{"report_id":"458ef1e4-fbf3-4984-b6b0-df786877a0b1","version":6,"status":"done","tags":[],"date":"2025-12-27T19:50:16Z","url":{"schema":"http","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"104.21.30.42","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"title":"Risk Assessment Vs Risk Analysis","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"104.21.30.42","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-31T19:50:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":35}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"reviewbooku.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"sourshaped.com","ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-06T14:35:38.581947Z","last_seen":"2025-12-27T07:29:55.684504Z","alert_count":36,"request_count":18,"received_data":222834,"sent_data":32560,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-12-23T07:42:38.157519Z","alert_count":45,"request_count":15,"received_data":533810,"sent_data":6936,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-21T22:14:03.270461Z","alert_count":0,"request_count":9,"received_data":368667,"sent_data":4950,"comment":"","tags":null,"fingerprints":null},{"fqdn":"realizationnewestfangs.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-02T06:26:57.543488Z","last_seen":"2025-12-23T10:38:09.382032Z","alert_count":54,"request_count":18,"received_data":116000,"sent_data":31924,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-12-22T08:34:53.146151Z","alert_count":0,"request_count":12,"received_data":620548,"sent_data":5664,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-12-24T20:59:21.717877Z","alert_count":9,"request_count":3,"received_data":1590,"sent_data":2301,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-12-23T08:45:19.222452Z","alert_count":3,"request_count":3,"received_data":6886,"sent_data":1488,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"reviewbooku.com","ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-27","domain_rank":0,"first_seen":"2025-10-29T10:56:36.967066Z","last_seen":"2025-12-25T12:35:00.359623Z","alert_count":2,"request_count":2,"received_data":16863,"sent_data":1332,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-12-24T19:21:20.505106Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"veintones.com","ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-10-21","domain_rank":0,"first_seen":"2025-10-27T03:18:09.536164Z","last_seen":"2025-12-25T12:35:00.35967Z","alert_count":18,"request_count":6,"received_data":283073,"sent_data":2664,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-12-23T14:58:42.338766Z","alert_count":25,"request_count":5,"received_data":206539,"sent_data":6772,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-12-21T22:17:33.83847Z","alert_count":0,"request_count":2,"received_data":749860,"sent_data":891,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-12-23T21:54:17.105331Z","alert_count":0,"request_count":3,"received_data":1272,"sent_data":1338,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-12-22T13:21:44.424192Z","alert_count":25,"request_count":5,"received_data":206958,"sent_data":6813,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-21T22:17:07.06462Z","alert_count":0,"request_count":2,"received_data":57202,"sent_data":888,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-24T19:08:33.595887Z","alert_count":21,"request_count":7,"received_data":601692,"sent_data":2891,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-12-23T10:44:50.108696Z","alert_count":15,"request_count":5,"received_data":206517,"sent_data":6761,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"ff942415fc74d6e685969c6d40100ea0","sha1":"d87449c83edd8860c9c694ddbdb1b52ef297ee92","sha256":"7a29fc915770c593df98d92d97e2fc9164e7988e663e37e6ca3426ab9a537039","sha512":"a8e8c7dfa19659d96ae8fda3892e000784cf7d32e36bbfbe01779861de45e6e17cf7254fc480f20dd8a7e8623696e20639bb85f1b0d1b785b9e20374b044865b","ssdeep":"","tlshash":"6331e979a2103021c607d37aa50fed986e19e78959082ac01862dec7366eddd2a78d18","size":1768,"data":"","first_seen":"2025-12-27T19:50:26.402079Z","last_seen":"2025-12-27T19:50:26.402079Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"6de3fa0b2e91d4b034ae45ae9afdfa0c","sha1":"a970885e0664a6c9fbc55e1e4d6cebe40b946313","sha256":"97d85c5d5d23e3c9dcb313582d7972dfdc9f233754a6c3cbdd95db2b5d7d491e","sha512":"bd24a1465c6744b6813cc4414c68a92b0c1de7a6adcbea77d00fd4cbed24749d5b54aad78aa9424069f8da4927c0d16d5838e66ec5cf03ae5ecc477b7656124e","ssdeep":"","tlshash":"1d31f9fc6c14c5dc816c60ec664041dd17d83b6f1e9a4e94613e256ad10072a17f9e3c","size":1498,"data":"","first_seen":"2025-12-27T19:50:26.404018Z","last_seen":"2025-12-27T19:50:26.404018Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"750b57efc8fe23d7dba5187f715d4f2d","sha1":"1f67b1d9e5e5ebd1a4540b52350ff3248c655f21","sha256":"2a02ce992a2f2e45e41133ae95b58822e39fcdc8797470a9a2a19b7b87020bf8","sha512":"a883b24e631c0d5190e06f6cb68c44b11858447dd8325c470b03c4fe8bda57419392a8fbb05c9f7f12397e2f7bb96173e2c8c1ee63a1be5fa164c0a511764eef","ssdeep":"","tlshash":"15312992f42a2d312e6d84fa840b7a9c3d8a9b4b49089fd8f842cd8431085d70869e0a","size":1768,"data":"","first_seen":"2025-12-27T19:50:26.405668Z","last_seen":"2025-12-27T19:50:26.405668Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"df55d6735417d3daf9b842187ba55ac4","sha1":"4800cb1ea9fef1e499ae119cc8a44ddf14056409","sha256":"b4b3ef457ec3d27e71e5ce6a4dcd6d15eb02383aa2fbed1beb033f286fbe4349","sha512":"c960787afc3c1abfaf1a767a410c440b91f82e23df7310e6a25b944316bc7d3f47240c04ca5f85c91390b4c6ceaab43d2bb268b0e9000dbc32e021101252ae32","ssdeep":"","tlshash":"3c216e16692446620616f05eb0cbf6cd7d36058698d7531b722c31ca1ddc35513bb4e5","size":1271,"data":"","first_seen":"2025-06-16T08:23:25.083858Z","last_seen":"2026-01-02T20:42:52.542202Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5bc70ad28ca13fe96941dbf85f0cd4e1","sha1":"1adf0513947f2b5e0355623e4460df431448bf8a","sha256":"35624c722354888466fe6456293595b9e2c5057f6b851f136e57bf1ffae56f9d","sha512":"2ebfe9f3597d232ddd8fc5ba865c573d66f531e92e23e09eea55aca52be6ab38dae6c8d46b42fe253d29c3121f041e59ffe257698a82682a0e89aea2b3b5c047","ssdeep":"","tlshash":"3fb092ade292bde1e0a6686e01b21c8863b49462fa8354b239caa49469258946c45e58","size":126,"data":"","first_seen":"2025-11-03T23:58:09.167385Z","last_seen":"2026-05-19T08:00:14.394076Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/17160be3b250e563979e7c96ad01d276/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5873ffedd00a9e63c907811be725c145","sha1":"c17e9060577f721602bd6d68c8f4d2246a0bb076","sha256":"67e71571b4d4c6db890544849d1b6cf13bc068f4ebabc371ba52ada71864b79a","sha512":"d1efb4d4f6e88a195e248bf398f61bbef6818c68c860296e5968bfba97d464ee9881fa8a02312dd2394f1cce68d81ec3db01fe68df818ef3e50e8548199855fe","ssdeep":"768:dB2ED/5+sNKlKMHLQTwkf0R4sYeLvLoK12G6FYc0CTXF:dB2Et+aMHLQTwkf0BLDLoK12tFYN01","tlshash":"91230a5dbf92f006165f70b7376fa106b11a8c19680cd88cfa07fda46d68f05e837aa4","size":46355,"data":"","first_seen":"2025-12-19T22:42:12.31069Z","last_seen":"2026-01-22T00:36:54.764655Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/sandbox%20eval%20code","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-20T04:38:23.389904Z","times_seen":891841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2acf48fa336fccaecd576b5ad8fc0062","sha1":"9dc17c0c77d9f493d140358aaaea2389dac175b5","sha256":"c6cd98dc2d19f8e04902be7269641e57b470a950938d467f5faceb1f82cc2632","sha512":"f27a59d0ac41ce5ab161f10cae7d2575e4abe28ea4f128e16953326ffbf52e85c7fd0ead28caffb63e1702404580873ee11111018a2d9717d544524dd0061515","ssdeep":"","tlshash":"68b092d8a149fba921e7c8212db0d7ca97219e80f649907a2fd128b186a09c79442f86","size":127,"data":"","first_seen":"2025-11-03T23:58:09.169046Z","last_seen":"2026-05-19T08:00:14.39468Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/865e9e7c305fafa0c2210e2ae6c2366f/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"96f2caecacb2f82667971c28eda79aa8","sha1":"45984adcc4b6d4246ab0e641dffd26ecd0d98692","sha256":"3ce663a76af8d3524ca56ffa6cc7fa22010bdb8350ebc2340e6f5321dc96931f","sha512":"dba24e90297a7a21d1b16c15cedacc6b50b961a411435b70249091774bd506a9558e9c06abdb4e76160ad8f734565b67eef8df3606ee26f61a714bf051526368","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0RpsYeLvLoK12G6FYc0Cjhwf:dB2EV+aMHLQTwkf0wLDLoK12tFYNoU","tlshash":"6123fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","size":46298,"data":"","first_seen":"2025-12-17T15:15:43.74806Z","last_seen":"2025-12-27T19:50:26.36097Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/17160be3b250e563979e7c96ad01d276/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4a54fd4ef230d4102dfcd8de4562b20","sha1":"fab314b190ca738fb3db60e45fac481de6f4a3ca","sha256":"20cf545f787f93f480bdeed219ea855a73d8750a4100554bbd65fb8a8b33dc34","sha512":"7f6eb0efe15e863b48ebc33138d249b0ae1d12bae8d6f415abbf521319689cb9f638a481e8e699e18b2a2f0b35db4065083ee2223338c84c3587054feafd22b5","ssdeep":"768:dB2Ed/5+sNKlKMHLQTwkf0R4sYeLvLoK12G6FYc0CXVp:dB2EX+aMHLQTwkf0BLDLoK12tFYNe7","tlshash":"1e23fa5dbf92f006165f70b7372fa106b15a8c19680cd89cfa07fda46d68f05e837aa4","size":46391,"data":"","first_seen":"2025-12-17T15:15:43.724106Z","last_seen":"2026-01-22T00:36:54.766747Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5bc70ad28ca13fe96941dbf85f0cd4e1","sha1":"1adf0513947f2b5e0355623e4460df431448bf8a","sha256":"35624c722354888466fe6456293595b9e2c5057f6b851f136e57bf1ffae56f9d","sha512":"2ebfe9f3597d232ddd8fc5ba865c573d66f531e92e23e09eea55aca52be6ab38dae6c8d46b42fe253d29c3121f041e59ffe257698a82682a0e89aea2b3b5c047","ssdeep":"","tlshash":"3fb092ade292bde1e0a6686e01b21c8863b49462fa8354b239caa49469258946c45e58","size":126,"data":"","first_seen":"2025-11-03T23:58:09.167385Z","last_seen":"2026-05-19T08:00:14.394076Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GYJTXFLTL3\u0026cx=c\u0026gtm=4e5ca1h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f197c14de325bdb801c7947f94f8a35","sha1":"0a1078f62b4363bb23c174c30cd98761e6269d07","sha256":"0dc097cefd73f884b0638870d9568e15371ec2d547cab75f73de6c7b60a7e689","sha512":"4c2a5cf1da59794fc48d160e4d377e42f3593b2bc8e77cdb9b12899f9d20ccccff58e0f56a16083cada056c8d73ca7c825db9ab49856b342eab9ac487952fe86","ssdeep":"6144:qIe7mZ2bulKY/1u99xHDmHYmyBFzvnsyRO6jJWoNPad4FpC1xY:DCpbu7/1mbrnsy39WbMpb","tlshash":"8b9419ce73c674269396f078503f118ba57b29a2b45cc895f189cce42e74a9a4237f7c","size":427212,"data":"","first_seen":"2025-12-27T19:50:26.399475Z","last_seen":"2025-12-27T19:50:26.399475Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"df32959cf75f36b7116c6326d9947442","sha1":"f5ec7e648a8f23a8546f801f9bb625ccdd0adc07","sha256":"76ba078175c9ff7496eb2e50c98c431798bb823537cfdbfc8462663411514a11","sha512":"e68b8e96417296a2c45fa96073113acf55d502eeb2b3e117246dd9ad37dae61dab6415d69764fc32995e8dca5123b04169ab31512523ee733e28b3f35ca4213e","ssdeep":"","tlshash":"10c04c486b0a2cb56561784e6e0557c6dac54706f961a60e5b458172a4c546b5140c86","size":145,"data":"","first_seen":"2023-05-02T22:22:25Z","last_seen":"2026-05-19T08:00:14.398579Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-29240639-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d92fc0b2f36e488fe364fde42b8797b8","sha1":"c141d50ae3e856b2062874718cbb96f496ff9d02","sha256":"b220749a940bb8f4d3ab2d3119e9393226aa8e18c23228f118888d224298fb56","sha512":"a6b87f3d278c3dbcb333ae6256c703e7dd12d6d0885a3d58fce414f53e4ef40fa7b4e899564ef5dd2e9e4f172c3ef9e8fcea2746d1c4d3fc3d3da662aafc96ec","ssdeep":"6144:jIeJ92bulKYv9VGDmHYmyBFzfns1RnWC46pJem:0pbu7lEDnsrWCDpF","tlshash":"f16408c9b3da74268393a474503f118ba27b79d2e84cc895f185ccd42e74aaa4237f7d","size":321460,"data":"","first_seen":"2025-12-27T19:50:26.345894Z","last_seen":"2025-12-27T19:50:26.345894Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"c7553384922a2b06799c44ed5e375e87","sha1":"9767c20dc03a309b1012becf7acb822f83e587bf","sha256":"316074f9e8f3e5e318eeffff00c12646e668baa6445fe456b4190e359fa53bf4","sha512":"21eb2f0c0efa6d48d9492c21545ebad68837f0f7630d2b44e71c9a383523d9d0ca60e2f58d542bc8b8ce9cd448bda4912ba2b667f1f1dfbcdf678513e9cb1ca1","ssdeep":"","tlshash":"70311cb21e2289ff6961c652433f2d3cfdeb22113593b59225746cd6be4a096043f871","size":1501,"data":"","first_seen":"2025-12-27T19:50:26.411536Z","last_seen":"2025-12-27T19:50:26.411536Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/68/89/db/6889db2cfa98184ba1ac566756057db2.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"453e6dd3d4e8745ecdf9b080cc78297c","sha1":"5042c077560f2c194ce48519cb8eb22610777081","sha256":"c90dfc600ea871ac27d43dc8e6a46ba968cf80b4c4c58421d9968c770803ec27","sha512":"d5dd853691d0aea0753466dcf9a624161f3dac86128bae28cae4c7d9799ff7ea1533e2d084566a38d29d724ed73bc0a3f164e5336c36096a5a25358d18b17630","ssdeep":"1536:l9yUBg8XFOUGDAVTesz3WArOwlNyBv77NzxpQ2jFFwbejIi:l3B91cupUhxpJwUIi","tlshash":"9a7309487f42b16b5352a073627fd047f0256f1261ecd498d123e6a86f6c33af636b98","size":78855,"data":"","first_seen":"2025-12-17T15:15:43.725188Z","last_seen":"2025-12-27T19:50:26.379635Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bdde6eb8e2e73a681c6111469b80456","sha1":"256275ec167dcb0a10b42b3babb3522b4fbd2dbb","sha256":"ac417f1ddec1b5e6c51b82fbde5206020ab9789d0adb2d2bdd83abf3dbe8f0e6","sha512":"7913a7fb0169ca1731ef65101dcc7182d60a3cc08244d9daf7ca9f03fe371a57fb44e3aec82696bb0c327b461032ec165822e3d0fb84016d71b53081c420da7c","ssdeep":"1536:TXZchRVqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQ/X:4qJjblF2zOnC1JQGntTpU5o/X","tlshash":"b5b3c9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","size":111890,"data":"","first_seen":"2025-12-27T07:30:42.770122Z","last_seen":"2025-12-28T18:00:07.327383Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-05-19T02:48:26.765604Z","times_seen":6675,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2acf48fa336fccaecd576b5ad8fc0062","sha1":"9dc17c0c77d9f493d140358aaaea2389dac175b5","sha256":"c6cd98dc2d19f8e04902be7269641e57b470a950938d467f5faceb1f82cc2632","sha512":"f27a59d0ac41ce5ab161f10cae7d2575e4abe28ea4f128e16953326ffbf52e85c7fd0ead28caffb63e1702404580873ee11111018a2d9717d544524dd0061515","ssdeep":"","tlshash":"68b092d8a149fba921e7c8212db0d7ca97219e80f649907a2fd128b186a09c79442f86","size":127,"data":"","first_seen":"2025-11-03T23:58:09.169046Z","last_seen":"2026-05-19T08:00:14.39468Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/17160be3b250e563979e7c96ad01d276/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"290549832eaac64d1f20ffe2f9036892","sha1":"195b121e87be1e92e1a94925349dd0e11d7e5dc0","sha256":"f36f2deee10eb0215a8a26b2c94c6dd56205478bad3f039db1b0fbe69dba0c73","sha512":"9a9afe81b578579c4e8ac2bb703121fa3b386cba92f627820c8130c8347a94589f018424141772d40f3838d4b13eff4f40d0d27e72cd3e490d4f4513638ddf29","ssdeep":"768:dB2Ef/5+sNKlKMHLQTwkf0R4sYeLvLoK12G6FYc0CtLr:dB2E5+aMHLQTwkf0BLDLoK12tFYNgf","tlshash":"2e23fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","size":46351,"data":"","first_seen":"2025-12-20T15:52:00.666935Z","last_seen":"2026-01-22T00:36:54.745437Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5bc70ad28ca13fe96941dbf85f0cd4e1","sha1":"1adf0513947f2b5e0355623e4460df431448bf8a","sha256":"35624c722354888466fe6456293595b9e2c5057f6b851f136e57bf1ffae56f9d","sha512":"2ebfe9f3597d232ddd8fc5ba865c573d66f531e92e23e09eea55aca52be6ab38dae6c8d46b42fe253d29c3121f041e59ffe257698a82682a0e89aea2b3b5c047","ssdeep":"","tlshash":"3fb092ade292bde1e0a6686e01b21c8863b49462fa8354b239caa49469258946c45e58","size":126,"data":"","first_seen":"2025-11-03T23:58:09.167385Z","last_seen":"2026-05-19T08:00:14.394076Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"edb01ded962b0be228adcd8b965cba64","sha1":"efa66bf5f6870f8a49e71ab1e5ae1aac75ff14d4","sha256":"e807c6ecda3edb55a7347ea457fd365c59c6014ec77e42bce4c307f60552ab69","sha512":"55daaf092b8bd7a3f1e0cdf5b367354572398ae5d9644e9bca55e52371a9cde51a01c482d03a63034651f7f8df43018d01bd6c0686f73bce03c3705f62c6021f","ssdeep":"1536:TX9ch7VqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQ/X:yqJjblF2zOnC1JQGntTpU5o/X","tlshash":"95b3c9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","size":111906,"data":"","first_seen":"2025-12-27T19:50:26.340324Z","last_seen":"2026-01-18T08:44:53.106175Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7b13f83ed294f2b5ba58c896e7275b4","sha1":"b9fee35da7a2ef43b06e5d2874db823106008e13","sha256":"9e70d97eb48614d9c71bd17c0db25f28aacd617199cc072afcf1af57776693c9","sha512":"479507bc53f4afc37ecfe8ec0e881b10ceceaa080a7a283a7f24c3766c76d51a1cee37cae8537c17b1363625121068b2db83c21f5f23b0bccd9962292ae286c1","ssdeep":"","tlshash":"00c092acef1a7cb1e6303c8f67476b84fed21657bc711d6639999040b88646b92408ae","size":145,"data":"","first_seen":"2025-05-06T02:48:41.981056Z","last_seen":"2026-05-19T08:00:14.400016Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9c542070c8c43ceea0f5dbfdfde3830","sha1":"77e716bf5f7848b5d7d62237f3992cc9378003c6","sha256":"32413fa930c0c52bff3159566556c6e50752393b6298c76bc9f24e9ea96fbfe5","sha512":"3299ac797040184cba1cf7db7c302fe493014283c6fff897b8f4b0a50b64d4008087b090906d0fabc42e5e5b890301e723c63682992144a9221adf029c27d580","ssdeep":"96:zozvhfFqpIiDk+vj2WaXkk/37SE6EeF/ZkRnthAu1jDYCfMEDaH:kzvOksjVa0k16Ey/6NvYCkCaH","tlshash":"6b913ba5ac79a4b444a7f4bf39b7f9082fb1404f1d44da80bdadd2151f043950b64ef8","size":4551,"data":"","first_seen":"2025-12-27T19:50:26.414035Z","last_seen":"2025-12-27T19:50:26.414035Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"51d61f57f89c909c23411ea82935d3ae","sha1":"c81e7d8a51ff0a96f9c3df64b89ef0ef5a0dff89","sha256":"4c7af727d6b7e51b2c509b52f5da648959ac8a4fe11baffcc87285897fad429d","sha512":"6a3d53c9e37a6bee8f84bab4daf4c529b529760d8583d5fbb3477ad94313b732ca10c06f88d1289c6e702783adf51ee4fd2587a38a8c6e7856d1a7d14c0d3160","ssdeep":"","tlshash":"da31e931791d29749abab1dd380bb24de1a6b3ca3f04720e09039b90b6444f9196dc84","size":1766,"data":"","first_seen":"2025-12-27T19:50:26.415819Z","last_seen":"2025-12-27T19:50:26.415819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"502ba33a79223255085de20a32b5ad9e","sha1":"b251f60ecfd3b67e4bed42a49d6fb613128a24ce","sha256":"9d7b53510cfb9f9da453920e72891bf3352c83b17cdb297670bf78026d8a3da3","sha512":"42fe31fa2b510bd870e08751fd54cd0eb5e93e81e654def6c3495b6ef37f11a40b8c22c70cf204d0d47d5ff961166bda8783d08cd82920bba623b884383c608b","ssdeep":"","tlshash":"8131297fa30a44fe2cc0c745141f3cac6da20038bb6dd1d6433e2890a1103463bf21b8","size":1492,"data":"","first_seen":"2025-12-27T19:50:26.417885Z","last_seen":"2025-12-27T19:50:26.417885Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"371d6471b78c0ad45a56083d8c99f6ad","sha1":"60a303095fa0be7f866faf47e3cead8879b564ad","sha256":"be3f71245e5449ce0c7c86a362b71f63ebf050ea5ca31d3538851ff4f929accc","sha512":"d0d2125a70916fb9ddc28c613ee1748570151c138fb31d07a668a315cf51fc749a0d9bb914c1c7f43b65d76de4e25973f3ca447b060b7f8f25afcfaff771b9d4","ssdeep":"96:VN/0ozVnYOdT+UTtxkxz+G3Tk/A+TdiypeAhdop/1jDICfMEDaH:9z6CT+uVG3TkbdOLvICkCaH","tlshash":"78a13baa6da944b86423a07f4536764cef51410f9500ce0a7d8cc9b5af30bec5d1cdf8","size":4686,"data":"","first_seen":"2025-12-27T19:50:26.41962Z","last_seen":"2025-12-27T19:50:26.41962Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f996f21dd086717a280650d9bddc340","sha1":"345c059308712f23d728810cf97941391ae4d062","sha256":"8f92ced4cdf992968ec5d6fa5f8b5b5a10897a923ee0e2504cf9cc5a7284efb0","sha512":"cc4e743e2f63d04a9e6f02ca0288b58d52c5351127337afb86cb73ace36a8fd6c6b5de4501d7372b608efeb4a8fc35e9f1cb6012bfe34549db4410d13d4bd7bc","ssdeep":"1536:x9yUBg8XFOUGBAVTesz3WArOwlNyBv77NzxpQ2jFFwBijIq:x3B91c8pUhxpJwqIq","tlshash":"e37309487f82b15b5352a073627fd047f0256f1261dcd498d123e6a86f6c33af636b98","size":78883,"data":"","first_seen":"2025-12-27T19:50:26.381991Z","last_seen":"2026-01-22T00:36:54.770428Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"c4732f3e117946278e0fbd6d84116ddc","sha1":"37b3b12852f7c354a49965a478cad18a4d57a940","sha256":"3297ac5d250977b7dd1e623c66eb987ca292a271a47279e357155d864cfb0c6d","sha512":"4ec9ccaea827b69affeb2aa0501696d6d168cac40b4b4f30d1e8a659b7a42091d82e0fc975f2979f3c76ddc7e3f7264038270b637819182bc35d71d1ffe81ab9","ssdeep":"","tlshash":"bd312ce265260d75365884fec9071c5c3d871a2ed556dfb4e89a8c59f1081620c19339","size":1498,"data":"","first_seen":"2025-12-27T19:50:26.421473Z","last_seen":"2025-12-27T19:50:26.421473Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"df55d6735417d3daf9b842187ba55ac4","sha1":"4800cb1ea9fef1e499ae119cc8a44ddf14056409","sha256":"b4b3ef457ec3d27e71e5ce6a4dcd6d15eb02383aa2fbed1beb033f286fbe4349","sha512":"c960787afc3c1abfaf1a767a410c440b91f82e23df7310e6a25b944316bc7d3f47240c04ca5f85c91390b4c6ceaab43d2bb268b0e9000dbc32e021101252ae32","ssdeep":"","tlshash":"3c216e16692446620616f05eb0cbf6cd7d36058698d7531b722c31ca1ddc35513bb4e5","size":1271,"data":"","first_seen":"2025-06-16T08:23:25.083858Z","last_seen":"2026-01-02T20:42:52.542202Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"df32959cf75f36b7116c6326d9947442","sha1":"f5ec7e648a8f23a8546f801f9bb625ccdd0adc07","sha256":"76ba078175c9ff7496eb2e50c98c431798bb823537cfdbfc8462663411514a11","sha512":"e68b8e96417296a2c45fa96073113acf55d502eeb2b3e117246dd9ad37dae61dab6415d69764fc32995e8dca5123b04169ab31512523ee733e28b3f35ca4213e","ssdeep":"","tlshash":"10c04c486b0a2cb56561784e6e0557c6dac54706f961a60e5b458172a4c546b5140c86","size":145,"data":"","first_seen":"2023-05-02T22:22:25Z","last_seen":"2026-05-19T08:00:14.398579Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/68/89/db/6889db2cfa98184ba1ac566756057db2.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"65fae2f23fb1d97b513cbd6a42e71d78","sha1":"1c6280ce59e616aec4b71d428e97c9bafd282f00","sha256":"6782030932dc5776b19d2e3749435a1df1f267e66dce5797ec5706246dc7eb47","sha512":"1249a3a9ab75cc872fb352bc93d668761ce5860c5f07e86c517549cddd57f698599f068d832dba76f44ca1aa39956de7a5d292122f32b7024a578c101ed4587f","ssdeep":"1536:H9yUBg8XFOUGQAVTesz3WArOwlNyBv77NzxpQ2jFFwTMjIi:H3B91crpUhxpJw2Ii","tlshash":"d97309487f42b16b5352a073626fd047f0256f1261ecd498d123e6e86f6c33af636b98","size":78815,"data":"","first_seen":"2025-12-19T22:42:12.328857Z","last_seen":"2026-01-27T18:39:53.512918Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"44476033571870dbffa4b7c436cdb398","sha1":"881760e8d823e376d0e8849a49c42e77b0f6aa77","sha256":"1d6a92ac6bcd6db7cfa1e38b99b7a01133fcc8db427ee17e3be8d30a71c14779","sha512":"4a765729d5fe5e9ad308275883a14a18e50f079009db0e5121779436154e0bf4ecb735912fdb8f4753e08c20211da9174a40f31e85b076e96ac852676140ce28","ssdeep":"96:CozzfYO1KEImT4i7n4k/r1KEImT4i7nl6Z1jDYCfMEDaH:fzwZC4koZCl6zvYCkCaH","tlshash":"dc913ba2eda61c70396994ff852b680c3d82520f5909df94fc8eee447f046e10ca8e5d","size":4498,"data":"","first_seen":"2025-12-27T19:50:26.423019Z","last_seen":"2025-12-27T19:50:26.423019Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7b13f83ed294f2b5ba58c896e7275b4","sha1":"b9fee35da7a2ef43b06e5d2874db823106008e13","sha256":"9e70d97eb48614d9c71bd17c0db25f28aacd617199cc072afcf1af57776693c9","sha512":"479507bc53f4afc37ecfe8ec0e881b10ceceaa080a7a283a7f24c3766c76d51a1cee37cae8537c17b1363625121068b2db83c21f5f23b0bccd9962292ae286c1","ssdeep":"","tlshash":"00c092acef1a7cb1e6303c8f67476b84fed21657bc711d6639999040b88646b92408ae","size":145,"data":"","first_seen":"2025-05-06T02:48:41.981056Z","last_seen":"2026-05-19T08:00:14.400016Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/865e9e7c305fafa0c2210e2ae6c2366f/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"96f2caecacb2f82667971c28eda79aa8","sha1":"45984adcc4b6d4246ab0e641dffd26ecd0d98692","sha256":"3ce663a76af8d3524ca56ffa6cc7fa22010bdb8350ebc2340e6f5321dc96931f","sha512":"dba24e90297a7a21d1b16c15cedacc6b50b961a411435b70249091774bd506a9558e9c06abdb4e76160ad8f734565b67eef8df3606ee26f61a714bf051526368","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0RpsYeLvLoK12G6FYc0Cjhwf:dB2EV+aMHLQTwkf0wLDLoK12tFYNoU","tlshash":"6123fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","size":46298,"data":"","first_seen":"2025-12-17T15:15:43.74806Z","last_seen":"2025-12-27T19:50:26.36097Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60f04bb50558159235bad0f994f67103","sha1":"1cd11ef8f606e7e54eb23defdf654c45bb222048","sha256":"99c967299e5ac5e1626831e088f96e835b575f2b926e68673eebd83b29ef3326","sha512":"e0965e9785afa82b89a22381210f1aa8b4cd2084e079d624450e21c5600a5fa52e4f8f826c2b331dd51359f2bc28c2f9652df767efc0680154c80b0bb926a94e","ssdeep":"96:ZN/IozlffV+2RZn1FtZ89fk/zhEB4PRtJ1jDYCfMEDaH:lzjZ1XZMkNEB+tjvYCkCaH","tlshash":"d2a13abc9d60b034c459b0bd621bd84c3b54620f1d088d807c6de9867b20fe91eb8dbc","size":4671,"data":"","first_seen":"2025-12-27T19:50:26.424576Z","last_seen":"2025-12-27T19:50:26.424576Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7b13f83ed294f2b5ba58c896e7275b4","sha1":"b9fee35da7a2ef43b06e5d2874db823106008e13","sha256":"9e70d97eb48614d9c71bd17c0db25f28aacd617199cc072afcf1af57776693c9","sha512":"479507bc53f4afc37ecfe8ec0e881b10ceceaa080a7a283a7f24c3766c76d51a1cee37cae8537c17b1363625121068b2db83c21f5f23b0bccd9962292ae286c1","ssdeep":"","tlshash":"00c092acef1a7cb1e6303c8f67476b84fed21657bc711d6639999040b88646b92408ae","size":145,"data":"","first_seen":"2025-05-06T02:48:41.981056Z","last_seen":"2026-05-19T08:00:14.400016Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2acf48fa336fccaecd576b5ad8fc0062","sha1":"9dc17c0c77d9f493d140358aaaea2389dac175b5","sha256":"c6cd98dc2d19f8e04902be7269641e57b470a950938d467f5faceb1f82cc2632","sha512":"f27a59d0ac41ce5ab161f10cae7d2575e4abe28ea4f128e16953326ffbf52e85c7fd0ead28caffb63e1702404580873ee11111018a2d9717d544524dd0061515","ssdeep":"","tlshash":"68b092d8a149fba921e7c8212db0d7ca97219e80f649907a2fd128b186a09c79442f86","size":127,"data":"","first_seen":"2025-11-03T23:58:09.169046Z","last_seen":"2026-05-19T08:00:14.39468Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9939be9e233ed5b8644abf728aff2897","sha1":"e38c1311a14e80ca101d3b8a243e4f065778c71d","sha256":"99d35c77c1111bad590f9fc8b74c07d94dd8df9fcf2a7b8b605258b38e9621b6","sha512":"b84da0b4d73c70f4d66b795a959869c383865faca2b5a18ac72ba381ffd97d9eb0c6da4427f8d758eafbb2a2dc9a864ee42f89c249d1c77a126b819c8898a4c2","ssdeep":"","tlshash":"1f115ebe267743205bbb66f59e9b5680383030332556c40afd5cc5400fb2d4599637d8","size":1046,"data":"","first_seen":"2025-11-03T23:58:09.187114Z","last_seen":"2026-05-19T08:00:14.417176Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"705df0e20d7ad0492d63ff1a2ea2b708","sha1":"ca3e9f7a7a64d46c7e714a15c73ffbc27b7b16ef","sha256":"6f91dc3c4c6108f86f3f661fd14ac45105a0dce6ca6c89db7b44f48a4e9e7787","sha512":"d5e4870a153d487cac0b5bc5bd2ed9153e1aaec3dcdbd6a79a457952a4111d6e5133f2205b1de9a8e67f0533d2f27d2255ad7ec4a41d52b75058c04b088a29c7","ssdeep":"","tlshash":"bfe0ab299ce74a384cfa3a441074da3934f838a0aaa3d017525cc82cce39fc50c40aec","size":424,"data":"","first_seen":"2023-07-01T16:46:34Z","last_seen":"2026-05-19T08:00:14.423152Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9f859a91c2bd8f5c5d3050f7f6b4d9b0","sha1":"ae8fb9beb34f367e9ac0d7f8f2e25243c2a743fd","sha256":"f324b4e1faa39d8c34ba2e81ab23f429ee76f3210a000194c5193d4349036585","sha512":"7998645d3b26739ed6d512e24d599e536d07190b0df0ceeb90bb614a39ae21407489b819ace86de935e63e7e232156eb90063cabeddc3315a6b7b259cbbac8fc","ssdeep":"","tlshash":"a931e9fe615d85cc6752d4be8573306edfd0046dd102410c02ec4cfeeaa662d6b0e638","size":1506,"data":"","first_seen":"2025-12-27T19:50:26.427775Z","last_seen":"2025-12-27T19:50:26.427775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e105b1309ce1f0d5334f875ea1b2d21d","sha1":"c975334b285bb59556dc3aea67daf9863bf1d4fb","sha256":"4eec517331c7eca9b96ad3bbf6048ac9405ba03a0033a8aac58ff15ca7e66e81","sha512":"9dacc6953b7e829b8fc087689476a61ce97cf426dad42ae4db112cee5fa1cb4be8fcbdc2c88bb097ca65b0573eb7dffdb71098fdd3c1d7dccd7c7d3a0a34873c","ssdeep":"96:Q0XiuozIZnpxIJodD84DgMcbZek/whf9vQdzdH4ksnw1jDICfMEDaH:1S7zZiD84EpbgkAMPoovICkCaH","tlshash":"be914c217f4954f82891a0ae281bb64df961420a3f08ea0a7e1cd791af507e51ebcdc8","size":4516,"data":"","first_seen":"2025-12-27T19:50:26.429247Z","last_seen":"2025-12-27T19:50:26.429247Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-05-19T02:48:26.765604Z","times_seen":6675,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/68/89/db/6889db2cfa98184ba1ac566756057db2.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cfa81b5f144de36e7307861c03f8cc3c","sha1":"30fb6c5d550499323ad8bb34096df1296e57284d","sha256":"310dbf8673d5a9e7e5ac5aa2bf22ff094cf6f339b97a10dc85bf749d3e0293e7","sha512":"7cd3dc4cc4713be17bb9d836200034e0e1823031c0a8e3c63a9045381ab9e50b22161b11f8021840e3a27837a907ed4069511a073eb6bdc729b57d8caf5ec08a","ssdeep":"1536:L9yUBg8XFOUGQAVTesz3WArOwlNyBv77NzxpQ2jFFwfEjIi:L3B91crpUhxpJwKIi","tlshash":"7b7309487f42b15b5352a073626fd047f0256f1261ecd498d123e6e86f6c33af63ab98","size":78839,"data":"","first_seen":"2025-12-27T07:30:42.785662Z","last_seen":"2025-12-27T19:50:26.361735Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"df32959cf75f36b7116c6326d9947442","sha1":"f5ec7e648a8f23a8546f801f9bb625ccdd0adc07","sha256":"76ba078175c9ff7496eb2e50c98c431798bb823537cfdbfc8462663411514a11","sha512":"e68b8e96417296a2c45fa96073113acf55d502eeb2b3e117246dd9ad37dae61dab6415d69764fc32995e8dca5123b04169ab31512523ee733e28b3f35ca4213e","ssdeep":"","tlshash":"10c04c486b0a2cb56561784e6e0557c6dac54706f961a60e5b458172a4c546b5140c86","size":145,"data":"","first_seen":"2023-05-02T22:22:25Z","last_seen":"2026-05-19T08:00:14.398579Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"93cf1fc6f567e7cfecb1f07d8553c9dc","sha1":"ead4b096e238638624d3987ed11f487628c9d79c","sha256":"a2ade1133e6dc5ae002fc1712be2001eb1470d8b7f9295bb8f5d57f594ba6097","sha512":"2810d8ac90400ad37c1e6014c3f1be5e4af0c9f30d574fbd9ffdf0ca697eff75f9e020a220a0de4f7b1cdbba40772182c3e7e8726542ba0dfca66f276ed9148d","ssdeep":"1536:k9yUBg8XFOUGFAVTesz3WArOwlNyBv77NzxpQ2jFFwGQjIq:k3B91cgpUhxpJwPIq","tlshash":"b27309487f82b15b5352a073627fd047f0256f1261ecd498d123e6a86f6c33af636b98","size":78866,"data":"","first_seen":"2025-12-20T15:52:00.654437Z","last_seen":"2026-01-02T20:42:52.478207Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"660271f8d9e2ba878aded0f41e8ba53a","sha1":"9a2f16b6075f89f2e652521b4b6886867abdfc78","sha256":"a3c72729800cfd0431c1525adf6b8e0baf1bedf4d7571f80c074bd3a75a9235f","sha512":"db8b04dd1c3893645549b7ff0071a775f04343d25916abe55901020c282f29eef1ec3c2047660388ed473303261b42361710b7b3917511ca730f53d3bf1a9204","ssdeep":"","tlshash":"88310b7ba5191877c567c12704097f88df46460f8a14cfc78c5089a0fb309d82029c98","size":1780,"data":"","first_seen":"2025-12-27T19:50:26.430742Z","last_seen":"2025-12-27T19:50:26.430742Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"262db5ebc5dfc19a4e43710de083bdfd","sha1":"a588cec5ee3918d72b0ae5ee17bee373490484f2","sha256":"a94a359f1013569648bc40910164a9127596a4fc87e51e7f8d7d98ce39fccc37","sha512":"0b0acef504498cd19b27ed4335bc100e2caed95f6ed598993db16421211771ad980f72b833b8f10f8870bfb7b8a1b454287167de4b1d111d8c8182fee6625e43","ssdeep":"","tlshash":"ab31e9e5b83539b4c4f7f0f76ac6ba204fa54ac90b811780aa67975112142a70378ef6","size":1784,"data":"","first_seen":"2025-12-27T19:50:26.432325Z","last_seen":"2025-12-27T19:50:26.432325Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-05-19T02:48:26.765604Z","times_seen":6675,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-20T04:38:23.381955Z","times_seen":890171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/865e9e7c305fafa0c2210e2ae6c2366f/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9da710c08f5fff2fea4539add5e5e91a","sha1":"f335d6b4d273e906c17b32004007ef1a5ef055b7","sha256":"f15f11a6675c2d68d3221595e6ffc5d23ed232dd1cffd8ba3cd5b5051d023492","sha512":"6255f4e326b797f74ebe142b85bbb04710ccde308eb2e6c060c48fa3132498905888eba3732a69e20c89dc5a9688f8ea93a2894517febe17dfe463ef87ee0e5e","ssdeep":"768:dB2Ee/5+sNKlKMHLQTwkf0RpsYeLvLoK12G6FYc0CkhDC:dB2Em+aMHLQTwkf0wLDLoK12tFYNXW","tlshash":"d623fa5dbf92f006165f70b7376fa106b15a8c19280cd89cfa07fda46d68f05e837aa4","size":46346,"data":"","first_seen":"2025-12-17T15:15:43.751281Z","last_seen":"2026-01-08T22:03:03.891911Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe93c4d253476a3184380a0acf45a1a1","sha1":"ad18313ba4b3cd4b9bc756a2fa711d4effd87bed","sha256":"20f105edf22cbcea0d7e0e5668ea88aad561212d73f5a28d4b0989b0b5e2f99e","sha512":"b47781a5c4d635758fa2f9ecc7b9894bcc68f9361a5a3beed3bba67b490c41a30c58ba3ace04ace68128071eb79306a016f5cfc267ff43638410d0a0e3366e9a","ssdeep":"96:KozCnCorCJ2FNPZ4Ek/2orCJ2FNPZ01jDICfMEDaH:nzJorCJWNPZ4EkuorCJWNPZsvICkCaH","tlshash":"8a912b762e2184be6862e16a523e7e1cbd5593033941fd433d6cee926f585d6083ecb0","size":4509,"data":"","first_seen":"2025-12-27T19:50:26.434512Z","last_seen":"2025-12-27T19:50:26.434512Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b43481c6fa563267ac7606c1a6e7da79","sha1":"05f59489867520d13b9993b6213eb8f79b74931f","sha256":"d669861a7b88cd81e756ba40d5432b433c81adb1a6681707cb550cb7fef7f749","sha512":"2001e96be60ba4035147a84fd5042d05366f77c3cf7fcb5dea2609b1d867cd1a1f8896870d13dc1273bf4b1f6d0158d3785a39b5686f0bd5d08dd104e6190617","ssdeep":"1536:x9yUBg8XFOUG7AVTesz3WArOwlNyBv77NzxpQ2jFFwBijIq:x3B91cGpUhxpJwqIq","tlshash":"4b7309487f82b16b5352a073627fd047f0256f1261dcd498d123e6a86f6c33af636b98","size":78892,"data":"","first_seen":"2025-12-24T19:55:31.118761Z","last_seen":"2025-12-27T19:50:26.39451Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"99c35b1802c06699bccf7b041a6bde54","sha1":"9cbc2be7c35b15de05c840586dfe537bae5a29a2","sha256":"487bebf651555fc680f90fbbd7428adcee4626c7d83df4fd8c983748edf46019","sha512":"bc8c98124f649c89ffaabc7542ecf62b8ff20334a56613cc5fab4ba3a0fc3009429ab4e31373189b6811afe497c351f8783b0e28c7b4d91df9365fc5d9c1ad5a","ssdeep":"","tlshash":"1931d7a7552ac8b9195cdde77d72b50d2bb8042e78c5c3c0353dc12a265c14617418f5","size":1510,"data":"","first_seen":"2025-12-27T19:50:26.435827Z","last_seen":"2025-12-27T19:50:26.435827Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"df55d6735417d3daf9b842187ba55ac4","sha1":"4800cb1ea9fef1e499ae119cc8a44ddf14056409","sha256":"b4b3ef457ec3d27e71e5ce6a4dcd6d15eb02383aa2fbed1beb033f286fbe4349","sha512":"c960787afc3c1abfaf1a767a410c440b91f82e23df7310e6a25b944316bc7d3f47240c04ca5f85c91390b4c6ceaab43d2bb268b0e9000dbc32e021101252ae32","ssdeep":"","tlshash":"3c216e16692446620616f05eb0cbf6cd7d36058698d7531b722c31ca1ddc35513bb4e5","size":1271,"data":"","first_seen":"2025-06-16T08:23:25.083858Z","last_seen":"2026-01-02T20:42:52.542202Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d82fee191c35334d8616518eb48cbd6","sha1":"9e858abfd0d24e81a4b69617ef0dd6f20e73b2e2","sha256":"c864d9c46330407016330aa37e982bfa5109d0d33983f327cc2ad4ee9dda6ccb","sha512":"9487fff206189f0183d4a307ab2bf487cc46e7df86a1c002f0dcf7e5d09353b3c254ba5a11d23b6599b4fee2b518352ffd791a3e0fb6dcd570fce95831ca5941","ssdeep":"","tlshash":"f0c02b88211a0c7182f72f008f3ffa00b402322494d09e32480a73484d20f0bdb54c50","size":154,"data":"","first_seen":"2023-05-02T22:22:24Z","last_seen":"2026-05-19T08:00:14.431964Z","times_seen":155,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"8bea2f11b032d087b689659a075297e3","sha1":"05c50fe8592e04fb6b8be90cec1dc9ca55b6c186","sha256":"fb9ab485c2fa052c5999f0cfb985ada8b1d45c8f82b594d7d2a9c0ab1cd2c702","sha512":"c24414da3e4751e739034244ab15537e34722d1cc97f3fd921549b1f5fd36e60e0b1d73272090462a260f3f9a505291da135eb171e76f17a1f31c1215a1e8edc","ssdeep":"","tlshash":"1031ebb73d2559b75d75e3b2521e7f2cad99a302295175c318209dd1795d0cb003ec11","size":1775,"data":"","first_seen":"2025-12-27T19:50:26.438116Z","last_seen":"2025-12-27T19:50:26.438116Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0cde48cd73d923ffb648319bc4d5c7d4","sha1":"37e15c540b2be411ba4ca9d2177672797ef8a453","sha256":"462cb460b9022a37abcfe93142ae00fa529bf293cedcb9ba934dcb7d8d5d0fca","sha512":"c682f4556ff53aac2fbad7c9747c5ccb3e40296ae2c44936ec49ec81e2755c29ff1fd9a7a862b41b3d8774825ef9fb0900e24c148f28f47c19a637dcddb17eb8","ssdeep":"1536:TXWchlVqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQ/X:1qJjblF2zOnC1JQGntTpU5o/X","tlshash":"32b3c9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","size":111903,"data":"","first_seen":"2025-12-27T19:50:26.390295Z","last_seen":"2025-12-27T19:50:26.390295Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5c3fe48ce082b1c5ceb767332f5397be\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":81,"dns":4,"connect":30,"send":0,"wait":22,"receive":18,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1310535090177.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /watch.1310535090177.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nlocation: https://wayfarerorthodox.com/watch.1310535090177.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=18a0c959896d95e7cb422ad37613a7e0aa882d2ecb0b6fe76a03f0ea212128c4873bccfefd2254b948d7c72c3aaee5875b188e7a8d42e8f339c193617fc754a2f745c44f1050818ca4912486e4c040612e3de0b4b9caff590973\u0026pst=1766865054\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I; expires=Sat, 27 Dec 2025 19:50:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fa702b60378ff421f7f45e815c9facae\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4549,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":694,"timings":{"blocked":297,"dns":23,"connect":92,"send":0,"wait":94,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbs?c=1","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1310535090177.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=18a0c959896d95e7cb422ad37613a7e0aa882d2ecb0b6fe76a03f0ea212128c4873bccfefd2254b948d7c72c3aaee5875b188e7a8d42e8f339c193617fc754a2f745c44f1050818ca4912486e4c040612e3de0b4b9caff590973\u0026pst=1766865054\u0026rmtc=t","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /watch.1310535090177.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=18a0c959896d95e7cb422ad37613a7e0aa882d2ecb0b6fe76a03f0ea212128c4873bccfefd2254b948d7c72c3aaee5875b188e7a8d42e8f339c193617fc754a2f745c44f1050818ca4912486e4c040612e3de0b4b9caff590973\u0026pst=1766865054\u0026rmtc=t HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nReferer: https://reviewbooku.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 3178\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nu_pl18149249=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 8\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bc845cf3557e7d1a7f17c608caaee6a3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4549,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3673)","md5":"ae640ce96a6ba925b25ae817cadd3350","sha1":"aa6640514562b5d7142e02c75d083ae7fe81d22a","sha256":"7a06ebb6cd127110d9115ec93924535017917a48a7d34caf9fab605520652282","sha512":"0df61bac04b7b0ff4bebfefd0a78af59f36ed3fd893530ada87795188dbc7b552343e0680d8994546960fd7de20c15bd8a1ff620aff62f7b01239fb16ace64af","ssdeep":"96:t0XiuozIZnpxIJodD84DgMcbZek/whf9vQdzdH4ksnw1ZDICfMEDaH:yS7zZiD84EpbgkAMPooVICkCaH","tlshash":"da915c217f4954f86891a0ae381bb64df561420a3f04e90a7e1dd751ab407e51ebcdcc","first_seen":"2025-12-27T19:50:26.314914Z","last_seen":"2025-12-27T19:50:26.314914Z","times_seen":1,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/impr.gif?sid=H4sIAAAAAAAC_1RTv28dRRedTaKv-aTvEz8EBQWvoACEn2d_75ICYUJQwEmsxCgF1fx0Bu_bWXZ239qmCURCkWgsaCjX5zmxgIiEhg4peqYiElIelYu4QeIfQEqNnmPJcKW599w5U5w7c-aLnfaQhGjZwcpFu2WKgi3GQzp49Zoppe3c4NLqwKdDenZwzZRJdHawMU_1-E0_jIb0tcF7SqzbxYD6lPrUH5w3tdJ2Y_GIhanu5v4wp8MoGPpxhI36371rPTjmQY4PybMwcvb_P_RHMGKKcnT_nHLrja3eeHfUFqyxNcZy78NyvbRdidEJ1LUHXe4dn4Z1M0K-OQVb7h1PADvenU8Abmbk1AuPwcu9Y5ng49tPlfICqgSX_0U3nkIV-zBsCmFvwshHBBASly6jHN25ZOuObT5l2ZydkTNP_oLpZuTM4-dRjn5YKszG4Kot2sbY0mFD9zAbU5i1Kap2H82WB9PtQzSfw8jfyOKTZZSj3cuusDDy4BWWUsmYUgtRypKFKOd0gVOqFlSW54IxFvE0PLoio6dgzkM7X8ZDqz20lYeRPBhENIuEz8JE51KkNGJRJBWneRZQynKRohWfwchtiPoGqvoG1s026vYB3PWDn3yWpsLPVMoj7ae-8nmuwoSyUMQxp2kaiCzigtNQsZBlKkkUS7I84kyxgLNcx5pGUZQHIkt1mkia8VClgS-TLPBTKSgNM6ESrSIdR2muU53QMJI6VIHmaSJiTX3pSymjOEmVyrM4iAPph0LJlLGE-bnWeSTTJPdzHfoizwXPkhhOenANwVj26BRB5wg6RtAZgq4h6Mb9bVm4wPV3ZOFa7h_X4LiG_cQ2azvstm3WVEnA6m3Ust811SfuJkRzerKlnZzYeWK86SeMy36nOiTPzF3gfXVvFevqYJAlscpVKkIaa6YZFUHgUxUwlYggTBINZ3oYd-ro7bbMjLz_6WNUZkbIvQyc7cMV-xDmJbD2RbBukgYZ2HXkFFvlfW7tuqsVk0ZvDoUdQdoeVXMGzaa3UxyS5yZXVpceHLly-eLXUOIhOQ6IukdV9_jY_EKwVtyaXLEd2b1iO0d-vFw1ZmS22NyxVxvWqP9894Ha7GwtL5xz29--LebEHN5dVa5ZZqU05Zoj3y8ZKVV93tZCkZ8vuGuKr7Tu-lJbl221vPLO-QujqlbOGVtOwcwj9SuEmZH__Tk--ouvf_kyRHUDrjpR6SwBrwgKQ1Cok33Ge7h_9PwE77hbWKs9sOYmylGPcd1jXPRgxTZce3rSVPXDt34PjwK88Ca8qMkuL-o5bw4Gc-MJSrM08cNMKz-MpNBxFuUyYTQMFRo3MysZ_zsAAP__tc8TwykFAAA=","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTv28dRRedTaKv-aTvEz8EBQWvoACEn2d_75ICYUJQwEmsxCgF1fx0Bu_bWXZ239qmCURCkWgsaCjX5zmxgIiEhg4peqYiElIelYu4QeIfQEqNnmPJcKW599w5U5w7c-aLnfaQhGjZwcpFu2WKgi3GQzp49Zoppe3c4NLqwKdDenZwzZRJdHawMU_1-E0_jIb0tcF7SqzbxYD6lPrUH5w3tdJ2Y_GIhanu5v4wp8MoGPpxhI36371rPTjmQY4PybMwcvb_P_RHMGKKcnT_nHLrja3eeHfUFqyxNcZy78NyvbRdidEJ1LUHXe4dn4Z1M0K-OQVb7h1PADvenU8Abmbk1AuPwcu9Y5ng49tPlfICqgSX_0U3nkIV-zBsCmFvwshHBBASly6jHN25ZOuObT5l2ZydkTNP_oLpZuTM4-dRjn5YKszG4Kot2sbY0mFD9zAbU5i1Kap2H82WB9PtQzSfw8jfyOKTZZSj3cuusDDy4BWWUsmYUgtRypKFKOd0gVOqFlSW54IxFvE0PLoio6dgzkM7X8ZDqz20lYeRPBhENIuEz8JE51KkNGJRJBWneRZQynKRohWfwchtiPoGqvoG1s026vYB3PWDn3yWpsLPVMoj7ae-8nmuwoSyUMQxp2kaiCzigtNQsZBlKkkUS7I84kyxgLNcx5pGUZQHIkt1mkia8VClgS-TLPBTKSgNM6ESrSIdR2muU53QMJI6VIHmaSJiTX3pSymjOEmVyrM4iAPph0LJlLGE-bnWeSTTJPdzHfoizwXPkhhOenANwVj26BRB5wg6RtAZgq4h6Mb9bVm4wPV3ZOFa7h_X4LiG_cQ2azvstm3WVEnA6m3Ust811SfuJkRzerKlnZzYeWK86SeMy36nOiTPzF3gfXVvFevqYJAlscpVKkIaa6YZFUHgUxUwlYggTBINZ3oYd-ro7bbMjLz_6WNUZkbIvQyc7cMV-xDmJbD2RbBukgYZ2HXkFFvlfW7tuqsVk0ZvDoUdQdoeVXMGzaa3UxyS5yZXVpceHLly-eLXUOIhOQ6IukdV9_jY_EKwVtyaXLEd2b1iO0d-vFw1ZmS22NyxVxvWqP9894Ha7GwtL5xz29--LebEHN5dVa5ZZqU05Zoj3y8ZKVV93tZCkZ8vuGuKr7Tu-lJbl221vPLO-QujqlbOGVtOwcwj9SuEmZH__Tk--ouvf_kyRHUDrjpR6SwBrwgKQ1Cok33Ge7h_9PwE77hbWKs9sOYmylGPcd1jXPRgxTZce3rSVPXDt34PjwK88Ca8qMkuL-o5bw4Gc-MJSrM08cNMKz-MpNBxFuUyYTQMFRo3MysZ_zsAAP__tc8TwykFAAA= HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl26390356=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2d36634fd0e2b80c3c33caed48dd19a3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/sbar.json?key=6889db2cfa98184ba1ac566756057db2\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /sbar.json?key=6889db2cfa98184ba1ac566756057db2\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl26390356=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4961\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:58 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nu_pl26543445=1; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nslec6889db2cfa98184ba1ac566756057db2=[5974464]; expires=Sat, 27 Dec 2025 19:50:03 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 121\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ec56b80a8818cdc75eaf64b1ead07b1d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6382,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"2b8c465f2f3f3dee09eb7502dcc12c45","sha1":"8a26994898b897d8fa928e045cefab8d49b5d370","sha256":"2caf521f8499bfec895c33649776713e3e0202e7ee21ec663aaeb7115344e01b","sha512":"a5da91d82ddff8a87ed1eecbe33c07def1c4f7569d2a7717662a095eaefa1259b91c7ce158485150a002c02d7e8ebc704dd0fe544603b58ac6685b004f648162","ssdeep":"192:9z+X2KJ5/53OoYnUjFOWyGN+JgfD6ZobW:9z6J5xeoYnMOWyivQobW","tlshash":"e4d19e73908905d36ff9489113893c7dec81fc2b9d4fa85d6c7eebfe2b82866045002a","first_seen":"2025-12-27T19:50:26.318131Z","last_seen":"2025-12-27T19:50:26.318131Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 490754\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rS841HZxsAYhAkEEiDESmycX3nXYtucxz1JhVaCMlO7dT6oW7wj1XCoh%2FxWYgYlsOj3SjGqASiQZIgWY69fnHVNT7BNGkcfHe6FyhU2NOcg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b4b58250fdd0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-05-20T03:02:06.955571Z","times_seen":11477,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=39","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=39 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=192","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=192 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/pixel/sbs?c=1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]; iprc_l+cd8ae97e1ba3ff061b966d37687f2f89=5974464; iprc_l:5974464=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4bae024fac1adc07fd1fab6da989dd75\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":751,"timings":{"blocked":324,"dns":26,"connect":96,"send":0,"wait":98,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7b872fb68883cad949f38f91884e22aa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":89,"dns":6,"connect":17,"send":0,"wait":24,"receive":18,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 260939\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Byh8sRpHU9h1%2Bm5IfUTLTT0vk%2FjtJQnqBYnQHJXRQ2a%2Ba%2BHEBeAZtGcHAtzwVygTt2VDMHOBMAwtct4x5%2BkYjW55Ct7vT4hdqLyyZCd40D4%3D\"}]}\r\ncf-ray: 9b4b5822cc1a0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":26,"dns":4,"connect":3,"send":0,"wait":5,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=40","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=40 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 260939\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-3bd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NGUHa6G2ykt%2BvlWSCOP%2FxI9k%2BhTvcgXW0Yz07wGynSR%2Fb8kT1WgwPsjFUMJQ14dfdT%2FyB1tWA%2F2oGDURRr2xnw3yJ7l9KcpmohvsQfvUDhQ%3D\"}]}\r\ncf-ray: 9b4b582638070731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=12","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=12 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/17160be3b250e563979e7c96ad01d276/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veintones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 22:51:09 GMT","end":"Fri, 20 Mar 2026 22:51:08 GMT"},"fingerprint":{"sha1":"4D:7F:9C:CE:A0:E9:D6:F0:B3:A4:37:54:B5:59:91:60:F1:05:70:22","sha256":"83:ED:45:57:55:D9:14:C6:80:64:C8:69:3D:43:65:1F:B6:09:DD:EF:11:05:33:DD:CF:FC:2D:D2:27:47:6B:B9"}}},"request":{"raw":"GET /17160be3b250e563979e7c96ad01d276/invoke.js HTTP/1.1\r\nHost: veintones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18560\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: veintones.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b1ef19b5ced1c7b50dcb7bbbe60bbadb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":46391,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46391), with no line terminators","md5":"b4a54fd4ef230d4102dfcd8de4562b20","sha1":"fab314b190ca738fb3db60e45fac481de6f4a3ca","sha256":"20cf545f787f93f480bdeed219ea855a73d8750a4100554bbd65fb8a8b33dc34","sha512":"7f6eb0efe15e863b48ebc33138d249b0ae1d12bae8d6f415abbf521319689cb9f638a481e8e699e18b2a2f0b35db4065083ee2223338c84c3587054feafd22b5","ssdeep":"768:dB2Ed/5+sNKlKMHLQTwkf0R4sYeLvLoK12G6FYc0CXVp:dB2EX+aMHLQTwkf0BLDLoK12tFYNe7","tlshash":"1e23fa5dbf92f006165f70b7372fa106b15a8c19680cd89cfa07fda46d68f05e837aa4","first_seen":"2025-12-17T15:15:43.724106Z","last_seen":"2026-01-22T00:36:54.766747Z","times_seen":9,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/ren.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8_67vVtSRJgQFAiJyR-lSIFmdmbt4fZ2lpnd2_NBEYhAKR0JJKDa-97F5k8EoQFRIEVnCiRLSByVi7iho0VKC9rzSRZP2vfevs8U733nzcej4oB4KOj-2ptqKJOErrSaduOFGzLlqjSNS9cajt20zzRuyDTwzzQGtdP9lxzPb9qnG6-JqKtWXNuxbcd2GuelFrEarMwpZHY_dJqh3fTdptPyMdD__TfFEgy1wPsH5CQknz3xZ3wTMpoi7T04J0w3V9mLr_aKhOZKo893rqfdVJUpekdprC3E6c7iNJSZEfLZElS6s5gAqj-pJwCTM7L09COwdGfRJlj_3mGnLIFIwfj_UfanEMkUkk4RqduQ_HcCRByXLiPtbV9SuqSbh5TWdEaOP_4bspyR449OIe19u5rIQeOqSopcqtRgEFeQgynk-hRZsYt8aEGWu4jyDyH5b2Tl8UWkvcllkyhIvv88bducUiGW_TYNlv2Q2cvMtsWy6IRhRCn1WdubSyTjKaixUNSftFDEForMQo_vN3y740cO9YI45FHb9qnvc8HssOPaNg2jNoroA0i-hUh_dL94O0vcwAttrxWMnO2Mb-Td_iTXhZgUaWRGzpeHJdebF7frouuNHGT6FrpyC7p4CLNRwfATMPmMWG-9jz6vUAqC0hCUlKCUBGVOUParezwxrqm2eWIK5iyiu4heNVb5-ojeU_m6SAmo3oLm1URm75rbiPJj42Fs-FjVjrK8GlPGq1F2QJ6s78L69MR1dMV-I-h0Qs7cKKZhx-n4jDo0agVBuxXYrTZnLoysIM3SXMGhnJHX33uETM4I-a4DRndhkl1E8hnQ4jnQsgLdqDBMHzClukYLymW82YxUD1xVyPLjyDetUXJAnhpfubb6cL4WN08_hIj2zv70eW1fINIVMl3hHfkLwXpyZ3xFlWRyRZWGfH85y2VPDmm9MldzmotjX78hNkul-YVzZuurl6Ma1On9a8LkF2nKZbpuyDerknOhzysdCfLzBXNDsLXCbKwWOi2yi2uvnL_Qy7QwRqp0Cipn5H_Vs4jkjJz85-78OXif_IgouwWT7Z39YfRXQAiBUQQss5DU_NSvSMQRo6yCEXtkYWBH-cjcwbq2QPPbSHsV-rpCP6lAky2Y4tg4z_Te2T-8uYEl1pgl2pqwRCd3D7Uycr_RcpkXdDqBiAMee9xzPR62bBH6NAz80G8hNzO51on_DQAA__9juZqctQQAAA==","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8_67vVtSRJgQFAiJyR-lSIFmdmbt4fZ2lpnd2_NBEYhAKR0JJKDa-97F5k8EoQFRIEVnCiRLSByVi7iho0VKC9rzSRZP2vfevs8U733nzcej4oB4KOj-2ptqKJOErrSaduOFGzLlqjSNS9cajt20zzRuyDTwzzQGtdP9lxzPb9qnG6-JqKtWXNuxbcd2GuelFrEarMwpZHY_dJqh3fTdptPyMdD__TfFEgy1wPsH5CQknz3xZ3wTMpoi7T04J0w3V9mLr_aKhOZKo893rqfdVJUpekdprC3E6c7iNJSZEfLZElS6s5gAqj-pJwCTM7L09COwdGfRJlj_3mGnLIFIwfj_UfanEMkUkk4RqduQ_HcCRByXLiPtbV9SuqSbh5TWdEaOP_4bspyR449OIe19u5rIQeOqSopcqtRgEFeQgynk-hRZsYt8aEGWu4jyDyH5b2Tl8UWkvcllkyhIvv88bducUiGW_TYNlv2Q2cvMtsWy6IRhRCn1WdubSyTjKaixUNSftFDEForMQo_vN3y740cO9YI45FHb9qnvc8HssOPaNg2jNoroA0i-hUh_dL94O0vcwAttrxWMnO2Mb-Td_iTXhZgUaWRGzpeHJdebF7frouuNHGT6FrpyC7p4CLNRwfATMPmMWG-9jz6vUAqC0hCUlKCUBGVOUParezwxrqm2eWIK5iyiu4heNVb5-ojeU_m6SAmo3oLm1URm75rbiPJj42Fs-FjVjrK8GlPGq1F2QJ6s78L69MR1dMV-I-h0Qs7cKKZhx-n4jDo0agVBuxXYrTZnLoysIM3SXMGhnJHX33uETM4I-a4DRndhkl1E8hnQ4jnQsgLdqDBMHzClukYLymW82YxUD1xVyPLjyDetUXJAnhpfubb6cL4WN08_hIj2zv70eW1fINIVMl3hHfkLwXpyZ3xFlWRyRZWGfH85y2VPDmm9MldzmotjX78hNkul-YVzZuurl6Ma1On9a8LkF2nKZbpuyDerknOhzysdCfLzBXNDsLXCbKwWOi2yi2uvnL_Qy7QwRqp0Cipn5H_Vs4jkjJz85-78OXif_IgouwWT7Z39YfRXQAiBUQQss5DU_NSvSMQRo6yCEXtkYWBH-cjcwbq2QPPbSHsV-rpCP6lAky2Y4tg4z_Te2T-8uYEl1pgl2pqwRCd3D7Uycr_RcpkXdDqBiAMee9xzPR62bBH6NAz80G8hNzO51on_DQAA__9juZqctQQAAA== HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 251fe97054332ffe80f1bf5b44ae70db\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/ren.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8_67vVtSRJgQFAiJyR-lSIFmdmbt4fZ2lpnd2_NBEYhAKR0JJKDa-97F5k8EoQFRIEVnCiRLSByVi7iho0VKC9rzSRZP2vfevs8U733nzcej4oB4KOj-2ptqKJOErrSaduOFGzLlqjSNS9cajt20zzRuyDTwzzQGtdP9lxzPb9qnG6-JqKtWXNuxbcd2GuelFrEarMwpZHY_dJqh3fTdptPyMdD__TfFEgy1wPsH5CQknz3xZ3wTMpoi7T04J0w3V9mLr_aKhOZKo893rqfdVJUpekdprC3E6c7iNJSZEfLZElS6s5gAqj-pJwCTM7L09COwdGfRJlj_3mGnLIFIwfj_UfanEMkUkk4RqduQ_HcCRByXLiPtbV9SuqSbh5TWdEaOP_4bspyR449OIe19u5rIQeOqSopcqtRgEFeQgynk-hRZsYt8aEGWu4jyDyH5b2Tl8UWkvcllkyhIvv88bducUiGW_TYNlv2Q2cvMtsWy6IRhRCn1WdubSyTjKaixUNSftFDEForMQo_vN3y740cO9YI45FHb9qnvc8HssOPaNg2jNoroA0i-hUh_tJ3xjbzbn-S6EJMijczI-fKw5Hrz4nZddL2Rc794O0vcwAttrxWMHGT6FrpyC7p4CLNRwfATMPmMWG-9jz6vUAqC0hCUlKCUBGVOUParezwxrqm2eWIK5iyiu4heNVb5-ojeU_m6SAmo3oLm1URm75rbiPJj42Fs-FjVjrK8GlPGq1F2QJ6s78L69MR1dMV-I-h0Qs7cKKZhx-n4jDo0agVBuxXYrTZnLoysIM3SXMGhnJHX33uETM4I-a4DRndhkl1E8hnQ4jnQsgLdqDBMHzClukYLymW82YxUD1xVyPLjyDetUXJAnhpfubb6cL4WN08_hIj2zv70eW1fINIVMl3hHfkLwXpyZ3xFlWRyRZWGfH85y2VPDmm9MldzmotjX78hNkul-YVzZuurl6Ma1On9a8LkF2nKZbpuyDerknOhzysdCfLzBXNDsLXCbKwWOi2yi2uvnL_Qy7QwRqp0Cipn5H_Vs4jkjJz85-78OXif_IgouwWT7Z39YfRXQAiBUQQss5DU_NSvSMQRo6yCEXtkYWBH-cjcwbq2QPPbSHsV-rpCP6lAky2Y4tg4z_Te2T-8uYEl1pgl2pqwRCd3D7Uycr_RcpkXdDqBiAMee9xzPR62bBH6NAz80G8hNzO51on_DQAA__-KEIBotQQAAA==","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8_67vVtSRJgQFAiJyR-lSIFmdmbt4fZ2lpnd2_NBEYhAKR0JJKDa-97F5k8EoQFRIEVnCiRLSByVi7iho0VKC9rzSRZP2vfevs8U733nzcej4oB4KOj-2ptqKJOErrSaduOFGzLlqjSNS9cajt20zzRuyDTwzzQGtdP9lxzPb9qnG6-JqKtWXNuxbcd2GuelFrEarMwpZHY_dJqh3fTdptPyMdD__TfFEgy1wPsH5CQknz3xZ3wTMpoi7T04J0w3V9mLr_aKhOZKo893rqfdVJUpekdprC3E6c7iNJSZEfLZElS6s5gAqj-pJwCTM7L09COwdGfRJlj_3mGnLIFIwfj_UfanEMkUkk4RqduQ_HcCRByXLiPtbV9SuqSbh5TWdEaOP_4bspyR449OIe19u5rIQeOqSopcqtRgEFeQgynk-hRZsYt8aEGWu4jyDyH5b2Tl8UWkvcllkyhIvv88bducUiGW_TYNlv2Q2cvMtsWy6IRhRCn1WdubSyTjKaixUNSftFDEForMQo_vN3y740cO9YI45FHb9qnvc8HssOPaNg2jNoroA0i-hUh_tJ3xjbzbn-S6EJMijczI-fKw5Hrz4nZddL2Rc794O0vcwAttrxWMHGT6FrpyC7p4CLNRwfATMPmMWG-9jz6vUAqC0hCUlKCUBGVOUParezwxrqm2eWIK5iyiu4heNVb5-ojeU_m6SAmo3oLm1URm75rbiPJj42Fs-FjVjrK8GlPGq1F2QJ6s78L69MR1dMV-I-h0Qs7cKKZhx-n4jDo0agVBuxXYrTZnLoysIM3SXMGhnJHX33uETM4I-a4DRndhkl1E8hnQ4jnQsgLdqDBMHzClukYLymW82YxUD1xVyPLjyDetUXJAnhpfubb6cL4WN08_hIj2zv70eW1fINIVMl3hHfkLwXpyZ3xFlWRyRZWGfH85y2VPDmm9MldzmotjX78hNkul-YVzZuurl6Ma1On9a8LkF2nKZbpuyDerknOhzysdCfLzBXNDsLXCbKwWOi2yi2uvnL_Qy7QwRqp0Cipn5H_Vs4jkjJz85-78OXif_IgouwWT7Z39YfRXQAiBUQQss5DU_NSvSMQRo6yCEXtkYWBH-cjcwbq2QPPbSHsV-rpCP6lAky2Y4tg4z_Te2T-8uYEl1pgl2pqwRCd3D7Uycr_RcpkXdDqBiAMee9xzPR62bBH6NAz80G8hNzO51on_DQAA__-KEIBotQQAAA== HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: af7d60596356c2a625219241b9453461\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 829176\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FN9EOiTKSwMasnH4iZ%2BPbNoKpXpQFQsAYqj8tlIZmLbTQ11bTRsOwTl7xEYa74xvH15JUcbAK%2FWpASan1eVLteqi0if4Fe0Z85M6glQWBdc%3D\"}]}\r\ncf-ray: 9b4b5825cff30731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-05-19T02:48:26.765604Z","times_seen":6675,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://reviewbooku.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=98300d0e-627a-4a45-9bdd-dad1e335463a:2:1; expires=Tue, 25 Dec 2035 19:49:53 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"e0e69fc48e99d0e0f13a7eadc7085197","sha1":"93f29ad15ce5446f7500c64b5f185e98986d029a","sha256":"f1e5e09eae07c91ff9d91c26a91d75354b03d12510babb9b3edf29d82f1493f2","sha512":"e55526fbfb47907eb34148d71e3d0e538296bdab469c2ef4704c337d209d6551a894624c27e4d135cfd92bdc29160426ad261983696ef10688c4a95e847e92e7","ssdeep":"","tlshash":"8c900450507d443cd3045531777c5f5001c05000440540054d705cf4411c03c541403c","first_seen":"2025-12-27T19:50:26.337895Z","last_seen":"2025-12-27T19:50:26.337895Z","times_seen":1,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":114,"dns":25,"connect":25,"send":0,"wait":22,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.675783909317.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=98300d0e-627a-4a45-9bdd-dad1e335463a%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /watch.675783909317.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=98300d0e-627a-4a45-9bdd-dad1e335463a%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nlocation: https://skinnycrawlinglax.com/watch.675783909317.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=98300d0e-627a-4a45-9bdd-dad1e335463a%3A2%3A1\u0026shu=153ad567c5b136de62fe2e4c2f262a81e1f53e8fe08317c2ef8d485cc4773db34d600e174773af7ad3796110cd2808a02125d10ae6b2ea7a0d1bfc7f993e7129316c9d711d3c36e5ffb09e1318f4b8a3c4322e26a909272887ee\u0026pst=1766865054\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I; expires=Sat, 27 Dec 2025 19:50:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7e84de70bf245541bddf75de5c9daa71\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4542,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":668,"timings":{"blocked":284,"dns":2,"connect":93,"send":0,"wait":99,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 40053\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 50f635706bc9fa78814aa9292aa664bd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":111906,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"edb01ded962b0be228adcd8b965cba64","sha1":"efa66bf5f6870f8a49e71ab1e5ae1aac75ff14d4","sha256":"e807c6ecda3edb55a7347ea457fd365c59c6014ec77e42bce4c307f60552ab69","sha512":"55daaf092b8bd7a3f1e0cdf5b367354572398ae5d9644e9bca55e52371a9cde51a01c482d03a63034651f7f8df43018d01bd6c0686f73bce03c3705f62c6021f","ssdeep":"1536:TX9ch7VqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQ/X:yqJjblF2zOnC1JQGntTpU5o/X","tlshash":"95b3c9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","first_seen":"2025-12-27T19:50:26.340324Z","last_seen":"2026-01-18T08:44:53.106175Z","times_seen":2,"resource_available":true,"data":null}},"time_used":837,"timings":{"blocked":318,"dns":25,"connect":93,"send":0,"wait":100,"receive":93,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 46096\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:17:25 GMT\r\netag: \"68327db5-b410\"\r\nexpires: Mon, 29 Dec 2025 19:49:59 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"ed4f60d20941ae5888b01b01916f2e88","sha1":"e35f9e4ac46b078a6627e153c36fa08b0750f9fc","sha256":"e4092e5b649b52528da0fc6ac5ef1ae0530699d6e0b29c3fa0eb83478c99f5ed","sha512":"55d3bedc530d7c9751dfdf88f78fc55c6dc87c772edafb974240b896bf4dd1ed8cdfc538f8075a31dbd14e5e88b55946a0c81b734bb670c2d639e9900ee76095","ssdeep":"768:CX3yKRSHXnYe/8/geEnPDDO5usUZSEN+wNvQix0UgI4FiOt7ILUaPAWSN8V:eyKRSXdUDEnPfPUENdNoFiDPJ","tlshash":"7423f13625269c94d2599bfc0b3618d4e3e88484a5d68f56af4907c2abc1fc3ccdccb5","first_seen":"2025-06-05T18:59:05.430298Z","last_seen":"2026-01-06T02:07:37.704074Z","times_seen":696,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.232424690109.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /watch.232424690109.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nlocation: https://kettledroopingcontinuation.com/watch.232424690109.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=ba0dba27e48c9744930f4d569ed6c4c455e4ac6eb2bee21ee067b981718a728664c9b6ea624717ffbf53b4497d86779cb4740a7296dbeb06a25f895ea99fe17cfeef8505022ab09dc46052e8d8dad860c850e0e4e6c8db697151\u0026pst=1766865054\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I; expires=Sat, 27 Dec 2025 19:50:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d49398cda1a178abd0fba78abdcaf645\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4719,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":718,"timings":{"blocked":307,"dns":26,"connect":91,"send":0,"wait":99,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTPWwcxR-dS_L_NyAQEFFfQQEIn2d3Z79IgTAhKMJJrCQoBdV8rT14b2fZ2b11XDlEQpFoXFKu3zmxAIsPiRYpOlMRCSlH5SJukJCoKJBSo3UsGX7S_D7mTfHezJvPd5ojEqDhhytX7KbJc74Yjujw9VumULZ1w6s3hx4d0QvDW6aI2IXhRp-qydtewEb0jeEHWq7bRZ96lHrUG14ylc7sxuIxClPup94opSPmj7yQYaP67-yaARwfQE2OyMswav7i79nHMHKGYvz9Re3Wa1u-9f64yXltK0zU3kfFemHbAuPTNqsGyIq9k9Owbk7Il2dgi70TBbCT3V4BhJmTM68-gSj2TmhCTO4_Yypy6AJCPYd2MoPOD2D4DNLehVGPCSAVrl5DMX5w1VYtv_0M5T06J-ee_g3Tzsm5J-dRjL9dys3G8IbNm9rYwmEj62A2ZjCrM5TNAerNAUx7AFl_BqN-JYtPl1GMd6-53MKow9d4TBXnWi-wmEcLLBV0QVCqF3SSppJzzkQcHF-RyWbgboCmX2aAJhugKQcYq8MhowmTHg-iLFUypowzprSgaeJTylMZo5F3YNQ2ZLWFstrCutlG1TyEWzv80Us4lWmYJmmk0lDHUjDf5yqIIy_gsaacJ4mvfC0FFVGm44jTIKOa-57v-YlkSRwIKTOdKd8PmUhZomIZ-zLoZYVJHAovSXTME8V8nWRBkEovDSIvzmQcMu5nMQslY5lHQ5p4ieQs9XyWRJpJymjk-TpQmgomUsmzLExpGgdwagBXE0xUh1YTtI6g5QStIWhrgnbS3Ve58133QOWuEd5J9U9q0E1tvbrD79t6VRcEvNpGpbpdU37q7kLWZ6ebmVNT2ycu6m7Khep2yiPyUu-Bwfm_7mBdHw692Iuo0IHwQ6rDKEjjVMcyjbiinvLjCM50MO7M8cttmjkZ_hmjNHNCvksg-AFcfgBpzoI3_wNvpwGl4GtTP6TYLPZrXY0bxddG0o6hbIeyPof69mAnPyKvTK_fXHp4bMjlK1vQ8hE5CciqQ1l1-MT8TLCa35tety3ZvW5bR364VtZmbDZ5b9YbNa_1_7_-UN9ubaUuX3TbX70re6Bv929qVy_zQpli1ZFvloxSurpkK6nJT5fdLS1WGre21FRFUy6vvHfp8ristHPGFjNw81j_Amnm5IU_Jsff8M0vnocst-DKU5bOEoiSIDcEuT7d56KD-9csTvsddw-r1QC8voti3GFSdZjkHXi-DdecndZl9eid34LjgMgHU5FXZFfkVY-bw2EWaF9SmvTOTjLtBUzJLExYqnpPBxq1m5uVRPwTAAD__yr9kVMkBQAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPWwcxR-dS_L_NyAQEFFfQQEIn2d3Z79IgTAhKMJJrCQoBdV8rT14b2fZ2b11XDlEQpFoXFKu3zmxAIsPiRYpOlMRCSlH5SJukJCoKJBSo3UsGX7S_D7mTfHezJvPd5ojEqDhhytX7KbJc74Yjujw9VumULZ1w6s3hx4d0QvDW6aI2IXhRp-qydtewEb0jeEHWq7bRZ96lHrUG14ylc7sxuIxClPup94opSPmj7yQYaP67-yaARwfQE2OyMswav7i79nHMHKGYvz9Re3Wa1u-9f64yXltK0zU3kfFemHbAuPTNqsGyIq9k9Owbk7Il2dgi70TBbCT3V4BhJmTM68-gSj2TmhCTO4_Yypy6AJCPYd2MoPOD2D4DNLehVGPCSAVrl5DMX5w1VYtv_0M5T06J-ee_g3Tzsm5J-dRjL9dys3G8IbNm9rYwmEj62A2ZjCrM5TNAerNAUx7AFl_BqN-JYtPl1GMd6-53MKow9d4TBXnWi-wmEcLLBV0QVCqF3SSppJzzkQcHF-RyWbgboCmX2aAJhugKQcYq8MhowmTHg-iLFUypowzprSgaeJTylMZo5F3YNQ2ZLWFstrCutlG1TyEWzv80Us4lWmYJmmk0lDHUjDf5yqIIy_gsaacJ4mvfC0FFVGm44jTIKOa-57v-YlkSRwIKTOdKd8PmUhZomIZ-zLoZYVJHAovSXTME8V8nWRBkEovDSIvzmQcMu5nMQslY5lHQ5p4ieQs9XyWRJpJymjk-TpQmgomUsmzLExpGgdwagBXE0xUh1YTtI6g5QStIWhrgnbS3Ve58133QOWuEd5J9U9q0E1tvbrD79t6VRcEvNpGpbpdU37q7kLWZ6ebmVNT2ycu6m7Khep2yiPyUu-Bwfm_7mBdHw692Iuo0IHwQ6rDKEjjVMcyjbiinvLjCM50MO7M8cttmjkZ_hmjNHNCvksg-AFcfgBpzoI3_wNvpwGl4GtTP6TYLPZrXY0bxddG0o6hbIeyPof69mAnPyKvTK_fXHp4bMjlK1vQ8hE5CciqQ1l1-MT8TLCa35tety3ZvW5bR364VtZmbDZ5b9YbNa_1_7_-UN9ubaUuX3TbX70re6Bv929qVy_zQpli1ZFvloxSurpkK6nJT5fdLS1WGre21FRFUy6vvHfp8ristHPGFjNw81j_Amnm5IU_Jsff8M0vnocst-DKU5bOEoiSIDcEuT7d56KD-9csTvsddw-r1QC8voti3GFSdZjkHXi-DdecndZl9eid34LjgMgHU5FXZFfkVY-bw2EWaF9SmvTOTjLtBUzJLExYqnpPBxq1m5uVRPwTAAD__yr9kVMkBQAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl18149249=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fc0ec366c4d340d11da5441f9ee7c78f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=27BdVc9bG%2BHIfQTaW2O6gQpHD6%2F%2BODk%2FJhvVRXZXSfAplPyy4IrG43gzxQApWhANBkh7cqGchPL5w0CNTiqVNOxTVnmj4eTVoxcNy3Qp2kU%3D\"}]}\r\nage: 3243412\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 9b4b58236dd10883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-05-20T02:24:33.040895Z","times_seen":9307,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 46096\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:17:25 GMT\r\netag: \"68327db5-b410\"\r\nexpires: Mon, 29 Dec 2025 19:49:59 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"ed4f60d20941ae5888b01b01916f2e88","sha1":"e35f9e4ac46b078a6627e153c36fa08b0750f9fc","sha256":"e4092e5b649b52528da0fc6ac5ef1ae0530699d6e0b29c3fa0eb83478c99f5ed","sha512":"55d3bedc530d7c9751dfdf88f78fc55c6dc87c772edafb974240b896bf4dd1ed8cdfc538f8075a31dbd14e5e88b55946a0c81b734bb670c2d639e9900ee76095","ssdeep":"768:CX3yKRSHXnYe/8/geEnPDDO5usUZSEN+wNvQix0UgI4FiOt7ILUaPAWSN8V:eyKRSXdUDEnPfPUENdNoFiDPJ","tlshash":"7423f13625269c94d2599bfc0b3618d4e3e88484a5d68f56af4907c2abc1fc3ccdccb5","first_seen":"2025-06-05T18:59:05.430298Z","last_seen":"2026-01-06T02:07:37.704074Z","times_seen":696,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 260939\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-3bd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GdeBTq9UBwb6i7kPgWODrN4o7cRBguJxs6F8JuuLSnN%2B6Jl4OIvfOkt0mgU%2ByElWAC41Dulm9EaLb5K%2FerY0zVc1JnX440ok%2BR%2BXm3o4hnA%3D\"}]}\r\ncf-ray: 9b4b582628010731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 97eed298e97fc59eef1309ad47fb16a2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1STvW8dxRrG5yTRbW5xdQmCIs2RoAAJ2zM7-0kKhAlBgZBYiVEKRDFf6wzes7Ps7J61TROIhCLRWFSU6-c4sYCIBIkWKTqmi4SUQ-UibvgTkFJQoeNYMrzF-zG_KZ539MxXO-0h4WjFwcqHbssWhViKFunwtRu21K7zwyurQ0YX6fnhDVvG4fnhxjzV4zcZDxfp68P3jFp3SwFllDLKhhdtbXK3sXREYav7GVvM6GIYLLIoxEb979m3A3gxgB4fkhdg9ex_f-Qfw6opytHDC8avN656491RW4jG1RjrvY_K9dJ1JUYnbV4PkJd7x7fh_IyQb0_BlXvHG8CNd-cbQNoZOfXSU8hy71gm5Pjuc6WygCkh9X_RjacwxT6smEK527D6CQGUxpWrKEf3rri6E5vPqZjTGTnz7E_YbkbOPH0R5ejH5cJuDK-7om2sKz028h52Ywq7NkXV7qPZGsB2-1DNl7D6N7L07DLK0e5VXzhYffCqEmkkWagXWJqxhTCWYiHTMlxQgaAJC5IkCuKjJ7L5FMKfRusHaO0AbT5AWw0w0gfDkKahYoLHeaZVQkMRhtpImqUBpSJTCVr1BazehqpvoapvYd1uo24fwd88-FlllGWxUcqwMMpYzqIkYZSHPJSpDHWkhAkpjyMuk0BrGpmMaxaqiDGuIiFMIiKVpiZNEs0lF4rlIkqESE0Ycc0Tmikdp3kgIxVmQcxSLmjMaJYENGWpUJTHccRSplKacpmpNEwzY3SmqKJhHOs8NlxGOg84Z7HOmMryOIDXA_iGYKx7dIag8wSdIOgsQdcQdOP-ri584Pt7uvCtZMc1OK68n7hmbUfcdc2aKQlEvY1a97u2-szfhmpOT7ZyrydunoRs-omQut-pDsn_5x4YfPNgFevmYJjGkclMojiNcpELqoKAURMIE6uAx3EOb3tYfwrCD7BlZ-T9z5-isjNCHqSQYh--2Iey5yDalyG6SRKkEDeRUWyVD6Vz6742Qtt8c1G5EbTrUTVn0GwOdopDcnZybXX50ZEnP_mawqjH5Dig6h5V3eNT-yvBWnFncs11ZPea6zz56WrV2JHdEnO_Xm9EY_7z_Qdms3O1vnTBb3_3tpqDeXt_1fjmsii1Ldc8-WHZam3qi65Whvxyyd8wcqX1N5fbumyryyvvXLw0qmrjvXXlFMI-eSWAsjNydm9y9BPDv85BVbfgqxOV3hHIiqCwBIU5OReyh__HLE_6HX8Ha_UAormNctRjXPcYFz1EsQ3fnp40Vf34rd_5UUAWg4ksarIri3rO7cEw5yZQlKZJzHiaG8ZDrfIoDTMdC8q5QeNndiWVfwcAAP__dGblVycFAAA=","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STvW8dxRrG5yTRbW5xdQmCIs2RoAAJ2zM7-0kKhAlBgZBYiVEKRDFf6wzes7Ps7J61TROIhCLRWFSU6-c4sYCIBIkWKTqmi4SUQ-UibvgTkFJQoeNYMrzF-zG_KZ539MxXO-0h4WjFwcqHbssWhViKFunwtRu21K7zwyurQ0YX6fnhDVvG4fnhxjzV4zcZDxfp68P3jFp3SwFllDLKhhdtbXK3sXREYav7GVvM6GIYLLIoxEb979m3A3gxgB4fkhdg9ex_f-Qfw6opytHDC8avN656491RW4jG1RjrvY_K9dJ1JUYnbV4PkJd7x7fh_IyQb0_BlXvHG8CNd-cbQNoZOfXSU8hy71gm5Pjuc6WygCkh9X_RjacwxT6smEK527D6CQGUxpWrKEf3rri6E5vPqZjTGTnz7E_YbkbOPH0R5ejH5cJuDK-7om2sKz028h52Ywq7NkXV7qPZGsB2-1DNl7D6N7L07DLK0e5VXzhYffCqEmkkWagXWJqxhTCWYiHTMlxQgaAJC5IkCuKjJ7L5FMKfRusHaO0AbT5AWw0w0gfDkKahYoLHeaZVQkMRhtpImqUBpSJTCVr1BazehqpvoapvYd1uo24fwd88-FlllGWxUcqwMMpYzqIkYZSHPJSpDHWkhAkpjyMuk0BrGpmMaxaqiDGuIiFMIiKVpiZNEs0lF4rlIkqESE0Ycc0Tmikdp3kgIxVmQcxSLmjMaJYENGWpUJTHccRSplKacpmpNEwzY3SmqKJhHOs8NlxGOg84Z7HOmMryOIDXA_iGYKx7dIag8wSdIOgsQdcQdOP-ri584Pt7uvCtZMc1OK68n7hmbUfcdc2aKQlEvY1a97u2-szfhmpOT7ZyrydunoRs-omQut-pDsn_5x4YfPNgFevmYJjGkclMojiNcpELqoKAURMIE6uAx3EOb3tYfwrCD7BlZ-T9z5-isjNCHqSQYh--2Iey5yDalyG6SRKkEDeRUWyVD6Vz6742Qtt8c1G5EbTrUTVn0GwOdopDcnZybXX50ZEnP_mawqjH5Dig6h5V3eNT-yvBWnFncs11ZPea6zz56WrV2JHdEnO_Xm9EY_7z_Qdms3O1vnTBb3_3tpqDeXt_1fjmsii1Ldc8-WHZam3qi65Whvxyyd8wcqX1N5fbumyryyvvXLw0qmrjvXXlFMI-eSWAsjNydm9y9BPDv85BVbfgqxOV3hHIiqCwBIU5OReyh__HLE_6HX8Ha_UAormNctRjXPcYFz1EsQ3fnp40Vf34rd_5UUAWg4ksarIri3rO7cEw5yZQlKZJzHiaG8ZDrfIoDTMdC8q5QeNndiWVfwcAAP__dGblVycFAAA= HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl26390356=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b7557fa6d7e850249ba9d4259e7ae680\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=0ffc6845f7bc73b422b25ec7d3918efd\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:55.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=0ffc6845f7bc73b422b25ec7d3918efd\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5060197214ef5d8b0c64c9fdbe4c985a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":755,"timings":{"blocked":328,"dns":27,"connect":96,"send":0,"wait":95,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/pixel/sbs?c=1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-29240639-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:52.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=UA-29240639-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 27 Dec 2025 19:49:53 GMT\r\nexpires: Sat, 27 Dec 2025 19:49:53 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 111322\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":321460,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"d92fc0b2f36e488fe364fde42b8797b8","sha1":"c141d50ae3e856b2062874718cbb96f496ff9d02","sha256":"b220749a940bb8f4d3ab2d3119e9393226aa8e18c23228f118888d224298fb56","sha512":"a6b87f3d278c3dbcb333ae6256c703e7dd12d6d0885a3d58fce414f53e4ef40fa7b4e899564ef5dd2e9e4f172c3ef9e8fcea2746d1c4d3fc3d3da662aafc96ec","ssdeep":"6144:jIeJ92bulKYv9VGDmHYmyBFzfns1RnWC46pJem:0pbu7lEDnsrWCDpF","tlshash":"f16408c9b3da74268393a474503f118ba27b79d2e84cc895f185ccd42e74aaa4237f7d","first_seen":"2025-12-27T19:50:26.345894Z","last_seen":"2025-12-27T19:50:26.345894Z","times_seen":1,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":77,"dns":0,"connect":7,"send":0,"wait":27,"receive":23,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7e87b1b50814a00f5dd725cbfc28de79\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":314,"dns":25,"connect":92,"send":0,"wait":98,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30189\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bab9a88628b98e0e741fb3f4e76fa7aa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":78866,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"93cf1fc6f567e7cfecb1f07d8553c9dc","sha1":"ead4b096e238638624d3987ed11f487628c9d79c","sha256":"a2ade1133e6dc5ae002fc1712be2001eb1470d8b7f9295bb8f5d57f594ba6097","sha512":"2810d8ac90400ad37c1e6014c3f1be5e4af0c9f30d574fbd9ffdf0ca697eff75f9e020a220a0de4f7b1cdbba40772182c3e7e8726542ba0dfca66f276ed9148d","ssdeep":"1536:k9yUBg8XFOUGFAVTesz3WArOwlNyBv77NzxpQ2jFFwGQjIq:k3B91cgpUhxpJwPIq","tlshash":"b27309487f82b15b5352a073627fd047f0256f1261ecd498d123e6a86f6c33af636b98","first_seen":"2025-12-20T15:52:00.654437Z","last_seen":"2026-01-02T20:42:52.478207Z","times_seen":3,"resource_available":true,"data":null}},"time_used":783,"timings":{"blocked":292,"dns":9,"connect":94,"send":0,"wait":100,"receive":94,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/sbar.json?key=6889db2cfa98184ba1ac566756057db2\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /sbar.json?key=6889db2cfa98184ba1ac566756057db2\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl26390356=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4448\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:58 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nu_pl26543445=1; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nslec6889db2cfa98184ba1ac566756057db2=[5974464]; expires=Sat, 27 Dec 2025 19:50:03 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 125\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6558aa788ab7dea8ead15c12ca1303a1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6382,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"e3c47c8af80446b56984ad136e216834","sha1":"bf89905d039dba96437c055817a5295946dfe449","sha256":"cd28a8cb5ffeca4f91fe267b43f54df34d18c1f36718d82a097b9b9d54fb46cd","sha512":"d02b26d957f0e8d45d967177d692c3b41dcef306a695308a9eeb2b5f371c05aca7346da7b55318f3aa3dd57ad95967114687287685d7b33855e659e9a41e40bb","ssdeep":"192:9z+ab6CEq8W0LmQM40cxBKLjFSWyGNUGporLaD6ZobW:9z0rdbBKtSWyiOLGQobW","tlshash":"46d15ba6f4cd08d71ac21c2993593c7a9c42fd0f6c46ce5c9e6aeeae2552c919a02439","first_seen":"2025-12-27T19:50:26.350271Z","last_seen":"2025-12-27T19:50:26.350271Z","times_seen":1,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 46096\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:17:25 GMT\r\netag: \"68327db5-b410\"\r\nexpires: Mon, 29 Dec 2025 19:49:58 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"ed4f60d20941ae5888b01b01916f2e88","sha1":"e35f9e4ac46b078a6627e153c36fa08b0750f9fc","sha256":"e4092e5b649b52528da0fc6ac5ef1ae0530699d6e0b29c3fa0eb83478c99f5ed","sha512":"55d3bedc530d7c9751dfdf88f78fc55c6dc87c772edafb974240b896bf4dd1ed8cdfc538f8075a31dbd14e5e88b55946a0c81b734bb670c2d639e9900ee76095","ssdeep":"768:CX3yKRSHXnYe/8/geEnPDDO5usUZSEN+wNvQix0UgI4FiOt7ILUaPAWSN8V:eyKRSXdUDEnPfPUENdNoFiDPJ","tlshash":"7423f13625269c94d2599bfc0b3618d4e3e88484a5d68f56af4907c2abc1fc3ccdccb5","first_seen":"2025-06-05T18:59:05.430298Z","last_seen":"2026-01-06T02:07:37.704074Z","times_seen":696,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.1085645090112.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ca85b14d-1891-46ba-9db4-c2a071277526%3A3%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /watch.1085645090112.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ca85b14d-1891-46ba-9db4-c2a071277526%3A3%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nlocation: https://sourshaped.com/watch.1085645090112.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ca85b14d-1891-46ba-9db4-c2a071277526%3A3%3A1\u0026shu=c90196ecce14591f1577103434b8b4d5cae403653b72dd05e93d14c5113c5aae7a5c88e877d3b3ac1fa57aa8e453d3709cd68f2b5c4926183a06109720818ac03665181c8083b9c8489eed9c0c0466df6e3b5df23316d91c9f62\u0026pst=1766865054\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; expires=Sat, 27 Dec 2025 19:50:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cc34cd6cafd1e54acb173f96ce48064c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4703,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":660,"timings":{"blocked":279,"dns":1,"connect":93,"send":0,"wait":98,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/watch.1257052515535.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=1a77c18e7b4f171e1b9e360a3c55b0772c84bcb03ea3a8e66ea6894baea2ba9f5f044492c87f76d08b3e721d68217dc0038ce6fe4f5479f7f6034df3e2fb76c5f01d1ddd4567ee985252d13ced7aa6a19ff94d76919f31c99cb865\u0026pst=1766865054\u0026rmtc=t","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /watch.1257052515535.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=1a77c18e7b4f171e1b9e360a3c55b0772c84bcb03ea3a8e66ea6894baea2ba9f5f044492c87f76d08b3e721d68217dc0038ce6fe4f5479f7f6034df3e2fb76c5f01d1ddd4567ee985252d13ced7aa6a19ff94d76919f31c99cb865\u0026pst=1766865054\u0026rmtc=t HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nReferer: https://reviewbooku.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 3255\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nu_pl26390356=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 6\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 46be1649efcc70ac969c1bf11bb81be0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4583,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3707)","md5":"6b752cc1c4accaf17a3bc634fc1e5ffe","sha1":"ceaae1f39b595a1fde4eda51057dfb6e03a5555e","sha256":"7ef1ef79b639efef7b7ea6c9c6bda2a6b94e88fe0b47b841dfd985f25c78d04f","sha512":"5dc50f6d9208fdad22bac65223d95e0339b581987a123a083f97137c532d60b764406a893f459bb1e9e6b3c181bf32f718ea00c3af8916ad47801449c6fce3aa","ssdeep":"96:IozvhfFqpIiDk+vj2WaXkk/37SE6EeF/ZkRnthAu1ZDYCfMEDaH:RzvOksjVa0k16Ey/6NVYCkCaH","tlshash":"38913ca6ac75a4b444a7f4bf39b7f9082fb1404f1944da807d9de2151f043a60b64efd","first_seen":"2025-12-27T19:50:26.3523Z","last_seen":"2025-12-27T19:50:26.3523Z","times_seen":1,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 27 Dec 2025 19:49:59 GMT\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"0dbacd43fae3b14c321e679cb267d047","sha1":"33e640ec025852283074d3185281e8a3577ad04a","sha256":"107cd370855f9878ec6ca27e8080e84dad37ee7a976f718c9e3c4836827920d9","sha512":"c5907e87be8c340a5143cd3df2ba45b46ab1f5acf5b7a7a02e0124f0e63e05de75d23f451a2dac5f392c7b50916beffac24c24ad7387e98910511f8855dd8a1f","ssdeep":"768:DDSDjDGDUDB4DiLDZD1D5CJmwBUiRDfMTcfFBhiEymDcTYeBai75tdmtC0BQiVPD:I0rAwR","tlshash":"c2c200a1041750009b838ce223cebf35fe1f52517142d0b5abfdab6badcbc66526936d","first_seen":"2025-11-19T01:34:25.529906Z","last_seen":"2026-02-18T16:13:59.230524Z","times_seen":1650,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8-7t3t0uKSJMCAqExOSPUqRA82_t4fZ2lpndW9tQBCJQSkcCCaj2vnex-RNBaEAUSNGZAskSEkflIm7oaJHSgvZ8ksWT5r03-nyL9968-XhYHBAfBd1feVNvqiShS-2m23jhhkqFLm3j0rWG5zbdM40bKu0EZxrrtTODlzw_aLqnG69J3tNLLddzXc_1GueVkbFeX5pRqOx-5DUjtxm0ml47wLr5790WC7DUgRgckJNQYvrEn_FNKD5B2n9wTtperrMXX-0XCc21wUDsXE97qS5T9I_S2DiI0525GtpOCflsATrdmXcAPRjXHYCpKVl4-hFYujMvE2xw77BSlkCmYOL_KAcTyGQCRSfg-jaU-J0AXODSZaT97UvalHTjkNKaTsnxx39DlVNy_NEppP1vlxO13riqkyJXOrVYjyuo9QnU6gRZsYt804Eqd8HzD6HEb2Tp8UWk_fFlm2gosf887bqCUikXgy7tLAYRcxeZ68pFGUYRp5QGrOvPRqTiCah1UNRHOShiB0XmoC_2G4EbBtyjfieOBO-6AQ0CIZkbhS3XpRHvouAfQIktcPPRl5lYy3uDlj_OTSG3i5Tblj_07hdvZ0mr40eu3-4Mve1D1UwzrjVDD5m5hZ7agikewq5VsOIEbD4lzlvvYyAqlJKgtAQlJSgVQZkTlIPqnkhsy1bbIrEF8-axNY9-NdL56pDe0_mqTAmo2YIR1Vhl79rb4Pmx0WZsxUjXjrK8GlEmqmF2QJ6s38L59MR19OR-oxOGkWAtHtMo9MKAUY_ydqfTbXfcdlewFqyqoOzCbIKbakpef-8RMjUl5LsQjO7CJrvg6hnQ4jnQsgJdq7CZPmBa96yRVKh4o8l1H0JXyPLjyDecYXJAnhpdubb8cLYWN08_hOR7Z3_6vLYvwE2FzFR4R_1CsJrcGV3RJRlf0aUl31_OctVXm7Remas5zeWxr9-QG6U24sI5u_XVy7wGdXr_mrT5RZoKla5a8s2yEkKa89pwSX6-YG9ItlLYteXCpEV2ceWV8xf6mZHWKp1OQNWU_K96FlxNycl_7s6-g__Jj-DZLdhs7-wPw786hBBYTcAyB0nNT_2KRB4xyipYuUfmBnaUD-0drBoHNL-NtF9hYCoMkgo02YItjo3yzOyd_cOfGVjijFhinDFLTHL3cFZW7TdiX7a464bdjueHsfT8QPC4HQaR6FDX9yVyO1UrYfxvAAAA__-7KS9VtQQAAA==","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8-7t3t0uKSJMCAqExOSPUqRA82_t4fZ2lpndW9tQBCJQSkcCCaj2vnex-RNBaEAUSNGZAskSEkflIm7oaJHSgvZ8ksWT5r03-nyL9968-XhYHBAfBd1feVNvqiShS-2m23jhhkqFLm3j0rWG5zbdM40bKu0EZxrrtTODlzw_aLqnG69J3tNLLddzXc_1GueVkbFeX5pRqOx-5DUjtxm0ml47wLr5790WC7DUgRgckJNQYvrEn_FNKD5B2n9wTtperrMXX-0XCc21wUDsXE97qS5T9I_S2DiI0525GtpOCflsATrdmXcAPRjXHYCpKVl4-hFYujMvE2xw77BSlkCmYOL_KAcTyGQCRSfg-jaU-J0AXODSZaT97UvalHTjkNKaTsnxx39DlVNy_NEppP1vlxO13riqkyJXOrVYjyuo9QnU6gRZsYt804Eqd8HzD6HEb2Tp8UWk_fFlm2gosf887bqCUikXgy7tLAYRcxeZ68pFGUYRp5QGrOvPRqTiCah1UNRHOShiB0XmoC_2G4EbBtyjfieOBO-6AQ0CIZkbhS3XpRHvouAfQIktcPPRl5lYy3uDlj_OTSG3i5Tblj_07hdvZ0mr40eu3-4Mve1D1UwzrjVDD5m5hZ7agikewq5VsOIEbD4lzlvvYyAqlJKgtAQlJSgVQZkTlIPqnkhsy1bbIrEF8-axNY9-NdL56pDe0_mqTAmo2YIR1Vhl79rb4Pmx0WZsxUjXjrK8GlEmqmF2QJ6s38L59MR19OR-oxOGkWAtHtMo9MKAUY_ydqfTbXfcdlewFqyqoOzCbIKbakpef-8RMjUl5LsQjO7CJrvg6hnQ4jnQsgJdq7CZPmBa96yRVKh4o8l1H0JXyPLjyDecYXJAnhpdubb8cLYWN08_hOR7Z3_6vLYvwE2FzFR4R_1CsJrcGV3RJRlf0aUl31_OctVXm7Remas5zeWxr9-QG6U24sI5u_XVy7wGdXr_mrT5RZoKla5a8s2yEkKa89pwSX6-YG9ItlLYteXCpEV2ceWV8xf6mZHWKp1OQNWU_K96FlxNycl_7s6-g__Jj-DZLdhs7-wPw786hBBYTcAyB0nNT_2KRB4xyipYuUfmBnaUD-0drBoHNL-NtF9hYCoMkgo02YItjo3yzOyd_cOfGVjijFhinDFLTHL3cFZW7TdiX7a464bdjueHsfT8QPC4HQaR6FDX9yVyO1UrYfxvAAAA__-7KS9VtQQAAA== HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+cd8ae97e1ba3ff061b966d37687f2f89=5974464; expires=Sun, 28 Dec 2025 19:49:59 GMT; path=/; secure; SameSite=None\niprc_l:5974464=1; expires=Sun, 28 Dec 2025 19:49:59 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 37a20c8df35d0aceb0f795a355bd086c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a580c42477d523353fa918a0d83699c6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87019\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 18 Feb 2024 15:31:21 GMT\r\netag: \"65d222c9-153eb\"\r\nexpires: Mon, 29 Dec 2025 19:49:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87019,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:10:10], progressive, precision 8, 300x250, components 3","md5":"18c244854d43934c150dd0ca6b68a93b","sha1":"56638de980812f54155699186dd04b19c29ebfd0","sha256":"82951572f360d99180c429e813caf341dc5456524cbf0ec4c4f85dc9e4a9c3fa","sha512":"afd573c454a501f753476528c736a88ff91e2aaedd58c788c5847976fba623e6a53164a676e6d290e7be3b87e6afca9673fa2bbf8dd2a68165e054d2fc894827","ssdeep":"1536:rrKErKGouORuSf5PmqKoZ0znyFjq7yXe27x5VjboAzopwnsJ2ydc2e:S3xuOR9fBHlgVQx5VjUApnD/","tlshash":"1983f1663e86dec1f8c187b61c52da0d525aecb981f31b0bfc3e29107775681bd68063","first_seen":"2024-02-20T22:24:35Z","last_seen":"2026-05-19T08:00:14.346534Z","times_seen":987,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/sbar.json?key=6889db2cfa98184ba1ac566756057db2\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /sbar.json?key=6889db2cfa98184ba1ac566756057db2\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl26390356=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4463\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:58 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nu_pl26543445=1; expires=Sun, 28 Dec 2025 19:49:58 GMT; path=/; secure; SameSite=None\nslec6889db2cfa98184ba1ac566756057db2=[5974464]; expires=Sat, 27 Dec 2025 19:50:03 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 129\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e5961e9df0c4525aca33eccca56ddd79\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6382,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"c7a43e37b2f313430744b04d156a9119","sha1":"d09992f652ae327295a4720296a4fdb2c573e98d","sha256":"519c4e3a126295b830b2bf03c0d58341f6a503ddea4a17d6cd67b28a6851b791","sha512":"d6ce83e6a145e6343d2799f4f6230eb0ac0e1be3ab2ff1f5b9f59524691c982abc7c4fa9ace8c9908a32b1d7de89017bd84552a3407fac2b7d009e99b0c43652","ssdeep":"192:9z+ab6CEq8W0LmQM40cxBKL/DDwdGGporLaD6ZobW:9z0rdbBKbDcsLGQobW","tlshash":"b4d16dbaf6c858870ac30c25634d3c7a8c02fa0fad07995c8d6beb6e1666c91a10757d","first_seen":"2025-12-27T19:50:26.355565Z","last_seen":"2025-12-27T19:50:26.355565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 18:32:18 GMT","end":"Fri, 06 Mar 2026 19:30:50 GMT"},"fingerprint":{"sha1":"9A:CB:17:6D:8B:24:6D:0F:99:B5:FD:4A:00:CB:D3:DE:2B:8E:84:93","sha256":"3B:72:94:40:4C:CD:DE:97:5A:DF:6C:E1:90:81:0D:BF:33:9E:10:3C:16:3A:61:15:FF:65:B0:6B:5D:34:32:21"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=smAB7McjnsCnP1DilY38jFcmVdfI6%2FratvP1soMZy2EiSBESSNs644Sv%2B0npDKPugCmVZFqlpZA2aZO4mpxivRExof3Q69RUbK5ANfOGBA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b4b58218b4e1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":25,"dns":5,"connect":1,"send":0,"wait":526,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 18:32:18 GMT","end":"Fri, 06 Mar 2026 19:30:50 GMT"},"fingerprint":{"sha1":"9A:CB:17:6D:8B:24:6D:0F:99:B5:FD:4A:00:CB:D3:DE:2B:8E:84:93","sha256":"3B:72:94:40:4C:CD:DE:97:5A:DF:6C:E1:90:81:0D:BF:33:9E:10:3C:16:3A:61:15:FF:65:B0:6B:5D:34:32:21"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wELnldX7gwsfpzY%2FhZnfP1B10OvUHr9JMi%2Bs%2BcSr2AFxW%2BbwtPZ%2F2JaiLB%2F6i%2FZ6ZYccdDTCDIhr322whsHugjVgN2XJF2IHROglQ7q4qQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b4b58218b501ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":22,"dns":2,"connect":1,"send":0,"wait":524,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.1038217876800.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /watch.1038217876800.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nlocation: https://sourshaped.com/watch.1038217876800.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=5523d3edb6db0c8667bf121f30403026a2fceee7a5333e931af9c824eb2cf455ea5d4d007ee87f393378f5eb3bc39d8d1190bbdbafb3f4f55841926447ff425c44f517c354ed11208c865723b6d57324572bb1949716543786ba44\u0026pst=1766865054\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; expires=Sat, 27 Dec 2025 19:50:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a020bbcae249d63230badf0879c76d59\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4530,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":662,"timings":{"blocked":280,"dns":1,"connect":95,"send":0,"wait":96,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6e/e8/bb/6ee8bbd47df94580c59d30192b3e3986/1755792846.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/6e/e8/bb/6ee8bbd47df94580c59d30192b3e3986/1755792846.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56175\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 21 Aug 2025 16:14:06 GMT\r\netag: \"68a745ce-db6f\"\r\nexpires: Mon, 29 Dec 2025 19:49:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56175,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:02:16 18:27:24], baseline, precision 8, 728x90, components 3","md5":"234d080e0ed545d0eb9da1f326943a46","sha1":"483c3e817fcad049e3b46fa237cc4330056c96f4","sha256":"7c3e30925daff2cfb25cf7187dbbb2fa91ded312be5252b9d8f584f21053d4fb","sha512":"6837094e4cb540b6e1970f2b60dcf8282b595fe7ba8c821f261be1d5af7d2c7c58f1395e454ac65d76d463e3da7f36d87863aacb9b8c596f5c1bd7048dfc351a","ssdeep":"768:ZoWOiWoWE3UfIu2Y6I2tbbGJ2tAtA0vQuxfydBAB8ZCrU8htqmEZUZdVv3qrqy4G:Zo/ozk/E8JZtA0Po2VbGm3Vv3dtiXni8","tlshash":"5043ad257a608e51e8c8353a81fcd856e3f30ed45e37a78e7fac5e043f649498c98297","first_seen":"2023-11-28T04:56:50Z","last_seen":"2026-05-19T08:00:14.354481Z","times_seen":317,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:18:00 GMT\r\netag: \"68327dd8-3b2f\"\r\nexpires: Mon, 29 Dec 2025 19:49:59 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/865e9e7c305fafa0c2210e2ae6c2366f/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:52.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veintones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 22:51:09 GMT","end":"Fri, 20 Mar 2026 22:51:08 GMT"},"fingerprint":{"sha1":"4D:7F:9C:CE:A0:E9:D6:F0:B3:A4:37:54:B5:59:91:60:F1:05:70:22","sha256":"83:ED:45:57:55:D9:14:C6:80:64:C8:69:3D:43:65:1F:B6:09:DD:EF:11:05:33:DD:CF:FC:2D:D2:27:47:6B:B9"}}},"request":{"raw":"GET /865e9e7c305fafa0c2210e2ae6c2366f/invoke.js HTTP/1.1\r\nHost: veintones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18540\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: veintones.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7868581c441db4717a1b23e4d4b8c6bf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46298,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46298), with no line terminators","md5":"96f2caecacb2f82667971c28eda79aa8","sha1":"45984adcc4b6d4246ab0e641dffd26ecd0d98692","sha256":"3ce663a76af8d3524ca56ffa6cc7fa22010bdb8350ebc2340e6f5321dc96931f","sha512":"dba24e90297a7a21d1b16c15cedacc6b50b961a411435b70249091774bd506a9558e9c06abdb4e76160ad8f734565b67eef8df3606ee26f61a714bf051526368","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0RpsYeLvLoK12G6FYc0Cjhwf:dB2EV+aMHLQTwkf0wLDLoK12tFYNoU","tlshash":"6123fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","first_seen":"2025-12-17T15:15:43.74806Z","last_seen":"2025-12-27T19:50:26.36097Z","times_seen":9,"resource_available":true,"data":null}},"time_used":842,"timings":{"blocked":325,"dns":46,"connect":92,"send":0,"wait":97,"receive":92,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/68/89/db/6889db2cfa98184ba1ac566756057db2.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /68/89/db/6889db2cfa98184ba1ac566756057db2.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30220\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 78f172d52939367caca243cc9b975b49\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":78839,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"cfa81b5f144de36e7307861c03f8cc3c","sha1":"30fb6c5d550499323ad8bb34096df1296e57284d","sha256":"310dbf8673d5a9e7e5ac5aa2bf22ff094cf6f339b97a10dc85bf749d3e0293e7","sha512":"7cd3dc4cc4713be17bb9d836200034e0e1823031c0a8e3c63a9045381ab9e50b22161b11f8021840e3a27837a907ed4069511a073eb6bdc729b57d8caf5ec08a","ssdeep":"1536:L9yUBg8XFOUGQAVTesz3WArOwlNyBv77NzxpQ2jFFwfEjIi:L3B91crpUhxpJwKIi","tlshash":"7b7309487f42b15b5352a073626fd047f0256f1261ecd498d123e6e86f6c33af63ab98","first_seen":"2025-12-27T07:30:42.785662Z","last_seen":"2025-12-27T19:50:26.361735Z","times_seen":2,"resource_available":true,"data":null}},"time_used":779,"timings":{"blocked":295,"dns":9,"connect":92,"send":0,"wait":96,"receive":92,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/watch.232424690109.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=ba0dba27e48c9744930f4d569ed6c4c455e4ac6eb2bee21ee067b981718a728664c9b6ea624717ffbf53b4497d86779cb4740a7296dbeb06a25f895ea99fe17cfeef8505022ab09dc46052e8d8dad860c850e0e4e6c8db697151\u0026pst=1766865054\u0026rmtc=t","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /watch.232424690109.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=ba0dba27e48c9744930f4d569ed6c4c455e4ac6eb2bee21ee067b981718a728664c9b6ea624717ffbf53b4497d86779cb4740a7296dbeb06a25f895ea99fe17cfeef8505022ab09dc46052e8d8dad860c850e0e4e6c8db697151\u0026pst=1766865054\u0026rmtc=t HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nReferer: https://reviewbooku.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 3266\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nu_pl18149249=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 5\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9f73d9dee3c680e07ad5db713310a4be\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4719,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3843)","md5":"292aa60f79f5e7f595ac8399ed92bd69","sha1":"b0b55a8b3e48bef59be2a94fab1566f3ceb41a74","sha256":"bad3cd33eb120b6d2a7d4890da3938da2a899d8c2b2f19b102a3f0d06c9c4542","sha512":"3d99e89a8f4491b5a3c2091043f27e2c6f423506c31948e675e45f1bf827eb5a1054445706dbbe8ae47999da878f7f14953a161ad27dd126b944ca439a7dc784","ssdeep":"96:cN/0ozVnYOdT+UTtxkxz+G3Tk/A+TdiypeAhdop/1ZDICfMEDaH:kz6CT+uVG3TkbdOLVICkCaH","tlshash":"52a13baa6e6944b8a413607f0536764ceb91420f9600ce0a7d8cc875af20bed1d2cdfc","first_seen":"2025-12-27T19:50:26.363403Z","last_seen":"2025-12-27T19:50:26.363403Z","times_seen":1,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://reviewbooku.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Tue, 25 Dec 2035 19:49:53 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3e2e52bf83c5c2afebfe1edeead45e7e","sha1":"7118599ebdfcd165ecd3052bdcdefd5cd5825c95","sha256":"397c43f6d7a271758401b799e6b77d6c7aec58e632f02246aaed26293e3cc2aa","sha512":"ff84d4a0800c37ac33e086b3bf729f02407ce416c02e6dc60a1999648db798609393b6e9f4769d663f48fe94c097f94847d2439d5be2594304eed9454cc25932","ssdeep":"","tlshash":"10900400d5111d0555f0430504701403113c4117fc30f1c1cd10fc11f40017013df545","first_seen":"2025-12-27T19:50:26.36467Z","last_seen":"2025-12-27T19:50:26.36467Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ef426c9c5e666d98d9bf16e0968834d5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":119,"dns":33,"connect":17,"send":0,"wait":21,"receive":18,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 18:32:18 GMT","end":"Fri, 06 Mar 2026 19:30:50 GMT"},"fingerprint":{"sha1":"9A:CB:17:6D:8B:24:6D:0F:99:B5:FD:4A:00:CB:D3:DE:2B:8E:84:93","sha256":"3B:72:94:40:4C:CD:DE:97:5A:DF:6C:E1:90:81:0D:BF:33:9E:10:3C:16:3A:61:15:FF:65:B0:6B:5D:34:32:21"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JKHZ9Dbk%2FEWpv7UYTTdCjc8jhgfwYnCIo55xMBqP92g%2Fi7HloPetFycLtuJEq%2BPcf5uMjk%2Fkzw3GUWW8Ctxa5u%2Bt4NW9XeWW5YSCp1QZCg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b4b58217b3c1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":28,"dns":5,"connect":1,"send":0,"wait":151,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 3243413\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Uy%2FVtg6NvAgjuB5QV8bwTld2XjjkGpYbLIysVwEXysmPKC9ZEOk%2FKkd9iy5gMhfd61uQFWKP4MeRxPi8aaNQEeAwYkm0SJgryrCPM4%2BhnU%3D\"}]}\r\ncf-ray: 9b4b58259fe90731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-05-20T02:24:33.040895Z","times_seen":9307,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/impr.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8-7t3t0uKSJMCAqExOSPUqRA82_t4fZ2lpndW9tQBCJQSkcCCaj2vnex-RNBaEAUSNGZAskSEkflIm7oaJHSgvZ8ksWT9r237zPFe9958_GwOCA-Crq_8qbeVElCl9pNt_HCDZUKXdrGpWsNz226Zxo3VNoJzjTWa2cGL3l-0HRPN16TvKeXWq7nup7rNc4rI2O9vjSjUNn9yGtGbjNoNb12gHXz339bLMBSB2JwQE5CiekTf8Y3ofgEaf_BOWl7uc5efLVfJDTXBgOxcz3tpbpM0T9KY-MgTnfmp6HtlJDPFqDTnfkE0INxPQGYmpKFpx-BpTvzNsEG9w47ZQlkCib-j3IwgUwmUHQCrm9Did8JwAUuXUba376kTUk3Dimt6ZQcf_w3VDklxx-dQtr_djlR642rOilypVOL9biCWp9ArU6QFbvINx2ochc8_xBK_EaWHl9E2h9ftomGEvvP064rKJVyMejSzmIQMXeRua5clGEUcUppwLr-TCIVT0Ctg6L-lIMidlBkDvpivxG4YcA96nfiSPCuG9AgEJK5UdhyXRrxLgr-AZTYAjcfbWdiLe8Nxrkp5LhIuR16Xx6WWv6suF0XW_7Qu1-8nSWtjh-5frsz9JCZW-ipLZjiIexaBStOwOZT4rz1PgaiQikJSktQUoJSEZQ5QTmo7onEtmy1LRJbMG8eW_PoVyOdrw7pPZ2vypSAmi0YUY1V9q69DZ4fG23GVox07SjLqxFlohpmB-TJ-i6cT09cR0_uNzphGAnW4jGNQi8MGPUob3c63XbHbXcFa8GqCsouzBTcVFPy-nuPkKkpId-FYHQXNtkFV8-AFs-BlhXoWoXN9AHTumeNpELFG02u-xC6QpYfR77hDJMD8tToyrXlh7O1uHn6ISTfO_vT57V9AW4qZKbCO-oXgtXkzuiKLsn4ii4t-f5ylqu-2qT1ylzNaS6Pff2G3Ci1ERfO2a2vXuY1qNP716TNL9JUqHTVkm-WlRDSnNeGS_LzBXtDspXCri0XJi2yiyuvnL_Qz4y0Vul0Aqqm5H_Vs-BqSk7-c3f2HPxPfgTPbsFme2d_GP7VIYTAagKWOUhqfupXJPKIUVbByj0yN7CjfGjvYNU4oPltpP0KA1NhkFSgyRZscWyUZ2bv7B_-zMASZ8QS44xZYpK7h1pZtd-Ifdnirht2O54fxtLzA8HjdhhEokNd35fI7VSthPG_AQAA__92eBC2tQQAAA==","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8-7t3t0uKSJMCAqExOSPUqRA82_t4fZ2lpndW9tQBCJQSkcCCaj2vnex-RNBaEAUSNGZAskSEkflIm7oaJHSgvZ8ksWT9r237zPFe9958_GwOCA-Crq_8qbeVElCl9pNt_HCDZUKXdrGpWsNz226Zxo3VNoJzjTWa2cGL3l-0HRPN16TvKeXWq7nup7rNc4rI2O9vjSjUNn9yGtGbjNoNb12gHXz339bLMBSB2JwQE5CiekTf8Y3ofgEaf_BOWl7uc5efLVfJDTXBgOxcz3tpbpM0T9KY-MgTnfmp6HtlJDPFqDTnfkE0INxPQGYmpKFpx-BpTvzNsEG9w47ZQlkCib-j3IwgUwmUHQCrm9Did8JwAUuXUba376kTUk3Dimt6ZQcf_w3VDklxx-dQtr_djlR642rOilypVOL9biCWp9ArU6QFbvINx2ochc8_xBK_EaWHl9E2h9ftomGEvvP064rKJVyMejSzmIQMXeRua5clGEUcUppwLr-TCIVT0Ctg6L-lIMidlBkDvpivxG4YcA96nfiSPCuG9AgEJK5UdhyXRrxLgr-AZTYAjcfbWdiLe8Nxrkp5LhIuR16Xx6WWv6suF0XW_7Qu1-8nSWtjh-5frsz9JCZW-ipLZjiIexaBStOwOZT4rz1PgaiQikJSktQUoJSEZQ5QTmo7onEtmy1LRJbMG8eW_PoVyOdrw7pPZ2vypSAmi0YUY1V9q69DZ4fG23GVox07SjLqxFlohpmB-TJ-i6cT09cR0_uNzphGAnW4jGNQi8MGPUob3c63XbHbXcFa8GqCsouzBTcVFPy-nuPkKkpId-FYHQXNtkFV8-AFs-BlhXoWoXN9AHTumeNpELFG02u-xC6QpYfR77hDJMD8tToyrXlh7O1uHn6ISTfO_vT57V9AW4qZKbCO-oXgtXkzuiKLsn4ii4t-f5ylqu-2qT1ylzNaS6Pff2G3Ci1ERfO2a2vXuY1qNP716TNL9JUqHTVkm-WlRDSnNeGS_LzBXtDspXCri0XJi2yiyuvnL_Qz4y0Vul0Aqqm5H_Vs-BqSk7-c3f2HPxPfgTPbsFme2d_GP7VIYTAagKWOUhqfupXJPKIUVbByj0yN7CjfGjvYNU4oPltpP0KA1NhkFSgyRZscWyUZ2bv7B_-zMASZ8QS44xZYpK7h1pZtd-Ifdnirht2O54fxtLzA8HjdhhEokNd35fI7VSthPG_AQAA__92eBC2tQQAAA== HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 826d5bb29cddc1271d73f2665d50cea9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/favicon.ico","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reviewbooku.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 21:16:33 GMT","end":"Wed, 25 Mar 2026 22:12:58 GMT"},"fingerprint":{"sha1":"A8:24:0D:8B:BD:5E:E8:4D:C7:7E:27:A3:AC:7B:43:C5:97:03:44:B7","sha256":"2F:40:B8:AD:27:AC:E8:0F:A6:B2:7F:FA:0B:80:D1:9C:F7:08:CD:26:A5:63:BB:02:F6:57:33:E8:23:AD:DB:31"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: reviewbooku.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1; _ga_GYJTXFLTL3=GS2.1.s1766864994$o1$g0$t1766864994$j60$l0$h0; _ga=GA1.1.748816457.1766864994; sb_main_6889db2cfa98184ba1ac566756057db2=1; sb_idelay_6889db2cfa98184ba1ac566756057db2=1; pp_idelay_f2165c39ed56aac89d03ea06728c3ca8=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=iso-8859-1\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d6vzBD6yOrCC01EdeNTCXK2JUB2UA1A%2ByjJ2cfGVI0jrR5K13H2JPXuJ7PComMgOXvaUalxMUjXXTeA0hznEauArG6ffl2ON6oyByh0%3D\"}]}\r\ncf-ray: 9b4b58088d0b569f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":277,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"3482f13c727d616ea5d65f0092565fbf","sha1":"42a9fff77e6018490eb87df680ab97d2994f8762","sha256":"f19cb99e0c7b43e3110073e5cc04ea56d7f1c7956ecd1f16ae7d052e35d3418a","sha512":"92d38caa31f3224be8194acede841a74f9b6d37736b74f9fa183fe5064993a1c08d6fc743683ad56cbb230d9117dd378d13a567bafc4655f119c260a77baa735","ssdeep":"","tlshash":"c1d02b9f5053a38b0d13156039c565c2274c23eaa82a89e86d86d497529853ecddbacc","first_seen":"2025-11-03T23:58:09.144716Z","last_seen":"2026-05-19T08:00:14.352327Z","times_seen":45,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"reviewbooku.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:18:00 GMT\r\netag: \"68327dd8-3b2f\"\r\nexpires: Mon, 29 Dec 2025 19:49:58 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.1038217876800.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=5523d3edb6db0c8667bf121f30403026a2fceee7a5333e931af9c824eb2cf455ea5d4d007ee87f393378f5eb3bc39d8d1190bbdbafb3f4f55841926447ff425c44f517c354ed11208c865723b6d57324572bb1949716543786ba44\u0026pst=1766865054\u0026rmtc=t","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /watch.1038217876800.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=5523d3edb6db0c8667bf121f30403026a2fceee7a5333e931af9c824eb2cf455ea5d4d007ee87f393378f5eb3bc39d8d1190bbdbafb3f4f55841926447ff425c44f517c354ed11208c865723b6d57324572bb1949716543786ba44\u0026pst=1766865054\u0026rmtc=t HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nReferer: https://reviewbooku.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 2214\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; expires=Sat, 03 Jan 2026 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nu_pl26390356=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 21\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a9b7d78cac1c56a8299462ad1824fdf8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4530,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3654)","md5":"447d5a737e6c69c670f9f3943c57ee8b","sha1":"939c5173faf213bfab673370e76b80e6365f9d8c","sha256":"2f094279778f4bd9fb24f084d9e2c68b46e58ad94d282fe06031e5d451634bb2","sha512":"389c2ca896e1494477ffec49f9e321da6c912fbb5ab78cd62392148703362dc09aa0e792c1ab3e89f32ada69f007862974675eae32905a1d7561a9aa3b547ac5","ssdeep":"96:zozzfYO1KEImT4i7n4k/r1KEImT4i7nl6Z1ZDYCfMEDaH:kzwZC4koZCl6zVYCkCaH","tlshash":"37913ba2eda61c70396954ff852b680c3d82520f6909df94fc8eed447f046e20cb8e5d","first_seen":"2025-12-27T19:50:26.369839Z","last_seen":"2025-12-27T19:50:26.369839Z","times_seen":1,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/watch.1257052515535.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /watch.1257052515535.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nlocation: https://realizationnewestfangs.com/watch.1257052515535.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73%3A1%3A1\u0026shu=1a77c18e7b4f171e1b9e360a3c55b0772c84bcb03ea3a8e66ea6894baea2ba9f5f044492c87f76d08b3e721d68217dc0038ce6fe4f5479f7f6034df3e2fb76c5f01d1ddd4567ee985252d13ced7aa6a19ff94d76919f31c99cb865\u0026pst=1766865054\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; expires=Sat, 27 Dec 2025 19:50:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6e366baa288cf3cf1b1850310c95b840\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4583,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":747,"timings":{"blocked":323,"dns":24,"connect":95,"send":0,"wait":96,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RTPWwcRRSeTQINBYJE1CdBESR8nt2d_SMFwoSgiJBYSVAKRDF_aw_e21l2dm8dVwmRUCQal5Tr75xYgMWPRIsUnekiIeWoXMQNFRUFUgoqdM5JhifNe9-bb4rvzXzz5U57REK0_HD1I7tlioIvR0M6OH_LlMp2bnD15sCnQ3phcMuUMbsw2Jynevy2H7IhfXPwgZYbdjmgPqU-9QeXTK1zu7l8zMJU-5k_zOiQBUM_Ytis_9-71oPjHtT4iLwKo2Yv_5F_AiOnKEc_XtRuo7HVW--P2oI3tsZY7X1cbpS2KzE6gXntIS_3Fqdh3YyQr0_BlnuLCWDHu_MJIMyMnHrtKUS5t5AJMX7wXKkooEsI9RK68RS6OIDhU0h7D0Y9IYBUuHoN5ejhVVt3_PZzls_ZGTnz7G-YbkbOPD2HcvT9SmE2Bzds0TbGlg6beQ-zOYVZm6JqD9BseTDdAWTzBYz6jSw_u4JytHvNFRZGHb7BE6o413qJJTxeYpmgS4JSvaTTLJOccyaS8PiKTD4Fdx7a-TIe2txDW3kYqcMBoymTPg_jPFMyoYwzprSgWRpQyjOZoJV3YdQ2ZH0HVX0HG2YbdfsIbv3wZ8GpEjxINEtlljCWhTRnKoozrWLJJIsizbiMtQiE1oGvNY0TkaV-4qc8CdI4ZjITseZxwBI_yXORR6FgLEtUGidJJgVLGOVJkMVKaEFjHkR5mkWaZ1mu_UTmWudpRCMaBFzQTEkW0yjQqUoVV2lMZRpRTTXTsUyViLPEj3w45cE1BGPVo9MEnSPoOEFnCLqGoBv3D1ThAtc_VIVrhb-owaKG_cQ2azv8gW3WdEnA623Uqt811efuHmRzerKVOzWx88RF00-4UP1OdURemXvAO_fXXWzow4Gf-DEVOhRBRHUUh1mS6URmMVfUV0ESw5kexp06frktMyODPxNUZkbIDykEP4ArDiDNafD2BfBuElIKvj4JIoqtcr_R9ahVfH0o7QjK9qiaM2huezvFETk7uX5z5dGxIT_96jy0fEwWAVn3qOoen5lfCdaK-5PrtiO7123nyE_XqsaMzBafm_VGwxv94rcf6tudrdXli277m3flnJjD_ZvaNVd4qUy55sh3K0YpXV-ytdTkl8vulharrVtfaeuyra6svnfp8qiqtXPGllNw8-T1ANLMyNm9yfE3ZP-chazuwFUnKp0lEBVBYQgKfbLPRQ_3n16c4B13H2u1B97cQznqMa57jIsevNiGa09Pmqp-_M7v4XFAFN5EFDXZFUU9583hIA91IClNk9gP01z7IVMyj1KWqZjTMNRo3MyspuLfAAAA___ZFx_KJAUAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPWwcRRSeTQINBYJE1CdBESR8nt2d_SMFwoSgiJBYSVAKRDF_aw_e21l2dm8dVwmRUCQal5Tr75xYgMWPRIsUnekiIeWoXMQNFRUFUgoqdM5JhifNe9-bb4rvzXzz5U57REK0_HD1I7tlioIvR0M6OH_LlMp2bnD15sCnQ3phcMuUMbsw2Jynevy2H7IhfXPwgZYbdjmgPqU-9QeXTK1zu7l8zMJU-5k_zOiQBUM_Ytis_9-71oPjHtT4iLwKo2Yv_5F_AiOnKEc_XtRuo7HVW--P2oI3tsZY7X1cbpS2KzE6gXntIS_3Fqdh3YyQr0_BlnuLCWDHu_MJIMyMnHrtKUS5t5AJMX7wXKkooEsI9RK68RS6OIDhU0h7D0Y9IYBUuHoN5ejhVVt3_PZzls_ZGTnz7G-YbkbOPD2HcvT9SmE2Bzds0TbGlg6beQ-zOYVZm6JqD9BseTDdAWTzBYz6jSw_u4JytHvNFRZGHb7BE6o413qJJTxeYpmgS4JSvaTTLJOccyaS8PiKTD4Fdx7a-TIe2txDW3kYqcMBoymTPg_jPFMyoYwzprSgWRpQyjOZoJV3YdQ2ZH0HVX0HG2YbdfsIbv3wZ8GpEjxINEtlljCWhTRnKoozrWLJJIsizbiMtQiE1oGvNY0TkaV-4qc8CdI4ZjITseZxwBI_yXORR6FgLEtUGidJJgVLGOVJkMVKaEFjHkR5mkWaZ1mu_UTmWudpRCMaBFzQTEkW0yjQqUoVV2lMZRpRTTXTsUyViLPEj3w45cE1BGPVo9MEnSPoOEFnCLqGoBv3D1ThAtc_VIVrhb-owaKG_cQ2azv8gW3WdEnA623Uqt811efuHmRzerKVOzWx88RF00-4UP1OdURemXvAO_fXXWzow4Gf-DEVOhRBRHUUh1mS6URmMVfUV0ESw5kexp06frktMyODPxNUZkbIDykEP4ArDiDNafD2BfBuElIKvj4JIoqtcr_R9ahVfH0o7QjK9qiaM2huezvFETk7uX5z5dGxIT_96jy0fEwWAVn3qOoen5lfCdaK-5PrtiO7123nyE_XqsaMzBafm_VGwxv94rcf6tudrdXli277m3flnJjD_ZvaNVd4qUy55sh3K0YpXV-ytdTkl8vulharrVtfaeuyra6svnfp8qiqtXPGllNw8-T1ANLMyNm9yfE3ZP-chazuwFUnKp0lEBVBYQgKfbLPRQ_3n16c4B13H2u1B97cQznqMa57jIsevNiGa09Pmqp-_M7v4XFAFN5EFDXZFUU9583hIA91IClNk9gP01z7IVMyj1KWqZjTMNRo3MyspuLfAAAA___ZFx_KJAUAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl18149249=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7da77324844ac03b0ab19673dc4e7ac7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=39","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=39 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=192","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=192 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 260939\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=16yPuBCIFA4sfP89Vflw31RxHySV1eXQIdTMBNTFAb9FgF97ORwP1DWqa7TzZzllOrrE3WW5cDZ%2BDu6kAYJ5uIEfIhkYoEdrji5%2BmSoHUeU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b4b5824ffdb0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=f2165c39ed56aac89d03ea06728c3ca8\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:55.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=f2165c39ed56aac89d03ea06728c3ca8\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 0\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3e179bf38b545af3bff7aac9e1018030\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":314,"dns":26,"connect":91,"send":0,"wait":93,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://reviewbooku.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=ca85b14d-1891-46ba-9db4-c2a071277526:3:1; expires=Tue, 25 Dec 2035 19:49:53 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9e6eb43d8e6e9d349e92ce2b10ca74ea","sha1":"9b7d22b62f1ec563c70c9222c40bcbf84f5742c2","sha256":"ef5e33ba5ff572a0c71b9768e249ce02292797f852af73d328f0dab939eb314f","sha512":"5fb2de553c6b08a894cd96c2ba344c80bace9ecfeae9b1ffa8db99d412361acdaaa7250d0abc030800093f5e608da8199bc78a30a92b6c7d3e5cae38befda2bc","ssdeep":"","tlshash":"639002b93943965900c8164c18461025140449c1681a005124708204c660020ca70a36","first_seen":"2025-12-27T19:50:26.371385Z","last_seen":"2025-12-27T19:50:26.371385Z","times_seen":1,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":141,"dns":42,"connect":21,"send":0,"wait":22,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:14:37 GMT","end":"Wed, 28 Jan 2026 01:14:36 GMT"},"fingerprint":{"sha1":"5A:67:AA:88:D5:BE:C4:00:42:86:CC:4E:FC:E7:73:FE:CB:85:71:60","sha256":"F5:6C:A4:39:AC:04:F6:11:7E:DB:94:93:4C:93:FC:EC:A2:B4:4E:A4:FE:19:8E:22:C0:D8:D4:84:67:37:70:C0"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4df9344aaf44686eb103fa6d00875101\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":51,"dns":26,"connect":17,"send":0,"wait":18,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.675783909317.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=98300d0e-627a-4a45-9bdd-dad1e335463a%3A2%3A1\u0026shu=153ad567c5b136de62fe2e4c2f262a81e1f53e8fe08317c2ef8d485cc4773db34d600e174773af7ad3796110cd2808a02125d10ae6b2ea7a0d1bfc7f993e7129316c9d711d3c36e5ffb09e1318f4b8a3c4322e26a909272887ee\u0026pst=1766865054\u0026rmtc=t","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /watch.675783909317.js?key=17160be3b250e563979e7c96ad01d276\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=98300d0e-627a-4a45-9bdd-dad1e335463a%3A2%3A1\u0026shu=153ad567c5b136de62fe2e4c2f262a81e1f53e8fe08317c2ef8d485cc4773db34d600e174773af7ad3796110cd2808a02125d10ae6b2ea7a0d1bfc7f993e7129316c9d711d3c36e5ffb09e1318f4b8a3c4322e26a909272887ee\u0026pst=1766865054\u0026rmtc=t HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nReferer: https://reviewbooku.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 2216\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=98300d0e-627a-4a45-9bdd-dad1e335463a:2:1; expires=Sat, 03 Jan 2026 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nu_pl18149249=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 14\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a264c94a546a0387bd8cfeabdf1222a6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4542,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3666)","md5":"79805da2d0e123c6369db5ecc70cef23","sha1":"5d11d5ad3b9b312d44ea497069f52d4102b7a182","sha256":"a71a8277ca39ad9d3fb3da0bcca61356c05fb6371726d2377ba85a464be592cc","sha512":"e9f862d96da1b009b190b3dd1c1f496ce7e62f1b43eef458b322959694f7b4c41530fafa0f3522c1549efa908677bb54e5a8459510e1364d79cfd7401a560609","ssdeep":"96:PozCnCorCJ2FNPZ4Ek/2orCJ2FNPZ01ZDICfMEDaH:QzJorCJWNPZ4EkuorCJWNPZsVICkCaH","tlshash":"bd913c762e2184fe6862e16a523e7e1cbd5593033a01fd833d6cee926f585d6083dcb4","first_seen":"2025-12-27T19:50:26.372844Z","last_seen":"2025-12-27T19:50:26.372844Z","times_seen":1,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/cd/c9/a9/cdc9a966d6795b3583ac2632f44eb6aa/1756656459.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/cd/c9/a9/cdc9a966d6795b3583ac2632f44eb6aa/1756656459.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67822\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:39 GMT\r\netag: \"68b4734b-108ee\"\r\nexpires: Mon, 29 Dec 2025 19:49:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67822,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 13:14:09], progressive, precision 8, 300x250, components 3","md5":"696ba29a63dfe01547803836971e97a9","sha1":"b72606a501bda10fa1672cacf61d81d80dffd5e4","sha256":"b3bc7de0e531e7b83d7dc8afe413f1b9eb1ff93ce14bfda2a9e035bdf987dc7b","sha512":"c8f24c9b752e0f4a6b9d8d66db5ea8177715c5faf35f3e1048177fb59f7ca3bb8e58b39a0e4d61af365d4e12c774c9deb6850dbe87287c07681f0369dacc2805","ssdeep":"1536:LvQZDdDvQZDdTZcUnp1kQEkoa62+Zp0H5D:LoJdDoJdNDplmOHp","tlshash":"7b63d0e96b609c76fbe48530dc35e6b6d2174c46e373294abc2fed0137312e85d6908a","first_seen":"2025-09-02T20:03:30.38824Z","last_seen":"2026-05-18T08:40:26.740611Z","times_seen":1013,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":103,"dns":59,"connect":19,"send":0,"wait":19,"receive":43,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1RTv28cRRSeTSIKKBAEQUFzBQUgfJ7dmf1FCoQJQYGQWIlRCkQxP53BezvLzO6tbZpAJBRRnaigW79zYgERCQ0dKDrTRULiaLgibvgLEFJqdJeTDE-a97433xTfm_nmi73mCBFo2Gz9fbtrioKtxn3ce_mqKaVtfe_iRi_EfXymd9WUCT3T254nN3w9JLSPX-m9o8SWXY1wiHGIw94545S226sLFkx1Jw_7Oe7TqB_GFLbd_3vfBOBZAHJ4hJ4FI6dP_6U_BCMmUA7unVV-q7bVa28PmoLV1sFQHnxQbpW2LWFwDLULQJcHy9Ng_RShr0-ALQ-WE4Ad7s8nAG6m6MTzD4GXB0uZwIe3HivlBagSuHwK2uEEVHEIhk1A2Btg5O8IQEi4eAnKwe2L1rVs5zHL5uwUnXr0D5h2ik49fA7KwQ9rhdnuXbFFUxtbetjWHZjtCZjNCVTNIdS7AZj2EET9ORj5G1p9dAHKwf4lX1gwcvYSS7FkTKkVmrJkheYcr3CM1YrK8lwwxihPyeKKjJ4A8wE082UCaHQATRXAQM56FGdUhIwkOpcixZRRKhXHeRZhzHKRQiM-AyNHINx1qNx12DIjcM198NdmP8VxRCRRkieSY5ElScp1GIWaYIoJjhIWaaGUSllMCFE5CZnORRZRxSOhaRwrFksqMU6VylJNckLSTMeKEy5ILjMZhjnmXHKmOdFUx3FGwzxKKE21plEsKNVxmAoSUyXDMMKZyJI4jQhPZJySiMZpxHmY0zwNk5iSNEs4oxS8DMDXCIayg1YhaD2CliFoDYK2RtAOu1uy8JHvbsvCNzxc1mhZSTe29eYeu2XrTVUiYG4ETnb7pvrE3wBRnxzvai_Hdp4Yr7sx47Lbq47QM3MXBF_d3YAtNetlSaxylQqCY800wyKKQqwiphIRkSTR4E0Hxp9YvN2umaJ3P30IlZkidDcDzg7BF4cgzIvAmheAteM0yoBdgxzDbnmPW7vlnWLS6J2-sAOQtoOqPgX1TrBXHKHT48sba_cXrvzozxEo8QAtA4TroHIdfGx-RbBZ3Bxfti3av2xbj368VNVmYHbZ3LFXalarJ757T-201snzZ_3o2zfFnJjDOxvK1xdYKU256dH3a0ZK5c5ZJxT6-by_qvh646-tNa5sqgvrb507P6ic8t7YcgLMTNGTf38JwkzR6V--WfzG-NV7IKrr4Ktjnd4i4BWCwiAo1PE-4x34__T8GO_5m7DpAmD1DSgHHQxdB8OiA1aMwDcnx3XlHrzxB1kE8CIY88KhfV64OW9mPU1UJDDO0iQkmVYhoVLoOKO5TBgmREHtp2Y94_8GAAD__9pEhHkrBQAA","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTv28cRRSeTSIKKBAEQUFzBQUgfJ7dmf1FCoQJQYGQWIlRCkQxP53BezvLzO6tbZpAJBRRnaigW79zYgERCQ0dKDrTRULiaLgibvgLEFJqdJeTDE-a97433xTfm_nmi73mCBFo2Gz9fbtrioKtxn3ce_mqKaVtfe_iRi_EfXymd9WUCT3T254nN3w9JLSPX-m9o8SWXY1wiHGIw94545S226sLFkx1Jw_7Oe7TqB_GFLbd_3vfBOBZAHJ4hJ4FI6dP_6U_BCMmUA7unVV-q7bVa28PmoLV1sFQHnxQbpW2LWFwDLULQJcHy9Ng_RShr0-ALQ-WE4Ad7s8nAG6m6MTzD4GXB0uZwIe3HivlBagSuHwK2uEEVHEIhk1A2Btg5O8IQEi4eAnKwe2L1rVs5zHL5uwUnXr0D5h2ik49fA7KwQ9rhdnuXbFFUxtbetjWHZjtCZjNCVTNIdS7AZj2EET9ORj5G1p9dAHKwf4lX1gwcvYSS7FkTKkVmrJkheYcr3CM1YrK8lwwxihPyeKKjJ4A8wE082UCaHQATRXAQM56FGdUhIwkOpcixZRRKhXHeRZhzHKRQiM-AyNHINx1qNx12DIjcM198NdmP8VxRCRRkieSY5ElScp1GIWaYIoJjhIWaaGUSllMCFE5CZnORRZRxSOhaRwrFksqMU6VylJNckLSTMeKEy5ILjMZhjnmXHKmOdFUx3FGwzxKKE21plEsKNVxmAoSUyXDMMKZyJI4jQhPZJySiMZpxHmY0zwNk5iSNEs4oxS8DMDXCIayg1YhaD2CliFoDYK2RtAOu1uy8JHvbsvCNzxc1mhZSTe29eYeu2XrTVUiYG4ETnb7pvrE3wBRnxzvai_Hdp4Yr7sx47Lbq47QM3MXBF_d3YAtNetlSaxylQqCY800wyKKQqwiphIRkSTR4E0Hxp9YvN2umaJ3P30IlZkidDcDzg7BF4cgzIvAmheAteM0yoBdgxzDbnmPW7vlnWLS6J2-sAOQtoOqPgX1TrBXHKHT48sba_cXrvzozxEo8QAtA4TroHIdfGx-RbBZ3Bxfti3av2xbj368VNVmYHbZ3LFXalarJ757T-201snzZ_3o2zfFnJjDOxvK1xdYKU256dH3a0ZK5c5ZJxT6-by_qvh646-tNa5sqgvrb507P6ic8t7YcgLMTNGTf38JwkzR6V--WfzG-NV7IKrr4Ktjnd4i4BWCwiAo1PE-4x34__T8GO_5m7DpAmD1DSgHHQxdB8OiA1aMwDcnx3XlHrzxB1kE8CIY88KhfV64OW9mPU1UJDDO0iQkmVYhoVLoOKO5TBgmREHtp2Y94_8GAAD__9pEhHkrBQAA HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl26390356=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1369c773b3efe8fc28fdf44b6473945c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 829175\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AwWow07BuJas5CYqQoY36z0Vk7R0vlGiwHWRGBb0ux1nhkg20Imqe4nLAQKNzBdpyrMcIEwrzWo7c0Xk1i1Ms2Pqa8E%2F1GYPXlAt3Ow8pAI%3D\"}]}\r\ncf-ray: 9b4b58236fb20731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-05-19T02:48:26.765604Z","times_seen":6675,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=12","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=12 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/17160be3b250e563979e7c96ad01d276/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:52.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veintones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 22:51:09 GMT","end":"Fri, 20 Mar 2026 22:51:08 GMT"},"fingerprint":{"sha1":"4D:7F:9C:CE:A0:E9:D6:F0:B3:A4:37:54:B5:59:91:60:F1:05:70:22","sha256":"83:ED:45:57:55:D9:14:C6:80:64:C8:69:3D:43:65:1F:B6:09:DD:EF:11:05:33:DD:CF:FC:2D:D2:27:47:6B:B9"}}},"request":{"raw":"GET /17160be3b250e563979e7c96ad01d276/invoke.js HTTP/1.1\r\nHost: veintones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18561\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: veintones.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 76d119621fae76e6633110c0a5c8418c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46355,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46355), with no line terminators","md5":"5873ffedd00a9e63c907811be725c145","sha1":"c17e9060577f721602bd6d68c8f4d2246a0bb076","sha256":"67e71571b4d4c6db890544849d1b6cf13bc068f4ebabc371ba52ada71864b79a","sha512":"d1efb4d4f6e88a195e248bf398f61bbef6818c68c860296e5968bfba97d464ee9881fa8a02312dd2394f1cce68d81ec3db01fe68df818ef3e50e8548199855fe","ssdeep":"768:dB2ED/5+sNKlKMHLQTwkf0R4sYeLvLoK12G6FYc0CTXF:dB2Et+aMHLQTwkf0BLDLoK12tFYN01","tlshash":"91230a5dbf92f006165f70b7376fa106b11a8c19680cd88cfa07fda46d68f05e837aa4","first_seen":"2025-12-19T22:42:12.31069Z","last_seen":"2026-01-22T00:36:54.764655Z","times_seen":5,"resource_available":true,"data":null}},"time_used":848,"timings":{"blocked":327,"dns":45,"connect":95,"send":0,"wait":99,"receive":92,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.1085645090112.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ca85b14d-1891-46ba-9db4-c2a071277526%3A3%3A1\u0026shu=c90196ecce14591f1577103434b8b4d5cae403653b72dd05e93d14c5113c5aae7a5c88e877d3b3ac1fa57aa8e453d3709cd68f2b5c4926183a06109720818ac03665181c8083b9c8489eed9c0c0466df6e3b5df23316d91c9f62\u0026pst=1766865054\u0026rmtc=t","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /watch.1085645090112.js?key=865e9e7c305fafa0c2210e2ae6c2366f\u0026kw=%5B%22risk%22%2C%22assessment%22%2C%22vs%22%2C%22analysis%22%5D\u0026refer=https%3A%2F%2Freviewbooku.com%2Freview%2Frisk-assessment-vs-risk-analysis-4973089\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=ca85b14d-1891-46ba-9db4-c2a071277526%3A3%3A1\u0026shu=c90196ecce14591f1577103434b8b4d5cae403653b72dd05e93d14c5113c5aae7a5c88e877d3b3ac1fa57aa8e453d3709cd68f2b5c4926183a06109720818ac03665181c8083b9c8489eed9c0c0466df6e3b5df23316d91c9f62\u0026pst=1766865054\u0026rmtc=t HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nReferer: https://reviewbooku.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: text/html\r\nContent-Length: 3244\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://reviewbooku.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=ca85b14d-1891-46ba-9db4-c2a071277526:3:1; expires=Sat, 03 Jan 2026 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\nu_pl26390356=1; expires=Sun, 28 Dec 2025 19:49:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 24\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b35b1c910db67839cc513dc80d5bc0ef\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4703,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3827)","md5":"4caa318029522b697c0f76a7e8afa72e","sha1":"29ede38c936c3aa837570d46c9b0ece81089e4e7","sha256":"bfb52c8ef71084569f66f939edb5dcb4c8287b11ce0823153c54f8b3abf4ec57","sha512":"11a49a3c3fb8956023ae3b54b5da78740899d0a2f7aef93d45755c00b4b397bad9f91e843eb41f91d15df1bd318a87dcbc8786e76812f6bb14b67d6c5bf0f97b","ssdeep":"96:6N/IozlffV+2RZn1FtZ89fk/zhEB4PRtJ1ZDYCfMEDaH:QzjZ1XZMkNEB+tjVYCkCaH","tlshash":"35a11abc9d60a074d45570bd6217d84c3b54620f2d088d807c5de9866b10fa91eb8dac","first_seen":"2025-12-27T19:50:26.37724Z","last_seen":"2025-12-27T19:50:26.37724Z","times_seen":1,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a0521f027f71d67c4018571e9c060a75\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 260938\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-3bd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xOh0KxqPLTfTIvb6lx8SxSMJwFvm4UutcZvasDzc%2F1ZOQFDXog22QLymyA4245pA53vTKPAFnBo4hE01%2FxasyOvGtLsZDRJHSKGSD8yhV8I%3D\"}]}\r\ncf-ray: 9b4b5823cfbf0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 829176\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bVIX7TtdMyOISKfKpc7NmlSOxCD2QNh3D8JJ91Jeiiqz6hpK584U1nWOcoCMah%2BEMe9xlpidW2Ws85lmZKCwcAiyXc1JiFW1dX5brboMIRY%3D\"}]}\r\ncf-ray: 9b4b5825afeb0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-05-19T02:48:26.765604Z","times_seen":6675,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/865e9e7c305fafa0c2210e2ae6c2366f/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veintones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 22:51:09 GMT","end":"Fri, 20 Mar 2026 22:51:08 GMT"},"fingerprint":{"sha1":"4D:7F:9C:CE:A0:E9:D6:F0:B3:A4:37:54:B5:59:91:60:F1:05:70:22","sha256":"83:ED:45:57:55:D9:14:C6:80:64:C8:69:3D:43:65:1F:B6:09:DD:EF:11:05:33:DD:CF:FC:2D:D2:27:47:6B:B9"}}},"request":{"raw":"GET /865e9e7c305fafa0c2210e2ae6c2366f/invoke.js HTTP/1.1\r\nHost: veintones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18540\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: veintones.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 712ebbf0a322fb039c00c2f797d8fd3f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46298,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46298), with no line terminators","md5":"96f2caecacb2f82667971c28eda79aa8","sha1":"45984adcc4b6d4246ab0e641dffd26ecd0d98692","sha256":"3ce663a76af8d3524ca56ffa6cc7fa22010bdb8350ebc2340e6f5321dc96931f","sha512":"dba24e90297a7a21d1b16c15cedacc6b50b961a411435b70249091774bd506a9558e9c06abdb4e76160ad8f734565b67eef8df3606ee26f61a714bf051526368","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0RpsYeLvLoK12G6FYc0Cjhwf:dB2EV+aMHLQTwkf0wLDLoK12tFYNoU","tlshash":"6123fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","first_seen":"2025-12-17T15:15:43.74806Z","last_seen":"2025-12-27T19:50:26.36097Z","times_seen":9,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/68/89/db/6889db2cfa98184ba1ac566756057db2.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /68/89/db/6889db2cfa98184ba1ac566756057db2.js HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30212\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ca8e1443f684855e16416d0654c271da\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":78855,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"453e6dd3d4e8745ecdf9b080cc78297c","sha1":"5042c077560f2c194ce48519cb8eb22610777081","sha256":"c90dfc600ea871ac27d43dc8e6a46ba968cf80b4c4c58421d9968c770803ec27","sha512":"d5dd853691d0aea0753466dcf9a624161f3dac86128bae28cae4c7d9799ff7ea1533e2d084566a38d29d724ed73bc0a3f164e5336c36096a5a25358d18b17630","ssdeep":"1536:l9yUBg8XFOUGDAVTesz3WArOwlNyBv77NzxpQ2jFFwbejIi:l3B91cupUhxpJwUIi","tlshash":"9a7309487f42b16b5352a073627fd047f0256f1261ecd498d123e6a86f6c33af636b98","first_seen":"2025-12-17T15:15:43.725188Z","last_seen":"2025-12-27T19:50:26.379635Z","times_seen":2,"resource_available":true,"data":null}},"time_used":830,"timings":{"blocked":316,"dns":25,"connect":96,"send":0,"wait":99,"receive":92,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1421\u0026rd=1421\u0026fd=515\u0026bv=25.12.4806\u0026tmpl=136","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1421\u0026rd=1421\u0026fd=515\u0026bv=25.12.4806\u0026tmpl=136 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":668,"timings":{"blocked":290,"dns":5,"connect":91,"send":0,"wait":94,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30196\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d3db18bbfd9520a7347f1c5c262eff3a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78883,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5f996f21dd086717a280650d9bddc340","sha1":"345c059308712f23d728810cf97941391ae4d062","sha256":"8f92ced4cdf992968ec5d6fa5f8b5b5a10897a923ee0e2504cf9cc5a7284efb0","sha512":"cc4e743e2f63d04a9e6f02ca0288b58d52c5351127337afb86cb73ace36a8fd6c6b5de4501d7372b608efeb4a8fc35e9f1cb6012bfe34549db4410d13d4bd7bc","ssdeep":"1536:x9yUBg8XFOUGBAVTesz3WArOwlNyBv77NzxpQ2jFFwBijIq:x3B91c8pUhxpJwqIq","tlshash":"e37309487f82b15b5352a073627fd047f0256f1261dcd498d123e6a86f6c33af636b98","first_seen":"2025-12-27T19:50:26.381991Z","last_seen":"2026-01-22T00:36:54.770428Z","times_seen":3,"resource_available":true,"data":null}},"time_used":815,"timings":{"blocked":306,"dns":25,"connect":94,"send":0,"wait":103,"receive":95,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=6889db2cfa98184ba1ac566756057db2\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:55.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=a70daaee-47a6-49b0-b00e-e899caaa4b73\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=6889db2cfa98184ba1ac566756057db2\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a4d0c364310d531768b4dffeb7c6aab9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":736,"timings":{"blocked":320,"dns":28,"connect":91,"send":0,"wait":94,"receive":0,"ssl":201},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":62,"dns":0,"connect":22,"send":0,"wait":17,"receive":4,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/68/89/db/6889db2cfa98184ba1ac566756057db2.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /68/89/db/6889db2cfa98184ba1ac566756057db2.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30172\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 8\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bbb3fc3d4721ef2f927a4ae3e8644899\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"65fae2f23fb1d97b513cbd6a42e71d78","sha1":"1c6280ce59e616aec4b71d428e97c9bafd282f00","sha256":"6782030932dc5776b19d2e3749435a1df1f267e66dce5797ec5706246dc7eb47","sha512":"1249a3a9ab75cc872fb352bc93d668761ce5860c5f07e86c517549cddd57f698599f068d832dba76f44ca1aa39956de7a5d292122f32b7024a578c101ed4587f","ssdeep":"1536:H9yUBg8XFOUGQAVTesz3WArOwlNyBv77NzxpQ2jFFwTMjIi:H3B91crpUhxpJw2Ii","tlshash":"d97309487f42b16b5352a073626fd047f0256f1261ecd498d123e6e86f6c33af636b98","first_seen":"2025-12-19T22:42:12.328857Z","last_seen":"2026-01-27T18:39:53.512918Z","times_seen":5,"resource_available":true,"data":null}},"time_used":764,"timings":{"blocked":282,"dns":1,"connect":93,"send":0,"wait":102,"receive":95,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/17160be3b250e563979e7c96ad01d276/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veintones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 22:51:09 GMT","end":"Fri, 20 Mar 2026 22:51:08 GMT"},"fingerprint":{"sha1":"4D:7F:9C:CE:A0:E9:D6:F0:B3:A4:37:54:B5:59:91:60:F1:05:70:22","sha256":"83:ED:45:57:55:D9:14:C6:80:64:C8:69:3D:43:65:1F:B6:09:DD:EF:11:05:33:DD:CF:FC:2D:D2:27:47:6B:B9"}}},"request":{"raw":"GET /17160be3b250e563979e7c96ad01d276/invoke.js HTTP/1.1\r\nHost: veintones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18561\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: veintones.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cede17f27d46d7097ebb5de31e96e396\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46351,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46351), with no line terminators","md5":"290549832eaac64d1f20ffe2f9036892","sha1":"195b121e87be1e92e1a94925349dd0e11d7e5dc0","sha256":"f36f2deee10eb0215a8a26b2c94c6dd56205478bad3f039db1b0fbe69dba0c73","sha512":"9a9afe81b578579c4e8ac2bb703121fa3b386cba92f627820c8130c8347a94589f018424141772d40f3838d4b13eff4f40d0d27e72cd3e490d4f4513638ddf29","ssdeep":"768:dB2Ef/5+sNKlKMHLQTwkf0R4sYeLvLoK12G6FYc0CtLr:dB2E5+aMHLQTwkf0BLDLoK12tFYNgf","tlshash":"2e23fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","first_seen":"2025-12-20T15:52:00.666935Z","last_seen":"2026-01-22T00:36:54.745437Z","times_seen":7,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:12:52 GMT","end":"Wed, 28 Jan 2026 01:12:51 GMT"},"fingerprint":{"sha1":"67:43:25:0A:D1:7D:95:9F:2D:A3:3F:97:74:7C:0A:AE:D2:D3:98:61","sha256":"09:09:97:4E:79:6D:B5:F4:D7:B7:F6:8F:BE:97:4E:B6:04:9C:25:29:FE:4A:0E:A2:BE:82:F0:6E:CF:8C:74:F0"}}},"request":{"raw":"GET /f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 40041\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9b67e14df69d833373ee05a2e4eecd02\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111890,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8bdde6eb8e2e73a681c6111469b80456","sha1":"256275ec167dcb0a10b42b3babb3522b4fbd2dbb","sha256":"ac417f1ddec1b5e6c51b82fbde5206020ab9789d0adb2d2bdd83abf3dbe8f0e6","sha512":"7913a7fb0169ca1731ef65101dcc7182d60a3cc08244d9daf7ca9f03fe371a57fb44e3aec82696bb0c327b461032ec165822e3d0fb84016d71b53081c420da7c","ssdeep":"1536:TXZchRVqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQ/X:4qJjblF2zOnC1JQGntTpU5o/X","tlshash":"b5b3c9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","first_seen":"2025-12-27T07:30:42.770122Z","last_seen":"2025-12-28T18:00:07.327383Z","times_seen":3,"resource_available":true,"data":null}},"time_used":789,"timings":{"blocked":294,"dns":19,"connect":94,"send":0,"wait":97,"receive":94,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 490754\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NDEfoQJCrqcEnjdO0mH8c5HJtpzX%2BkaoHNtDWTeYLEmt%2FAAFAJkiVFSXgHPLvmAOjFHkYIDuwcVy3x3JFwxCB%2BcF%2Be3Ucd1btl0Von%2FGqg8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b4b5824ffda0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-05-20T03:02:06.955571Z","times_seen":11477,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=40","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=40 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: br\r\nage: 3243413\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IwuvQ5G4fIPaRNCHkExJiLA%2B1HPjs892l40hUrH16HPeaZFsYvUPgrKYcoFXUeE2CnniSiBNpotpcKs1Hi%2FxfsKSZr387pQlhjqV7jK0pHM%3D\"}]}\r\ncf-ray: 9b4b5825bfef0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-05-20T02:24:33.040895Z","times_seen":9307,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /f2/16/5c/f2165c39ed56aac89d03ea06728c3ca8.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 40049\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 572e1ccd1efcf7c76f9c07c9b27ea683\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111903,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0cde48cd73d923ffb648319bc4d5c7d4","sha1":"37e15c540b2be411ba4ca9d2177672797ef8a453","sha256":"462cb460b9022a37abcfe93142ae00fa529bf293cedcb9ba934dcb7d8d5d0fca","sha512":"c682f4556ff53aac2fbad7c9747c5ccb3e40296ae2c44936ec49ec81e2755c29ff1fd9a7a862b41b3d8774825ef9fb0900e24c148f28f47c19a637dcddb17eb8","ssdeep":"1536:TXWchlVqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQ/X:1qJjblF2zOnC1JQGntTpU5o/X","tlshash":"32b3c9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","first_seen":"2025-12-27T19:50:26.390295Z","last_seen":"2025-12-27T19:50:26.390295Z","times_seen":1,"resource_available":true,"data":null}},"time_used":814,"timings":{"blocked":306,"dns":27,"connect":91,"send":0,"wait":104,"receive":92,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"veintones.com/865e9e7c305fafa0c2210e2ae6c2366f/invoke.js","fqdn":"veintones.com","domain":"veintones.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"veintones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 22:51:09 GMT","end":"Fri, 20 Mar 2026 22:51:08 GMT"},"fingerprint":{"sha1":"4D:7F:9C:CE:A0:E9:D6:F0:B3:A4:37:54:B5:59:91:60:F1:05:70:22","sha256":"83:ED:45:57:55:D9:14:C6:80:64:C8:69:3D:43:65:1F:B6:09:DD:EF:11:05:33:DD:CF:FC:2D:D2:27:47:6B:B9"}}},"request":{"raw":"GET /865e9e7c305fafa0c2210e2ae6c2366f/invoke.js HTTP/1.1\r\nHost: veintones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18523\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: veintones.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c311a5d6418dfc6c655ec0a0ff715aba\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46346,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46346), with no line terminators","md5":"9da710c08f5fff2fea4539add5e5e91a","sha1":"f335d6b4d273e906c17b32004007ef1a5ef055b7","sha256":"f15f11a6675c2d68d3221595e6ffc5d23ed232dd1cffd8ba3cd5b5051d023492","sha512":"6255f4e326b797f74ebe142b85bbb04710ccde308eb2e6c060c48fa3132498905888eba3732a69e20c89dc5a9688f8ea93a2894517febe17dfe463ef87ee0e5e","ssdeep":"768:dB2Ee/5+sNKlKMHLQTwkf0RpsYeLvLoK12G6FYc0CkhDC:dB2Em+aMHLQTwkf0wLDLoK12tFYNXW","tlshash":"d623fa5dbf92f006165f70b7376fa106b15a8c19280cd89cfa07fda46d68f05e837aa4","first_seen":"2025-12-17T15:15:43.751281Z","last_seen":"2026-01-08T22:03:03.891911Z","times_seen":10,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"veintones.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":62,"dns":0,"connect":7,"send":0,"wait":8,"receive":9,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 27 Dec 2025 19:49:59 GMT\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"0dbacd43fae3b14c321e679cb267d047","sha1":"33e640ec025852283074d3185281e8a3577ad04a","sha256":"107cd370855f9878ec6ca27e8080e84dad37ee7a976f718c9e3c4836827920d9","sha512":"c5907e87be8c340a5143cd3df2ba45b46ab1f5acf5b7a7a02e0124f0e63e05de75d23f451a2dac5f392c7b50916beffac24c24ad7387e98910511f8855dd8a1f","ssdeep":"768:DDSDjDGDUDB4DiLDZD1D5CJmwBUiRDfMTcfFBhiEymDcTYeBai75tdmtC0BQiVPD:I0rAwR","tlshash":"c2c200a1041750009b838ce223cebf35fe1f52517142d0b5abfdab6badcbc66526936d","first_seen":"2025-11-19T01:34:25.529906Z","last_seen":"2026-02-18T16:13:59.230524Z","times_seen":1650,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":101,"dns":1,"connect":20,"send":0,"wait":35,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 260939\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jk6e4Nx1fkD4C%2FHCdhd6p4iD%2FupgTgmVdvDk%2BwSqTf%2F6cUiHVlOzQEyFbbP98037LVwWn0Qi4EglQWzukEuoj%2FyauFi0W798oVQrhinXrG8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b4b58250fde0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8-7t3t0uKSJMCAqExOSPUqRA82_t4fZ2lpndW9tQBCJQSkcCCaj2vnex-RNBaEAUSNGZAskSEkflIm7oaJHSgvZ8ksWT9r237zPFe9958_GwOCA-Crq_8qbeVElCl9pNt_HCDZUKXdrGpWsNz226Zxo3VNoJzjTWa2cGL3l-0HRPN16TvKeXWq7nup7rNc4rI2O9vjSjUNn9yGtGbjNoNb12gHXz339bLMBSB2JwQE5CiekTf8Y3ofgEaf_BOWl7uc5efLVfJDTXBgOxcz3tpbpM0T9KY-MgTnfmp6HtlJDPFqDTnfkE0INxPQGYmpKFpx-BpTvzNsEG9w47ZQlkCib-j3IwgUwmUHQCrm9Did8JwAUuXUba376kTUk3Dimt6ZQcf_w3VDklxx-dQtr_djlR642rOilypVOL9biCWp9ArU6QFbvINx2ochc8_xBK_EaWHl9E2h9ftomGEvvP064rKJVyMejSzmIQMXeRua5clGEUcUppwLr-TCIVT0Ctg6L-lIMidlBkDvpivxG4YcA96nfiSPCuG9AgEJK5UdhyXRrxLgr-AZTYAjcfbWdiLe8Nxrkp5LhIuR16Xx6WWv6suF0XW_7Qu1-8nSWtjh-5frsz9JCZW-ipLZjiIexaBStOwOZT4rz1PgaiQikJSktQUoJSEZQ5QTmo7onEtmy1LRJbMG8eW_PoVyOdrw7pPZ2vypSAmi0YUY1V9q69DZ4fG23GVox07SjLqxFlohpmB-TJ-i6cT09cR0_uNzphGAnW4jGNQi8MGPUob3c63XbHbXcFa8GqCsouzBTcVFPy-nuPkKkpId-FYHQXNtkFV8-AFs-BlhXoWoXN9AHTumeNpELFG02u-xC6QpYfR77hDJMD8tToyrXlh7O1uHn6ISTfO_vT57V9AW4qZKbCO-oXgtXkzuiKLsn4ii4t-f5ylqu-2qT1ylzNaS6Pff2G3Ci1ERfO2a2vXuY1qNP716TNL9JUqHTVkm-WlRDSnNeGS_LzBXtDspXCri0XJi2yiyuvnL_Qz4y0Vul0Aqqm5H_Vs-BqSk7-c3f2HPxPfgTPbsFme2d_GP7VIYTAagKWOUhqfupXJPKIUVbByj0yN7CjfGjvYNU4oPltpP0KA1NhkFSgyRZscWyUZ2bv7B_-zMASZ8QS44xZYpK7h1pZtd-Ifdnirht2O54fxtLzA8HjdhhEokNd35fI7VSthPG_AQAA__92eBC2tQQAAA==","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8-7t3t0uKSJMCAqExOSPUqRA82_t4fZ2lpndW9tQBCJQSkcCCaj2vnex-RNBaEAUSNGZAskSEkflIm7oaJHSgvZ8ksWT9r237zPFe9958_GwOCA-Crq_8qbeVElCl9pNt_HCDZUKXdrGpWsNz226Zxo3VNoJzjTWa2cGL3l-0HRPN16TvKeXWq7nup7rNc4rI2O9vjSjUNn9yGtGbjNoNb12gHXz339bLMBSB2JwQE5CiekTf8Y3ofgEaf_BOWl7uc5efLVfJDTXBgOxcz3tpbpM0T9KY-MgTnfmp6HtlJDPFqDTnfkE0INxPQGYmpKFpx-BpTvzNsEG9w47ZQlkCib-j3IwgUwmUHQCrm9Did8JwAUuXUba376kTUk3Dimt6ZQcf_w3VDklxx-dQtr_djlR642rOilypVOL9biCWp9ArU6QFbvINx2ochc8_xBK_EaWHl9E2h9ftomGEvvP064rKJVyMejSzmIQMXeRua5clGEUcUppwLr-TCIVT0Ctg6L-lIMidlBkDvpivxG4YcA96nfiSPCuG9AgEJK5UdhyXRrxLgr-AZTYAjcfbWdiLe8Nxrkp5LhIuR16Xx6WWv6suF0XW_7Qu1-8nSWtjh-5frsz9JCZW-ipLZjiIexaBStOwOZT4rz1PgaiQikJSktQUoJSEZQ5QTmo7onEtmy1LRJbMG8eW_PoVyOdrw7pPZ2vypSAmi0YUY1V9q69DZ4fG23GVox07SjLqxFlohpmB-TJ-i6cT09cR0_uNzphGAnW4jGNQi8MGPUob3c63XbHbXcFa8GqCsouzBTcVFPy-nuPkKkpId-FYHQXNtkFV8-AFs-BlhXoWoXN9AHTumeNpELFG02u-xC6QpYfR77hDJMD8tToyrXlh7O1uHn6ISTfO_vT57V9AW4qZKbCO-oXgtXkzuiKLsn4ii4t-f5ylqu-2qT1ylzNaS6Pff2G3Ci1ERfO2a2vXuY1qNP716TNL9JUqHTVkm-WlRDSnNeGS_LzBXtDspXCri0XJi2yiyuvnL_Qz4y0Vul0Aqqm5H_Vs-BqSk7-c3f2HPxPfgTPbsFme2d_GP7VIYTAagKWOUhqfupXJPKIUVbByj0yN7CjfGjvYNU4oPltpP0KA1NhkFSgyRZscWyUZ2bv7B_-zMASZ8QS44xZYpK7h1pZtd-Ifdnirht2O54fxtLzA8HjdhhEokNd35fI7VSthPG_AQAA__92eBC2tQQAAA== HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]; iprc_l+cd8ae97e1ba3ff061b966d37687f2f89=5974464; iprc_l:5974464=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:59 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+cd8ae97e1ba3ff061b966d37687f2f89=5974464; expires=Sun, 28 Dec 2025 19:49:59 GMT; path=/; secure; SameSite=None\niprc_l:5974464=1; expires=Sun, 28 Dec 2025 19:49:59 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 4\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 514f468ea83b557568fcd0a0a01c9f70\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RTPWwdxRqddfJe8V7x9EhEfQsKQPh6Zmd_SYEwISgiJFYSlAJRzN_ag_fuLju7d51bJURCEZVLoFqf68QCIn4kWlB0TRcJiUuDi7ihokIIKTW6jiXDV3zfOXOmON_ozIc77SHhaMXB2lvlxOa5WAmHdPD8DVvosnODy9cHjA7pucENW0TBucHWotXjlxkPhvSFwRtGbZYrPmWUMsoGF2xtsnJr5UiFrR6kbJjSYeAPWRhgq_4nd60HJzzo8SF5BlbP__dr9g6smqEYfX3euM2mrF56fdTmoilrjPXe28VmUXYFRicwqz1kxd7xbZRuTsjHSyiLveMNUI53FxtA2jlZevYxZLF3bBNyfO-pU5nDFJD6v-jGM5h8H1bMoMo7sPonAiiNy1dQjO5fLutO3HyqioU6J6ef_Anbzcnpx2dRjL5cze3W4FqZt40tC4etrIfdmsGuz1C1-2gmHmy3D9V8AKt_JCtPLqEY7V5xeQmrD55LE06ppmY58mOxHIggXE6l1staaGY4D4OIi6MnstkMwi2hdR5a66HNPLSVh5E-GAQ0CRQTPMpSrWIaiCDQRtI08SkVqYrRqtuwehuqvoWqvoVNu426fQi3cfAtC7nQYRSrUDIeaRP5mfFNoPzMj3yRMMOykJskMzThLFa-yRIdJKFSQRxzLXmgI0oNixdUZLHQPE4jxqjSfkITQX3mh5pRYSLpGxELqpnMVJylKTcx81POIpXqmDHNFY9MmGWSpoZxlmSBTARXAfd940cipakf-0kSGwOnPbiGYKx7dIagcwSdIOgsQdcQdOP-ns6d7_r7OnetZMfTP568n5bN-o64VzbrpiAQ9TZq3e_a6n13B6o5NZ1kTk_LRROy6adC6n6nOiT_X2TAO_v7bWyagwGLWUSl4dIPqQkjnsapiVUaCU2Z9uMIzvawbgnCeZjYORn8FqOyc0K-SiDFPly-D2VPQbT_guimnFKIjakfUkyKB42pR60WG0NVjqDLHlVzGs1Nbyc_JGemV6-vPjwK5Lu_TGDUI3JcUHWPqu7xnv2BYD2_O71admT3atk58s2VqrEjOxGLsF5rRGP-_fmb5mZX1vriebf92atqISzgg-vGNZdEoW2x7sgXq1ZrU18oa2XIdxfdDSPXWrex2tZFW11ae-3CxVFVG-dsWcwg7Jz854-PoOycnPn-k6OPGL74KVR1C6468elKAlkR5JYgNyfnQvZwf-PyBO-4u1ivPYjmDopRj3HdY5z3EPk2XHtq2lT1o1d-5kcFmXtTmddkV-b1QrcHg4wbX1GaxBHjSWYYD7TKwiRIdSQo5waNm9u1RP4VAAD__0a6dq8mBQAA","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPWwdxRqddfJe8V7x9EhEfQsKQPh6Zmd_SYEwISgiJFYSlAJRzN_ag_fuLju7d51bJURCEZVLoFqf68QCIn4kWlB0TRcJiUuDi7ihokIIKTW6jiXDV3zfOXOmON_ozIc77SHhaMXB2lvlxOa5WAmHdPD8DVvosnODy9cHjA7pucENW0TBucHWotXjlxkPhvSFwRtGbZYrPmWUMsoGF2xtsnJr5UiFrR6kbJjSYeAPWRhgq_4nd60HJzzo8SF5BlbP__dr9g6smqEYfX3euM2mrF56fdTmoilrjPXe28VmUXYFRicwqz1kxd7xbZRuTsjHSyiLveMNUI53FxtA2jlZevYxZLF3bBNyfO-pU5nDFJD6v-jGM5h8H1bMoMo7sPonAiiNy1dQjO5fLutO3HyqioU6J6ef_Anbzcnpx2dRjL5cze3W4FqZt40tC4etrIfdmsGuz1C1-2gmHmy3D9V8AKt_JCtPLqEY7V5xeQmrD55LE06ppmY58mOxHIggXE6l1staaGY4D4OIi6MnstkMwi2hdR5a66HNPLSVh5E-GAQ0CRQTPMpSrWIaiCDQRtI08SkVqYrRqtuwehuqvoWqvoVNu426fQi3cfAtC7nQYRSrUDIeaRP5mfFNoPzMj3yRMMOykJskMzThLFa-yRIdJKFSQRxzLXmgI0oNixdUZLHQPE4jxqjSfkITQX3mh5pRYSLpGxELqpnMVJylKTcx81POIpXqmDHNFY9MmGWSpoZxlmSBTARXAfd940cipakf-0kSGwOnPbiGYKx7dIagcwSdIOgsQdcQdOP-ns6d7_r7OnetZMfTP568n5bN-o64VzbrpiAQ9TZq3e_a6n13B6o5NZ1kTk_LRROy6adC6n6nOiT_X2TAO_v7bWyagwGLWUSl4dIPqQkjnsapiVUaCU2Z9uMIzvawbgnCeZjYORn8FqOyc0K-SiDFPly-D2VPQbT_guimnFKIjakfUkyKB42pR60WG0NVjqDLHlVzGs1Nbyc_JGemV6-vPjwK5Lu_TGDUI3JcUHWPqu7xnv2BYD2_O71admT3atk58s2VqrEjOxGLsF5rRGP-_fmb5mZX1vriebf92atqISzgg-vGNZdEoW2x7sgXq1ZrU18oa2XIdxfdDSPXWrex2tZFW11ae-3CxVFVG-dsWcwg7Jz854-PoOycnPn-k6OPGL74KVR1C6468elKAlkR5JYgNyfnQvZwf-PyBO-4u1ivPYjmDopRj3HdY5z3EPk2XHtq2lT1o1d-5kcFmXtTmddkV-b1QrcHg4wbX1GaxBHjSWYYD7TKwiRIdSQo5waNm9u1RP4VAAD__0a6dq8mBQAA HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxODE0OTI0OSwiayI6IjE3MTYwYmUzYjI1MGU1NjM5NzllN2M5NmFkMDFkMjc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTU2ODU1LCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZDZwbXloeDFrIiwiY3BrcyI6eyIyOCI6ImYyMTY1YzM5ZWQ1NmFhYzg5ZDAzZWEwNjcyOGMzY2E4IiwiMjkiOiIwZmZjNjg0NWY3YmM3M2I0MjJiMjVlYzdkMzkxOGVmZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9yZXZpZXdib29rdS5jb20vcmV2aWV3L3Jpc2stYXNzZXNzbWVudC12cy1yaXNrLWFuYWx5c2lzLTQ5NzMwODkiLCJ0eiI6MSwiYXIiOltdfX0.Vr3rlwHg1oc-e8L-WCGUkFa-FZvQqG0FynnNydDLx2I; uid_id2=98300d0e-627a-4a45-9bdd-dad1e335463a:2:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl18149249=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8ef66c966070622ba5f3ef3845e7ab8d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/2b/26/aa/2b26aad2504daf4581703aef33da93f4/1755792747.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/2b/26/aa/2b26aad2504daf4581703aef33da93f4/1755792747.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71004\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 21 Aug 2025 16:12:27 GMT\r\netag: \"68a7456b-1155c\"\r\nexpires: Mon, 29 Dec 2025 19:49:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71004,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:10:08 12:50:38], progressive, precision 8, 300x250, components 3","md5":"7c4ef61da9a1b31964e978f85f0822c5","sha1":"74b0f0eeafb15241274671b1199c8eb4e21ab181","sha256":"99225a61cd24642b3467e77a6e23eda7cdd6273f898451e71e4bb9a9eebd262f","sha512":"cd0d387879d62c7aea3cb003267f4fb376e11822367ad4cf53084c13833a6f863ba11235fec44e99296f5ace2f51cd2a193829d57e2f6264e3f459efebd3f9ab","ssdeep":"1536:SvSXF00vSXF0pr5xQIHcSK/toSXJCKeg6CYxMEtjuJb:yS10AS10jxzcDpfuu3Jb","tlshash":"9363f119bf50dca6fdfc803ae062970b5a114ba419b77b283ccf61a5bf341e29d19187","first_seen":"2025-04-13T08:19:34.710818Z","last_seen":"2026-05-19T09:21:12.801517Z","times_seen":570,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/ren.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8_67vVtSRJgQFAiJyR-lSIFmdmbt4fZ2lpnd2_NBEYhAKR0JJKDa-97F5k8EoQFRIEVnCiRLSByVi7iho0VKC9rzSRZPmvfe6PMt3nvz5uNRcUA8FHR_7U01lElCV1pNu_HCDZlyVZrGpWsNx27aZxo3ZBr4ZxqD2un-S47nN-3TjddE1FUrru3YtmM7jfNSi1gNVuYUMrsfOs3Qbvpu02n5GOj_3k2xBEMt8P4BOQnJZ0_8Gd-EjKZIew_OCdPNVfbiq70iobnS6POd62k3VWWK3lEaawtxurNQQ5kZIZ8tQaU7iw6g-pO6AzA5I0tPPwJLdxZlgvXvHVbKEogUjP8fZX8KkUwh6RSRug3JfydAxHHpMtLe9iWlS7p5SGlNZ-T4478hyxk5_ugU0t63q4kcNK6qpMilSg0GcQU5mEKuT5EVu8iHFmS5iyj_EJL_RlYeX0Tam1w2iYLk-8_Tts0pFWLZb9Ng2Q-ZvcxsWyyLThhGlFKftb35iGQ8BTUWivpIC0Vsocgs9Ph-w7c7fuRQL4hDHrVtn_o-F8wOO65t0zBqo4g-gORbiPRHX2Z8I-_2XW-S60JsF2lkXG_k3C_ezhI38ELbawUjZ_tQNddMas3IQaZvoSu3oIuHMBsVDD8Bk8-I9db76PMKpSAoDUFJCUpJUOYEZb-6xxPjmmqbJ6ZgziK6i-hVY5Wvj-g9la-LlIDqLWheTWT2rrmNKD82HsaGj1XtKMurMWW8GmUH5Mn6LaxPT1xHV-w3gk4n5MyNYhp2nI7PqEOjVhC0W4HdanPmwsgK0izNJziUM_L6e4-QyRkh33XA6C5MsotIPgNaPAdaVqAbFYbpA6ZU12hBuYw3m5HqgasKWX4c-aY1Sg7IU-Mr11Yfztfi5umHENHe2Z8-r-0LRLpCpiu8I38hWE_ujK-okkyuqNKQ7y9nuezJIa1X5mpOc3Hs6zfEZqk0v3DObH31clSDOr1_TZj8Ik25TNcN-WZVci70eaUjQX6-YG4ItlaYjdVCp0V2ce2V8xd6mRbGSJVOQeWM_K96FpGckZP_3J1_B--THxFlt2CyvbM_jP4KCCEwioBlFpKan_oViThilFUwYo8sDOwoH5k7WNcWaH4baa9CX1foJxVosgVTHBvnmd47-4c3N7DEGrNEWxOW6OTu4ayM3G-0XOYFnU4g4oDHHvdcj4ctW4Q-DQM_9FvIzUyudeJ_AwAA__9HQb-LtQQAAA==","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1STP2wcxRfHZ52k-f0KRIhoAOkKCiLh8_67vVtSRJgQFAiJyR-lSIFmdmbt4fZ2lpnd2_NBEYhAKR0JJKDa-97F5k8EoQFRIEVnCiRLSByVi7iho0VKC9rzSRZPmvfe6PMt3nvz5uNRcUA8FHR_7U01lElCV1pNu_HCDZlyVZrGpWsNx27aZxo3ZBr4ZxqD2un-S47nN-3TjddE1FUrru3YtmM7jfNSi1gNVuYUMrsfOs3Qbvpu02n5GOj_3k2xBEMt8P4BOQnJZ0_8Gd-EjKZIew_OCdPNVfbiq70iobnS6POd62k3VWWK3lEaawtxurNQQ5kZIZ8tQaU7iw6g-pO6AzA5I0tPPwJLdxZlgvXvHVbKEogUjP8fZX8KkUwh6RSRug3JfydAxHHpMtLe9iWlS7p5SGlNZ-T4478hyxk5_ugU0t63q4kcNK6qpMilSg0GcQU5mEKuT5EVu8iHFmS5iyj_EJL_RlYeX0Tam1w2iYLk-8_Tts0pFWLZb9Ng2Q-ZvcxsWyyLThhGlFKftb35iGQ8BTUWivpIC0Vsocgs9Ph-w7c7fuRQL4hDHrVtn_o-F8wOO65t0zBqo4g-gORbiPRHX2Z8I-_2XW-S60JsF2lkXG_k3C_ezhI38ELbawUjZ_tQNddMas3IQaZvoSu3oIuHMBsVDD8Bk8-I9db76PMKpSAoDUFJCUpJUOYEZb-6xxPjmmqbJ6ZgziK6i-hVY5Wvj-g9la-LlIDqLWheTWT2rrmNKD82HsaGj1XtKMurMWW8GmUH5Mn6LaxPT1xHV-w3gk4n5MyNYhp2nI7PqEOjVhC0W4HdanPmwsgK0izNJziUM_L6e4-QyRkh33XA6C5MsotIPgNaPAdaVqAbFYbpA6ZU12hBuYw3m5HqgasKWX4c-aY1Sg7IU-Mr11Yfztfi5umHENHe2Z8-r-0LRLpCpiu8I38hWE_ujK-okkyuqNKQ7y9nuezJIa1X5mpOc3Hs6zfEZqk0v3DObH31clSDOr1_TZj8Ik25TNcN-WZVci70eaUjQX6-YG4ItlaYjdVCp0V2ce2V8xd6mRbGSJVOQeWM_K96FpGckZP_3J1_B--THxFlt2CyvbM_jP4KCCEwioBlFpKan_oViThilFUwYo8sDOwoH5k7WNcWaH4baa9CX1foJxVosgVTHBvnmd47-4c3N7DEGrNEWxOW6OTu4ayM3G-0XOYFnU4g4oDHHvdcj4ctW4Q-DQM_9FvIzUyudeJ_AwAA__9HQb-LtQQAAA== HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNjM5MDM1NiwiayI6Ijg2NWU5ZTdjMzA1ZmFmYTBjMjIxMGUyYWU2YzIzNjZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0ODgxMzczLCJwaWQiOjQ0ODU2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJhc2FjYWlnOWV6IiwiY3BrcyI6eyIyOSI6IjY4ODlkYjJjZmE5ODE4NGJhMWFjNTY2NzU2MDU3ZGIyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL3Jldmlld2Jvb2t1LmNvbS9yZXZpZXcvcmlzay1hc3Nlc3NtZW50LXZzLXJpc2stYW5hbHlzaXMtNDk3MzA4OSIsInR6IjoxLCJhciI6W119fQ.peXGz6ArVbs8E8ZF1OSUAOqEl59qQybKS2_C-9Q5wYs; uid_id2=a70daaee-47a6-49b0-b00e-e899caaa4b73:1:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl26390356=1; pdhtkv29=true; uncs29=1; u_pl26543445=1; slec6889db2cfa98184ba1ac566756057db2=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: facdf57d783eebc030cea2bf7f14a3a9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T04:38:10.725155Z","times_seen":15467974,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /0f/fc/68/0ffc6845f7bc73b422b25ec7d3918efd.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30238\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ed6792d1ec03de4ea064a2e6e7c5a7db\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b43481c6fa563267ac7606c1a6e7da79","sha1":"05f59489867520d13b9993b6213eb8f79b74931f","sha256":"d669861a7b88cd81e756ba40d5432b433c81adb1a6681707cb550cb7fef7f749","sha512":"2001e96be60ba4035147a84fd5042d05366f77c3cf7fcb5dea2609b1d867cd1a1f8896870d13dc1273bf4b1f6d0158d3785a39b5686f0bd5d08dd104e6190617","ssdeep":"1536:x9yUBg8XFOUG7AVTesz3WArOwlNyBv77NzxpQ2jFFwBijIq:x3B91cGpUhxpJwqIq","tlshash":"4b7309487f82b16b5352a073627fd047f0256f1261dcd498d123e6a86f6c33af636b98","first_seen":"2025-12-24T19:55:31.118761Z","last_seen":"2025-12-27T19:50:26.39451Z","times_seen":2,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":302,"dns":23,"connect":93,"send":0,"wait":98,"receive":91,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83690\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 18 Feb 2024 15:38:53 GMT\r\netag: \"65d2248d-146ea\"\r\nexpires: Mon, 29 Dec 2025 19:49:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83690,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 15:12:59], progressive, precision 8, 728x90, components 3","md5":"523a9ba7f13699c55d98f8c764909a9e","sha1":"5506a83327ba766df386900cda294fcd55a9d90d","sha256":"d313ebf7dc6f6ad0adb6a9547b2c3bb061a0e79573a2bd43e30b20634db4f336","sha512":"1df7e66d27502ee8bfdc03174e46605b41064a6ee2d277e5ac430b9f5a49d191e2d81e25d9cd246f3b85cfa7e4a413cbc4b1fd30b74b970f3aa8020b197c9dc0","ssdeep":"1536:nU35/XUemXVniNYkJpcw333DIcSvZicLU34bMpREYVf7FljInQdp:8xUeaxc3zIticgoYWaF1IY","tlshash":"6f830109ab27cc45e4c8e97188e7f2ea83522e807f835819758d70a2bf75b25dd3c167","first_seen":"2024-02-24T19:32:21Z","last_seen":"2026-05-19T05:44:05.935241Z","times_seen":882,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:58.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:58 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 490754\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NtYf4euUnPw0YMPtNfeU3brZjLdzR64EIk2Fg4X9CkosW5%2BM9aY0bybCTl5JSCOn2QBmeWu3YzFe79ms9XsXaJE6Vms12ZFNAlcKswrl9xw%3D\"}]}\r\ncf-ray: 9b4b5822cc0b0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-05-20T03:02:06.955571Z","times_seen":11477,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":24,"dns":5,"connect":1,"send":0,"wait":8,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:18:00 GMT\r\netag: \"68327dd8-3b2f\"\r\nexpires: Mon, 29 Dec 2025 19:49:59 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":147,"dns":1,"connect":20,"send":0,"wait":8,"receive":2,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:59.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://reviewbooku.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 23 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 347243\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-20T04:37:30.328074Z","times_seen":838677,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","fqdn":"reviewbooku.com","domain":"reviewbooku.com","tld":"com"},"ip":{"addr":"172.67.150.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-27T19:49:52.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reviewbooku.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 21:16:33 GMT","end":"Wed, 25 Mar 2026 22:12:58 GMT"},"fingerprint":{"sha1":"A8:24:0D:8B:BD:5E:E8:4D:C7:7E:27:A3:AC:7B:43:C5:97:03:44:B7","sha256":"2F:40:B8:AD:27:AC:E8:0F:A6:B2:7F:FA:0B:80:D1:9C:F7:08:CD:26:A5:63:BB:02:F6:57:33:E8:23:AD:DB:31"}}},"request":{"raw":"GET /review/risk-assessment-vs-risk-analysis-4973089 HTTP/1.1\r\nHost: reviewbooku.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ul%2B2xKtc3Qofk37EBEN1bkVeKFBorKkWZfS6QbFBx2fnLhUFgQZvWDdsXZd7tVrNVLzOfZBEir%2BrrIirfEVo%2BUXZIMaUCpCBVjwxeqtXcQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b4b57fbc8fc1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":15397,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (438), with CRLF line terminators","md5":"89b8ba0dc8259f0752495b33144d9b8d","sha1":"c45641aa16e28d9aec52c78acee80b0473323ef1","sha256":"b851214d89ea8a2f8865a80d9696c207c867e2db36df3cb15ad9e5fdbf7400a3","sha512":"b96d4132a7eb1bc9ebb01385a992dad9c984180b167fa37990a71fc779b9bce285d8f751ec4702b19a3bc7d3a501ceaa7a43056e971e4912f2794160983997df","ssdeep":"192:LSgWd9O9fHD9DV98SkOPXO5++V1D+soBATFXg8BRTXrv09uxbhL2pzUc1DpQ4K7p:hk1D+cXg83n09khL2pzUSDpQ4W","tlshash":"0b62d81baa01a02997b341a46b725789e764d017d302cd7cb8cd50aa2f74fd8c667fec","first_seen":"2025-12-27T19:50:26.397594Z","last_seen":"2025-12-27T19:50:26.397594Z","times_seen":1,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":20,"dns":0,"connect":1,"send":0,"wait":104,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"reviewbooku.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:53.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ad03a083813144173a5c3e976e5ddbb3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":286,"dns":1,"connect":93,"send":0,"wait":97,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-GYJTXFLTL3\u0026cx=c\u0026gtm=4e5ca1h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-GYJTXFLTL3\u0026cx=c\u0026gtm=4e5ca1h1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\nexpires: Sat, 27 Dec 2025 19:49:54 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141993\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":427212,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"0f197c14de325bdb801c7947f94f8a35","sha1":"0a1078f62b4363bb23c174c30cd98761e6269d07","sha256":"0dc097cefd73f884b0638870d9568e15371ec2d547cab75f73de6c7b60a7e689","sha512":"4c2a5cf1da59794fc48d160e4d377e42f3593b2bc8e77cdb9b12899f9d20ccccff58e0f56a16083cada056c8d73ca7c825db9ab49856b342eab9ac487952fe86","ssdeep":"6144:qIe7mZ2bulKY/1u99xHDmHYmyBFzvnsyRO6jJWoNPad4FpC1xY:DCpbu7/1mbrnsy39WbMpb","tlshash":"8b9419ce73c674269396f078503f118ba57b29a2b45cc895f189cce42e74a9a4237f7c","first_seen":"2025-12-27T19:50:26.399475Z","last_seen":"2025-12-27T19:50:26.399475Z","times_seen":1,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6c/7d/80/6c7d8051aa19f2f3e631e0fe383ba962/1756656863.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/6c/7d/80/6c7d8051aa19f2f3e631e0fe383ba962/1756656863.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Dec 2025 19:49:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66898\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:23 GMT\r\netag: \"68b474df-10552\"\r\nexpires: Mon, 29 Dec 2025 19:49:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 11:35:12], progressive, precision 8, 728x90, components 3","md5":"e580467987c1c30c4ffb17f7ae11f3c0","sha1":"610b07f423750aa257acca2366c4eb17a73c5505","sha256":"2e86c96ad78da3f4820110f2ce0a383d60e49982673d7ebed82f5043c1586d7b","sha512":"6d995ed6eaf343a2c706a3bf86055ab4ad7b885060e5c8621110de3501bf494197511e2111d9e99e49afd8888e0b4af6a2e811c0114885c93f034045a1a5559a","ssdeep":"768:3igBYyTIoQh9x8pLcbxvnd+n5OtUhs1NmyQv8brypNoQD2Gsa2xP/lfGOp+BtrEs:bBUhj8a855hs2Ivyp+m26clTp+BEc","tlshash":"7b63f189eb52cd23eed11e349cc1e5e24152cd60a2a3626578adfe407fb63f59d0c20b","first_seen":"2025-09-02T14:53:06.163646Z","last_seen":"2026-05-18T07:54:07.798636Z","times_seen":701,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reviewbooku.com/review/risk-assessment-vs-risk-analysis-4973089","date":"2025-12-27T19:49:54.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://reviewbooku.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 27 Dec 2025 19:49:54 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d2fcc71838a802f23a6fe655e4973650\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-20T04:40:50.214207Z","times_seen":16583,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}