":"192:wsHkk9JbW1Imk/oPhLBacJjY53Z2S6e4s8:wXk9I1ImvLgcJ23Z54v","tlshash":"88e1ae2a2533659c281a9db425278eaa36898debfb5c620369314833b7c473154b4f3d","first_seen":"2024-12-26T23:20:27.521918Z","last_seen":"2026-01-15T13:09:30.613617Z","times_seen":54,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"push-sdk.com/f/sdk.js?z=1804925","fqdn":"push-sdk.com","domain":"push-sdk.com","tld":"com"},"ip":{"addr":"178.63.248.57","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"push-sdk.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 11:06:22 GMT","end":"Tue, 25 Nov 2025 11:06:21 GMT"},"fingerprint":{"sha1":"BD:DD:75:88:5F:0F:2F:A6:EA:FF:1B:29:49:86:BB:EC:C1:90:4A:79","sha256":"89:8C:73:02:C1:8B:65:46:0D:EE:E7:41:24:34:AE:25:5A:28:56:20:4F:E2:7C:EB:1C:D8:91:6C:BC:2A:16:12"}}},"request":{"raw":"GET /f/sdk.js?z=1804925 HTTP/1.1\r\nHost: push-sdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Angie\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 15242\r\ncontent-encoding: gzip\r\ncache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":54787,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54745), with no line terminators","md5":"f4d87b22393ed5eef57d01d86c6a88f6","sha1":"5e1aaee78cd735c23cc423fc863decca30aee219","sha256":"91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee","sha512":"bba6ac4eafefb3415063cea1a572f7b56625300e5e671bedeb71eee84b72c532bd7815491602cc3a7059a2bfc1ace5a35ff6065709b60bbf9891e3849c82767c","ssdeep":"1536:/7LMSZcnLitlCr8WoeisV69SDG3nY+kH+sYK:/7L1Y2NViBYK","tlshash":"a933818877c6713412a7a4ac056f50daeb2b3c34944e890adc53f3a2297576eef23d74","first_seen":"2025-04-01T19:54:23.10118Z","last_seen":"2026-04-04T06:10:58.823222Z","times_seen":7949,"resource_available":true,"data":null}},"time_used":260,"timings":{"blocked":115,"dns":34,"connect":25,"send":0,"wait":28,"receive":1,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"servicer.mgid.com/wl?cid=1808445\u0026cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190664737425804\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1616\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812","fqdn":"servicer.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /wl?cid=1808445\u0026cmpreason=wvz\u0026sessionId=68f71ca6-09c33\u0026sessionPage=1\u0026sessionNumberWeek=1\u0026sessionNumber=1\u0026scale_metric_1=80.00\u0026scale_metric_2=256.00\u0026scale_metric_3=100.00\u0026pr=eztv.unblockit.mov\u0026cbuster=1761025190664737425804\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026implVersion=17\u0026lct=1759747860\u0026mp4=0\u0026ap=0\u0026consentStrLen=0\u0026wlid=66889b9e-aa24-45b0-92ea-7adf2541ff4a\u0026src_id=unblockit.mov\u0026uniqId=0f298\u0026jsp=head\u0026evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D\u0026pv=5\u0026jsv=es6\u0026dpr=1\u0026hashCommit=a1ea3164\u0026tfre=1616\u0026cxurl=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812\u0026ref=http%3A%2F%2Feztv.unblockit.mov%2F\u0026lu=https%3A%2F%2Fparkiter.parklogic.com%2F%3Fd%3Dunblockit.mov%26pkAId%3D2143526812 HTTP/1.1\r\nHost: servicer.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 991e6ab1eb4756b9-OSL\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"57f187c7a868faeac558007a8eb6cb2e","sha1":"11ab10ab109fdb53d91d444ac781101f5a6360c6","sha256":"aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22","sha512":"3844065e1dd778a05e8cc39901fbf3191ded380d594359df137901ec56ca52e03d57eb60acc2421a0ee74f0733bbb5d781b7744685c26fb013a236f49b02fed3","ssdeep":"","tlshash":"5f900407c1500051c151c4310444cf1017407570010d030d50dc1055dc1715d0d01100","first_seen":"2023-04-07T09:22:11Z","last_seen":"2026-04-04T14:48:01.918977Z","times_seen":56027,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.mgid.com/images/logos/Adchoices.svg","fqdn":"cdn.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /images/logos/Adchoices.svg HTTP/1.1\r\nHost: cdn.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: br\r\nx-amz-id-2: Y77/iQsfiEtAj7CKlw0o/XEGithfLzhSP5568JWCozlDXQf5SMomE+an7j46X9Y0iS038SCcpHM=\r\nx-amz-request-id: B99RH7BWZRB44FPN\r\nlast-modified: Wed, 17 Feb 2021 18:15:53 GMT\r\netag: W/\"7d59364b7ed2df3f02507c9f92560df9\"\r\nx-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root\r\nx-amz-version-id: null\r\ncf-cache-status: HIT\r\nage: 796\r\nexpires: Wed, 22 Oct 2025 05:39:50 GMT\r\ncache-control: public, max-age=86400\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 991e6ab1cb2a56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":836,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7d59364b7ed2df3f02507c9f92560df9","sha1":"d2a98d9a83d13d1c22d1dabeff5d90c93482301b","sha256":"7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5","sha512":"3803cd6a8dec5d28b7d74c76e8305605f4042699df673dcfb62a2dd2ea2bcb62d6f126af07e615b2ccf93e3b66265ca0111e82e73ff558a0a499b9fe10e49549","ssdeep":"","tlshash":"b3011e2e8342caede9604219e2a52ac2a3f4a5d2f5909ae4f6d31c75f8894e01149ae5","first_seen":"2024-04-11T19:11:34Z","last_seen":"2026-04-04T06:40:06.384934Z","times_seen":3760,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/3866391/492x277/0x0x891x501/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Y4YzMzNzhkNTE4YTkwMDRhNmYxNzc5NTJhY2IxZTljLmpwZWc.webp?v=1761025190-TKzeRyUA2We-FmbIJ6tkrijf9oXp9KmfoLTAvbkf34I","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/3866391/492x277/0x0x891x501/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Y4YzMzNzhkNTE4YTkwMDRhNmYxNzc5NTJhY2IxZTljLmpwZWc.webp?v=1761025190-TKzeRyUA2We-FmbIJ6tkrijf9oXp9KmfoLTAvbkf34I HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13010\r\ncf-ray: 991e6ab2fc560daa-OSL\r\nx-mg-request-uuid: 7bb5b24c-c5f5-4c3e-aa7a-c050e33c82ec\r\naccess-control-allow-origin: *\r\nlast-modified: Mon, 28 Apr 2025 00:04:15 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2132441\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13010,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bc673bd7ff2f5ef367640a5d25cadd03","sha1":"6e7d91a6e349d73bda8b0f22323b1de6d93d72d7","sha256":"c473a57fe7c1f62c3e598596285f991b002eebe1a57fa18ac75b44ed45da45ac","sha512":"90fbd2abecbfea2a100959391b80f4c70624eba8ba745a7f20fc75012792d6f14b8877bf9da0dc063f8cb69d8b2b41b2e57ff4a9b56f87bf2fd12356b1f2c7d2","ssdeep":"192:B0urKEiSSQQUu9I+AyvuIhL5OTbRKtrGG27G4gLuz+k2Z3Qn6DiWmMFSfrSVgsLp:cxSF+S65UKxLuz+k2ZM6GkPr97egOo","tlshash":"5842d1c2ec3594cca6f3971d6a069fd0c265123bd1fa4899cad9195d4823cc8b7d3574","first_seen":"2024-04-20T21:39:50Z","last_seen":"2025-11-10T08:25:00.876956Z","times_seen":58,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/13404790/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzdkYzRmMzU5YmU4ZTA2NzljYzY3OTQxYzFiZmUyMDA5LmpwZWc.webp?v=1761025190-ZyYFJRJo0XzdhYhjWvs2AedMCaUJN8CfJlf6eQBruAg","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/13404790/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzdkYzRmMzU5YmU4ZTA2NzljYzY3OTQxYzFiZmUyMDA5LmpwZWc.webp?v=1761025190-ZyYFJRJo0XzdhYhjWvs2AedMCaUJN8CfJlf6eQBruAg HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15484\r\ncf-ray: 991e6ab2fc630daa-OSL\r\nx-mg-request-uuid: b23231bf-9cc6-48c7-8dcf-a7e27363cda2\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 09:05:30 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 459533\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15484,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"927bbf3f57f2208d39ae4b6c859d6b09","sha1":"91a2b03e5e75753460f1f7101ece0ed2e0800404","sha256":"7ba9893c0306caa0517c2ef1d13d292faddfc59084e0013b1118977b29dc4e6b","sha512":"27c3dd71c4690de0efee629805a8bece95cb5cb5d074bcf172cbb4cc6ba48272a39e4893b6efbeab21f47507486a766045cdb2f8c1d7bb1684a351a3ced48f83","ssdeep":"384:2cHZ5thGsKRBCi/JT129bxrOhWjv1CRsa3hAhBO0:2WZ5to1512B4hWz1CJ3h0BO0","tlshash":"a462d09480c19a16a98c17bbb87a4c44c433e301febed3e3e1699b5889c7f10e855b23","first_seen":"2024-09-25T18:43:08Z","last_seen":"2026-01-28T19:13:16.769457Z","times_seen":55,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.mgid.com/i.js?cbuster=1761025190816407911733","fqdn":"cm.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /i.js?cbuster=1761025190816407911733 HTTP/1.1\r\nHost: cm.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\ncf-ray: 991e6ab2ec0056b9-OSL\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parkiter.parklogic.com/style.css","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"parkiter-lb01.parklogic.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Sep 2025 22:24:38 GMT","end":"Sun, 21 Dec 2025 22:24:37 GMT"},"fingerprint":{"sha1":"6A:D0:C0:06:81:A1:8C:34:45:7C:27:DA:DE:44:5C:D6:9A:5A:0F:11","sha256":"8C:3A:D1:26:BB:8E:34:D5:F4:83:71:40:9B:43:36:0B:75:78:6D:50:3C:5A:BD:52:FD:30:D5:26:BC:70:BA:FC"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: parkiter.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: text/css\r\ncontent-length: 1935\r\nlast-modified: Wed, 21 May 2025 05:25:48 GMT\r\netag: \"682d63dc-78f\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1935,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"717d7dbd8d757008541fc447fd83458d","sha1":"317f2606d027c38728dce13a0bbad8d8e504deed","sha256":"c532b2f9cac9de5e7cd440298f92f0aa244282d252b45197739e7e30476a7cdc","sha512":"825d95f6c893ca7ce2de2f9f8eb4e4314aec3fe2ead4ae201e9e9a38cd37785ac108142570a77771a5543c697a57f3e7ececef15cac968ef6d55b05b340cf0cf","ssdeep":"","tlshash":"b041e08657a91105740bd8b8b9665b51937cc053c90feafc3aa5209c9ecd1f82a773dc","first_seen":"2025-06-19T05:51:12.622055Z","last_seen":"2026-02-08T08:00:44.084758Z","times_seen":33629,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"parkiter.parklogic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"parking3.parklogic.com/page/enhance.js?pcId=53\u0026domain=unblockit.mov","fqdn":"parking3.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.232.7.47","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"enhance-lb01.parklogic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Sep 2025 23:32:37 GMT","end":"Fri, 26 Dec 2025 23:32:36 GMT"},"fingerprint":{"sha1":"E4:B4:52:E3:8A:92:A3:76:06:60:BD:5B:7B:C4:F8:77:5D:4B:AE:6C","sha256":"52:70:EE:88:F9:99:66:53:99:78:C9:63:98:C2:04:D5:41:08:DD:C1:CD:AA:66:0C:3D:DC:AA:5B:B0:DD:2A:74"}}},"request":{"raw":"GET /page/enhance.js?pcId=53\u0026domain=unblockit.mov HTTP/1.1\r\nHost: parking3.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2400,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (467)","md5":"325da6eada1c6e24d1c157d5db802eed","sha1":"2a0dab812701af805bab836d51fd5e7dc9511222","sha256":"16cfbf5d06f0cf663b3b8440585c9e27e85c5768e9f3b6cb19c30bc33e5ba48f","sha512":"3ab1b4bbe088b14cf6016b1970938145ba216c167ddf155b6c8c13deac30d4d85c67e3aa06829ddc0a38e630f5d6355f81bcd390ee5add154477545594a6c7b9","ssdeep":"","tlshash":"0741954e48601a7185b3203db507b2143f3bd696320adb51be6cca506f9ed6b43727de","first_seen":"2025-10-21T05:40:12.456229Z","last_seen":"2025-11-05T20:58:31.482764Z","times_seen":2,"resource_available":true,"data":null}},"time_used":548,"timings":{"blocked":215,"dns":1,"connect":106,"send":0,"wait":108,"receive":0,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parkiter.parklogic.com/favicon.ico","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:49.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"parkiter-lb01.parklogic.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Sep 2025 22:24:38 GMT","end":"Sun, 21 Dec 2025 22:24:37 GMT"},"fingerprint":{"sha1":"6A:D0:C0:06:81:A1:8C:34:45:7C:27:DA:DE:44:5C:D6:9A:5A:0F:11","sha256":"8C:3A:D1:26:BB:8E:34:D5:F4:83:71:40:9B:43:36:0B:75:78:6D:50:3C:5A:BD:52:FD:30:D5:26:BC:70:BA:FC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: parkiter.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:49 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 3262\r\nlast-modified: Mon, 03 Mar 2025 03:54:16 GMT\r\netag: \"67c527e8-cbe\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3262,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel","md5":"89758189d685134f254f97aac7e0587d","sha1":"52db58bbc96facec03f20495c72b5891c32bbf9e","sha256":"8073c580947f28b4cac036c7a2b0fe24c422643143c18085cfba85821057826d","sha512":"063ad866fa998254e508a9b9bba6c6e6026ecbdd826fb1e3954df3687c59116db93cf1c943b8d8cb680cdc7418c17e0d425ee938d3d907e00a2363e210781bb5","ssdeep":"","tlshash":"156153411a65d2faf6642575393933b941375e39ebd1c5ae58e0bb252e3722c10e0148","first_seen":"2024-08-19T21:48:43.197837Z","last_seen":"2026-04-01T20:05:17.965477Z","times_seen":45238,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"parkiter.parklogic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/20209373/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfeHlfY2VudGVyLHFfYXV0bzpnb29kLHdfMTAyMCx4XzMwMix5XzIwNS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xMDE5MjQvYWZmMWIzN2Q3N2NkMzE3OWU4NWFiZDk5OTBjYjE2MmQucG5n.webp?v=1761025190-F0Xe3S0jUyBoW1LvTPvns-kEmwobn5DsKAj_KZ6oMkw","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/20209373/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfeHlfY2VudGVyLHFfYXV0bzpnb29kLHdfMTAyMCx4XzMwMix5XzIwNS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xMDE5MjQvYWZmMWIzN2Q3N2NkMzE3OWU4NWFiZDk5OTBjYjE2MmQucG5n.webp?v=1761025190-F0Xe3S0jUyBoW1LvTPvns-kEmwobn5DsKAj_KZ6oMkw HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21042\r\ncf-ray: 991e6ab31c8a0daa-OSL\r\nx-mg-request-uuid: 10beabff-9cca-44d6-9625-d3d8a33217ce\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 11:05:26 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2131442\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21042,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3fcd8fdb520970879c8d46a77fa7eebe","sha1":"303a6b0adc8b01e00f8605fc4e08ec86ea19c331","sha256":"b4779a73d75ee9564ba73ea7cf514c28753034f45bc76813a468d249f50ff91c","sha512":"90f65f0301bebbb9ad67adb93fd251d2e054db8d9896dee2bf0dc99a345cc07f1e2b5320de7bb121a55a85460be3fee2b7cab77ba7bc3171ac652401db5d34f3","ssdeep":"384:I7xannxntjGsQmzU3nfCWmzs/XFEeE0kVm/Pr3ppIuzcp3boBn6q5fMpEgGdl:I7ct7zU3fZmiFFEzm3/I/3boBn6q5fmA","tlshash":"a292e1e07424c346bae55995d220076e35f9db4a0f2fe4275799cccce2b6bf15e21380","first_seen":"2024-01-11T14:27:27Z","last_seen":"2026-02-03T12:49:36.373849Z","times_seen":128,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":81,"dns":14,"connect":8,"send":0,"wait":13,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s-img.mgid.com/g/14936913/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvMTAxOTI0L2JkNTVhMzU5NWQxNWQ1ZGE1NTY1ZDJkY2JkNzI4MmRjLmpwZWc.webp?v=1761025190-L_TdxpJkPTptOZzKOM-OUu44WuPOj8cKkFK4_MbSOMg","fqdn":"s-img.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.198.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:50.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /g/14936913/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvMTAxOTI0L2JkNTVhMzU5NWQxNWQ1ZGE1NTY1ZDJkY2JkNzI4MmRjLmpwZWc.webp?v=1761025190-L_TdxpJkPTptOZzKOM-OUu44WuPOj8cKkFK4_MbSOMg HTTP/1.1\r\nHost: s-img.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://parkiter.parklogic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://parkiter.parklogic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 20110\r\ncf-ray: 991e6ab31c990daa-OSL\r\nx-mg-request-uuid: 7b8ded10-34f3-4a4c-b6e3-3dff89cfbef3\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 01 Jul 2025 09:40:03 GMT\r\ncache-control: immutable, max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2130934\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20110,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2c1c7e7a8bfc6a6af1288333376d9054","sha1":"bd9b0159dcc2733d3bc03b232d7b72cc13453df7","sha256":"30fc286be166144ecb59e0ffd9edb0d967d63ff83957af9b26486f26d104a118","sha512":"4e510e0c9717e7e85f07d1b608df8828c507fd54fc4d6e0c67f4011079e7017b354305ebb33ab5035932ea42787e4e9e91efb89aa231871e6879d642fb53528f","ssdeep":"384:xQgI+hRWgw570+YI7vprSPGIt6jVSaKDEzu9GBug46edgz0W:yZ+dq0o7vWjuS3Yzs/IqW","tlshash":"f192e12d8e6672a14e4e4566eddc0f7d6ecce68db3c2812e21c0a11d95f20db536522d","first_seen":"2024-08-19T14:29:09.311425Z","last_seen":"2026-01-15T13:09:38.068319Z","times_seen":121,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":84,"dns":12,"connect":13,"send":0,"wait":9,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.mgid.com/c?v=304|240|12|e0EKd8X7xo7pOWxl92j2FDR19tSk-jM5ljlUaug55ZCeMZ38Ir4wZJFYEBQkxCHLlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfum-kccX84vqbybda8JAZ3p\u0026v=304|240|12|e0EKd8X7xo7pOWxl92j2FHMJObVBRkSckaTDDqpTaNuO14ECffALBdcOIi6MftbylTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfv2SWMxULWsbBCsx_4GgYSb\u0026v=304|245|12|e0EKd8X7xo7pOWxl92j2FErFaAtrqrs430qmc_4-Iy34N4JDcI_dxlpRUl7w8xFJlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfsnKyv159rFragV0XPuOjj7\u0026v=304|245|12|e0EKd8X7xo7pOWxl92j2FKzk_layQgGorNjd7DkvRtPKep9wBSK4jIj5PhIA0X5OlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfuBG1edxscjIgtbS7CD_kIP\u0026v=304|240|12|e0EKd8X7xo7pOWxl92j2FOSR8dpt03AYGbgzplHAmyGehyT_aQwfW8C6PW5N_WmglTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfuCUsUFb0X8IW1NvWAHD0Cg\u0026v=304|240|12|e0EKd8X7xo7pOWxl92j2FCYbPljyN3k-Sca55n3EdXqA5Z8PKNeO1mpPgqQ0eXmSlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xftGG9et7f0fe7-NPeHc8Rau\u0026fw=1\u0026f=1\u0026cid=1808445\u0026cbuster=1761025192037672718173\u0026pageImp=1\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026pv=3\u0026h2=McWJCZZsM7jqXO6rYqITMRosjIvxjQ-oynnYn6aW6okCxQVIyhFlf97PBeF6OmlMniddNs2le_7EEMQUuO6n0g**\u0026rid=5cd9afa0-ae40-11f0-853a-d404e6774b40\u0026tt=Referral\u0026ts=eztv.unblockit.mov\u0026psid=unblockit.mov\u0026iv=17\u0026completion=6,15","fqdn":"c.mgid.com","domain":"mgid.com","tld":"com"},"ip":{"addr":"104.17.201.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","date":"2025-10-21T05:39:52.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mgid.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 04:07:00 GMT","end":"Sat, 22 Nov 2025 05:06:50 GMT"},"fingerprint":{"sha1":"E3:D8:BA:52:FF:DC:D5:64:84:7D:EC:60:31:73:4B:57:15:6E:9D:06","sha256":"8C:BD:B9:D1:07:8F:55:14:4C:BB:96:4D:17:01:1F:E4:8D:73:46:22:5C:28:BE:FA:81:4B:BD:DC:83:5F:43:1B"}}},"request":{"raw":"GET /c?v=304|240|12|e0EKd8X7xo7pOWxl92j2FDR19tSk-jM5ljlUaug55ZCeMZ38Ir4wZJFYEBQkxCHLlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfum-kccX84vqbybda8JAZ3p\u0026v=304|240|12|e0EKd8X7xo7pOWxl92j2FHMJObVBRkSckaTDDqpTaNuO14ECffALBdcOIi6MftbylTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfv2SWMxULWsbBCsx_4GgYSb\u0026v=304|245|12|e0EKd8X7xo7pOWxl92j2FErFaAtrqrs430qmc_4-Iy34N4JDcI_dxlpRUl7w8xFJlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfsnKyv159rFragV0XPuOjj7\u0026v=304|245|12|e0EKd8X7xo7pOWxl92j2FKzk_layQgGorNjd7DkvRtPKep9wBSK4jIj5PhIA0X5OlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfuBG1edxscjIgtbS7CD_kIP\u0026v=304|240|12|e0EKd8X7xo7pOWxl92j2FOSR8dpt03AYGbgzplHAmyGehyT_aQwfW8C6PW5N_WmglTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xfuCUsUFb0X8IW1NvWAHD0Cg\u0026v=304|240|12|e0EKd8X7xo7pOWxl92j2FCYbPljyN3k-Sca55n3EdXqA5Z8PKNeO1mpPgqQ0eXmSlTE0DXBTGvGYgLyo0pB2K1QSYLWfPfTquu2czOL6xftGG9et7f0fe7-NPeHc8Rau\u0026fw=1\u0026f=1\u0026cid=1808445\u0026cbuster=1761025192037672718173\u0026pageImp=1\u0026pvid=39e136e9-6b70-4ed4-beec-cb42f230b4e3\u0026pv=3\u0026h2=McWJCZZsM7jqXO6rYqITMRosjIvxjQ-oynnYn6aW6okCxQVIyhFlf97PBeF6OmlMniddNs2le_7EEMQUuO6n0g**\u0026rid=5cd9afa0-ae40-11f0-853a-d404e6774b40\u0026tt=Referral\u0026ts=eztv.unblockit.mov\u0026psid=unblockit.mov\u0026iv=17\u0026completion=6,15 HTTP/1.1\r\nHost: c.mgid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://parkiter.parklogic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:52 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-ray: 991e6aba38eb56b9-OSL\r\nx-mg-request-uuid: c29bce25-9171-4e5f-8e22-061c210deaf7\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"57f187c7a868faeac558007a8eb6cb2e","sha1":"11ab10ab109fdb53d91d444ac781101f5a6360c6","sha256":"aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22","sha512":"3844065e1dd778a05e8cc39901fbf3191ded380d594359df137901ec56ca52e03d57eb60acc2421a0ee74f0733bbb5d781b7744685c26fb013a236f49b02fed3","ssdeep":"","tlshash":"5f900407c1500051c151c4310444cf1017407570010d030d50dc1055dc1715d0d01100","first_seen":"2023-04-07T09:22:11Z","last_seen":"2026-04-04T14:48:01.918977Z","times_seen":56027,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"parkiter.parklogic.com/?d=unblockit.mov\u0026pkAId=2143526812","fqdn":"parkiter.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.236.117.221","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-21T05:39:48.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"parkiter-lb01.parklogic.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Sep 2025 22:24:38 GMT","end":"Sun, 21 Dec 2025 22:24:37 GMT"},"fingerprint":{"sha1":"6A:D0:C0:06:81:A1:8C:34:45:7C:27:DA:DE:44:5C:D6:9A:5A:0F:11","sha256":"8C:3A:D1:26:BB:8E:34:D5:F4:83:71:40:9B:43:36:0B:75:78:6D:50:3C:5A:BD:52:FD:30:D5:26:BC:70:BA:FC"}}},"request":{"raw":"GET /?d=unblockit.mov\u0026pkAId=2143526812 HTTP/1.1\r\nHost: parkiter.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://eztv.unblockit.mov/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 21 Oct 2025 05:39:48 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"MGID","description":"MGID is a programmatic advertising platform frequently used by misinformation websites.","website":"https://www.mgid.com","common_platform_enumeration":"","icon":"MGID.png","categories":["Advertising"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":6693,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5cf715dbca5be85b771c3d4e9c4d18d7","sha1":"2a61e5d7d5a66df77e6462610e76914326f11a8a","sha256":"9e1be336ff54289d17ef2d70daeb5c3e6aa95e8fb44dc8e66ef9678bc7a54bcc","sha512":"11548372ec28790f85d916035ce27bf827eced5ac18765e387d1147f262e14c02dc86f3a10829867128a544ed721065857d93b4e93f1ba7c4c5159a041896408","ssdeep":"48:tNNkIBSnPbCZmdqNt0b3Q2dDTlXsTzjpK8Ry6RgWR7RDRDRsqRDRrR5/fNuWat5:5+PYxMSTp1JgWVNNTNl5/lat5","tlshash":"05d12d2c66c85c2e61738651c731b77cf8a251839a02c10eb5ae27ab0fbfe58dc77464","first_seen":"2025-10-21T05:40:12.49914Z","last_seen":"2025-11-05T20:58:31.480112Z","times_seen":3,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":228,"dns":1,"connect":108,"send":0,"wait":108,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"parkiter.parklogic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}