{"report_id":"47d768cc-373b-42ce-b57d-e41f32f213ba","version":6,"status":"done","tags":[],"date":"2025-11-24T03:08:37Z","url":{"schema":"http","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"title":"Hot Videos 人気動画-動画@AV4.us","dom":{"size":153319,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"74f901ffce456280ac99b2f78b4210fc","sha1":"6a0276ea19a00024b27ccd2192a3d8856c4be518","sha256":"35bd320794f3d5b18edc6668c845be8439295dfea34d14daa9875f27f8212e1a","sha512":"76ad12fddf6ed029cffabea0899c73c2892e4a6251de2a042260b0cb654df0cc36545b23204af45fa6deff2ec84159527a1234acf2f6cb296dfbae7a3805812b","ssdeep":"768:nBNsSjOjpFx9qAvCOiC/Lssq2fVvtWIPjWDrcqTM8DVSx:n56p9COiCDhhfVgIOBnEx","tlshash":"d6e3949f86c4977a94c2d7409da2f23ed8f2289b7dc39117fc625548200c7ed78c6b9a","dom_hash":"domhashab6a8707ad07b22d382d7c7c6a3e6c09","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-29T03:08:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":13}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-24T03:08:14Z","timestamp":1763953694,"ip_dst":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.11","port":57794,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2025-11-24T03:08:14.897920+0000\",\"flow_id\":938281980043018,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":57794,\"dest_ip\":\"172.67.183.25\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"jsjs.jpg4.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3509,\"start\":\"2025-11-24T03:08:14.892682+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-24T03:08:15Z","timestamp":1763953695,"ip_dst":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.11","port":58648,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)","source":"{\"timestamp\":\"2025-11-24T03:08:15.793655+0000\",\"flow_id\":2180747299354271,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":58648,\"dest_ip\":\"101.33.11.223\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050737,\"rev\":1,\"signature\":\"ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_02_06\"]}},\"tls\":{\"sni\":\"1259667713.vod2.myqcloud.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2025-11-24T03:08:15.751263+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"oedy9.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"pdocac.4vid.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"jsjj.gazo.space","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"page.phic4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"fqjpg4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"timg216.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"en.vidmo.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"jxjav.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"fixedjs.4vid.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"zoobeegnet.z00.monster","ip":{"addr":"148.113.152.129","port":443,"asn":16276,"as":"OVH SAS","country":"United States","country_code":"US"},"domain_registered":"2019-08-26","domain_rank":6869254,"first_seen":"2020-08-26T01:13:52Z","last_seen":"2025-11-17T01:59:57.778239Z","alert_count":0,"request_count":1,"received_data":11469,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"motherless.com","ip":{"addr":"185.107.81.233","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2005-11-19","domain_rank":1728,"first_seen":"2012-05-21T16:56:06Z","last_seen":"2025-11-17T06:19:03.013059Z","alert_count":0,"request_count":1,"received_data":1500,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"image.beckybelike.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-10-26","domain_rank":3852212,"first_seen":"2025-01-01T06:43:10.563767Z","last_seen":"2025-11-19T01:17:41.059625Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cav102.com","ip":{"addr":"45.145.72.132","port":443,"asn":201106,"as":"Spartan Host Ltd","country":"United States","country_code":"US"},"domain_registered":"2022-07-28","domain_rank":211254,"first_seen":"2022-07-28T18:32:21Z","last_seen":"2025-11-15T14:07:06.988681Z","alert_count":0,"request_count":2,"received_data":109016,"sent_data":898,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"duga.jp","ip":{"addr":"153.126.247.101","port":443,"asn":7684,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"domain_registered":"2006-02-24","domain_rank":40791,"first_seen":"2012-05-24T11:57:50Z","last_seen":"2025-11-15T14:07:08.373517Z","alert_count":0,"request_count":1,"received_data":408435,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"OpenSSL:1.0.2k","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.46","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"download.mp3tube.club","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2020-06-14","domain_rank":7083550,"first_seen":"2025-06-04T07:13:33.40689Z","last_seen":"2025-11-22T23:13:01.05188Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":441,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sexsex16.com","ip":{"addr":"23.145.152.20","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2023-04-17","domain_rank":0,"first_seen":"2025-10-30T20:35:29.747428Z","last_seen":"2025-11-21T15:05:46.572705Z","alert_count":0,"request_count":1,"received_data":4544,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"page.phic4.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-03-07","domain_rank":4536559,"first_seen":"2024-03-28T08:56:57Z","last_seen":"2025-11-22T18:11:22.870561Z","alert_count":4,"request_count":4,"received_data":0,"sent_data":1636,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdne-pics.youjizz.com","ip":{"addr":"64.210.135.114","port":443,"asn":30361,"as":"SWIFTWILL2","country":"United States","country_code":"US"},"domain_registered":"2007-10-22","domain_rank":731156,"first_seen":"2017-01-30T06:19:28Z","last_seen":"2025-11-17T06:19:04.305339Z","alert_count":0,"request_count":4,"received_data":64854,"sent_data":1887,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-23T22:16:03.791483Z","alert_count":0,"request_count":1,"received_data":289069,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mc.webvisor.org","ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"domain_registered":"2009-08-25","domain_rank":99131,"first_seen":"2017-08-16T02:40:17Z","last_seen":"2025-11-17T05:04:46.90675Z","alert_count":0,"request_count":2,"received_data":4847,"sent_data":3335,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"1259667713.vod2.myqcloud.com","ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"domain_registered":"2013-04-24","domain_rank":6075848,"first_seen":"2021-02-26T18:31:33Z","last_seen":"2025-11-22T18:11:22.145038Z","alert_count":0,"request_count":1,"received_data":66391,"sent_data":535,"comment":"","tags":null,"fingerprints":null},{"fqdn":"jsjs.jpg4.icu","ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-06-01","domain_rank":0,"first_seen":"2025-11-19T01:17:39.197833Z","last_seen":"2025-11-19T01:17:39.197833Z","alert_count":0,"request_count":2,"received_data":1367,"sent_data":833,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"i.ytimg.com","ip":{"addr":"142.251.38.118","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2007-12-11","domain_rank":436,"first_seen":"2012-10-03T19:11:04Z","last_seen":"2025-11-23T23:06:06.069734Z","alert_count":0,"request_count":1,"received_data":12979,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.twi-dl.net","ip":{"addr":"104.21.2.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-05-15","domain_rank":124394,"first_seen":"2024-09-09T09:24:24Z","last_seen":"2025-11-21T15:05:46.424784Z","alert_count":0,"request_count":1,"received_data":741,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-11-23T22:24:30.388573Z","alert_count":0,"request_count":1,"received_data":215239,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"gcore-pic.xvideos-cdn.com","ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"domain_registered":"2017-08-25","domain_rank":91016,"first_seen":"2023-11-29T03:20:25Z","last_seen":"2025-11-20T13:25:14.879117Z","alert_count":0,"request_count":1,"received_data":23708,"sent_data":533,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sorkab.com","ip":{"addr":"172.67.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-06-30","domain_rank":60433,"first_seen":"2021-02-01T01:07:10Z","last_seen":"2025-11-21T22:45:30.217617Z","alert_count":0,"request_count":5,"received_data":4008,"sent_data":2258,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"theav.xyz","ip":{"addr":"104.21.77.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-07-20","domain_rank":192954,"first_seen":"2018-08-26T12:26:24Z","last_seen":"2025-11-19T08:50:44.626909Z","alert_count":0,"request_count":1,"received_data":609,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"css.jpg4.icu","ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-06-01","domain_rank":0,"first_seen":"2025-11-19T01:17:37.695346Z","last_seen":"2025-11-19T01:17:37.695346Z","alert_count":0,"request_count":3,"received_data":95591,"sent_data":1458,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"jxjav.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-04-09","domain_rank":216248,"first_seen":"2024-04-09T07:17:08Z","last_seen":"2025-11-19T01:17:40.381608Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":429,"comment":"","tags":null,"fingerprints":null},{"fqdn":"media.crazyshit.com","ip":{"addr":"45.133.44.4","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"1999-02-20","domain_rank":2942510,"first_seen":"2019-08-06T22:57:07Z","last_seen":"2025-11-17T06:19:03.937497Z","alert_count":0,"request_count":1,"received_data":131292,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ansuko.net","ip":{"addr":"104.21.54.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-07-04","domain_rank":87799,"first_seen":"2023-07-04T08:10:56Z","last_seen":"2025-11-17T06:19:06.236289Z","alert_count":0,"request_count":2,"received_data":208833,"sent_data":919,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"img.reddit.tube","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"2018-10-21","domain_rank":0,"first_seen":"2025-10-09T20:45:10.894187Z","last_seen":"2025-11-17T02:56:22.05543Z","alert_count":0,"request_count":1,"received_data":13656,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"www.twi-videos.net","ip":{"addr":"172.67.181.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-07-05","domain_rank":3757802,"first_seen":"2021-11-10T10:36:55Z","last_seen":"2025-11-17T06:19:02.351726Z","alert_count":0,"request_count":1,"received_data":745,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-11-23T22:33:46.594107Z","alert_count":0,"request_count":4,"received_data":351592,"sent_data":1772,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pdocac.4vid.top","ip":{"addr":"172.67.181.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-03-09","domain_rank":0,"first_seen":"2025-11-19T01:17:36.035067Z","last_seen":"2025-11-19T01:17:36.035067Z","alert_count":1,"request_count":1,"received_data":3467,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.w3schools.com","ip":{"addr":"23.36.76.136","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2000-03-21","domain_rank":2135,"first_seen":"2014-02-05T20:15:46Z","last_seen":"2025-11-17T06:19:00.625329Z","alert_count":0,"request_count":1,"received_data":24014,"sent_data":433,"comment":"","tags":null,"fingerprints":null},{"fqdn":"timg216.top","ip":{"addr":"172.66.155.86","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-04","domain_rank":157563,"first_seen":"2025-05-11T16:24:46.418762Z","last_seen":"2025-11-19T08:50:02.579961Z","alert_count":1,"request_count":1,"received_data":26786,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"mylen-handmade.ru","ip":{"addr":"172.67.130.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-09-21","domain_rank":397466,"first_seen":"2013-07-12T11:17:57Z","last_seen":"2025-11-21T22:45:31.91304Z","alert_count":0,"request_count":1,"received_data":17533,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"dragon.brettspizzeria.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-12-08","domain_rank":7147683,"first_seen":"2025-03-25T21:53:28.12769Z","last_seen":"2025-11-17T01:59:58.363558Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":445,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.mymediaing.my","ip":{"addr":"172.67.170.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-07T20:07:31.091044Z","last_seen":"2025-11-21T15:05:45.044447Z","alert_count":0,"request_count":1,"received_data":53487,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bingato.com","ip":{"addr":"104.21.62.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-05","domain_rank":365440,"first_seen":"2017-09-03T09:03:04Z","last_seen":"2025-11-19T01:17:41.046747Z","alert_count":0,"request_count":2,"received_data":76801,"sent_data":903,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cos.tv","ip":{"addr":"108.157.229.92","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2011-08-26","domain_rank":163856,"first_seen":"2019-02-06T12:57:53Z","last_seen":"2025-11-22T18:11:22.116137Z","alert_count":0,"request_count":1,"received_data":15620,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"www.xvideos.com","ip":{"addr":"185.88.181.5","port":443,"asn":46652,"as":"SERVERSTACK-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"1997-12-30","domain_rank":1943,"first_seen":"2012-05-21T20:29:12Z","last_seen":"2025-11-21T15:05:45.736615Z","alert_count":0,"request_count":1,"received_data":15370,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"icdn05.ourladyboys.com","ip":{"addr":"45.133.44.6","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2008-05-10","domain_rank":0,"first_seen":"2025-11-01T12:36:31.617693Z","last_seen":"2025-11-01T12:36:31.617693Z","alert_count":0,"request_count":1,"received_data":18242,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pdocac.jpg4.icu","ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-06-01","domain_rank":0,"first_seen":"2025-11-19T01:17:48.933973Z","last_seen":"2025-11-19T01:17:48.933973Z","alert_count":0,"request_count":1,"received_data":3578,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sexsex10.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-04-17","domain_rank":688235,"first_seen":"2025-07-08T05:40:36.488095Z","last_seen":"2025-11-17T06:19:03.810763Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":432,"comment":"","tags":null,"fingerprints":null},{"fqdn":"en.vidmo.pro","ip":{"addr":"89.248.193.244","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"domain_registered":"2022-04-10","domain_rank":122476,"first_seen":"2022-04-11T13:12:45Z","last_seen":"2025-11-23T07:50:08.680873Z","alert_count":2,"request_count":2,"received_data":40114,"sent_data":915,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.youjizz.com","ip":{"addr":"66.254.114.242","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2007-10-22","domain_rank":2431,"first_seen":"2012-05-22T02:44:21Z","last_seen":"2025-11-17T06:19:01.100289Z","alert_count":0,"request_count":1,"received_data":4737,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"jsjj.gazo.space","ip":{"addr":"37.48.65.155","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2017-02-10","domain_rank":0,"first_seen":"2025-11-21T15:05:44.577347Z","last_seen":"2025-11-21T15:05:44.577347Z","alert_count":2,"request_count":2,"received_data":714,"sent_data":838,"comment":"","tags":null,"fingerprints":[{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]},{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]}]},{"fqdn":"fqjpg4.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-05-14","domain_rank":162173,"first_seen":"2025-06-28T08:10:55.589739Z","last_seen":"2025-11-17T06:19:03.665414Z","alert_count":2,"request_count":2,"received_data":0,"sent_data":954,"comment":"","tags":null,"fingerprints":null},{"fqdn":"idolerotic.net","ip":{"addr":"153.122.86.155","port":443,"asn":131921,"as":"GMO GlobalSign Holdings K.K.","country":"Japan","country_code":"JP"},"domain_registered":"2014-11-07","domain_rank":198291,"first_seen":"2016-02-17T00:43:30Z","last_seen":"2025-11-10T03:16:18.740967Z","alert_count":0,"request_count":3,"received_data":24823,"sent_data":1375,"comment":"","tags":null,"fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}]},{"fqdn":"fixedjs.4vid.top","ip":{"addr":"172.67.181.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-03-09","domain_rank":0,"first_seen":"2025-11-19T01:17:38.764851Z","last_seen":"2025-11-19T01:17:38.764851Z","alert_count":2,"request_count":2,"received_data":6687,"sent_data":844,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.po-kaki-to.com","ip":{"addr":"104.21.10.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-09-18","domain_rank":33483,"first_seen":"2012-07-18T02:37:54Z","last_seen":"2025-11-19T07:29:05.697372Z","alert_count":0,"request_count":1,"received_data":53174,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"baraag.net","ip":{"addr":"185.178.208.171","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2017-04-25","domain_rank":80004,"first_seen":"2018-12-04T19:32:27Z","last_seen":"2025-11-19T07:29:05.318371Z","alert_count":0,"request_count":3,"received_data":5037,"sent_data":1296,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.youtube.com","ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-02-15","domain_rank":6546,"first_seen":"2012-05-30T07:03:49Z","last_seen":"2025-11-17T02:56:09.066684Z","alert_count":0,"request_count":5,"received_data":86092,"sent_data":2220,"comment":"","tags":null,"fingerprints":null},{"fqdn":"av.av4.website","ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-12","domain_rank":0,"first_seen":"2025-11-07T18:17:46.118345Z","last_seen":"2025-11-21T01:16:24.174427Z","alert_count":4,"request_count":1,"received_data":42234,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-23T22:17:41.224107Z","alert_count":0,"request_count":2,"received_data":23437,"sent_data":892,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"thumbs.dreamstime.com","ip":{"addr":"151.101.129.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2000-06-11","domain_rank":190133,"first_seen":"2012-05-30T02:38:19Z","last_seen":"2025-11-22T22:39:23.712053Z","alert_count":0,"request_count":1,"received_data":13114,"sent_data":545,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pic.duga.jp","ip":{"addr":"58.156.255.108","port":443,"asn":17506,"as":"ARTERIA Networks Corporation","country":"Japan","country_code":"JP"},"domain_registered":"2006-02-24","domain_rank":3345614,"first_seen":"2012-09-29T22:45:31Z","last_seen":"2025-11-21T01:16:23.791376Z","alert_count":0,"request_count":1,"received_data":54012,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pornvideoq.com","ip":{"addr":"104.21.235.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-10-27","domain_rank":358741,"first_seen":"2015-10-29T23:25:48Z","last_seen":"2025-11-17T06:19:03.213429Z","alert_count":0,"request_count":1,"received_data":13133,"sent_data":560,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"zoobeeg.net","ip":{"addr":"104.21.7.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-05-31","domain_rank":444972,"first_seen":"2020-05-31T12:54:46Z","last_seen":"2025-11-17T01:59:59.669973Z","alert_count":0,"request_count":1,"received_data":686,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"thumb.aporntv.com","ip":{"addr":"104.26.1.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-07","domain_rank":3254568,"first_seen":"2018-03-19T05:34:25Z","last_seen":"2025-11-17T06:19:05.015448Z","alert_count":0,"request_count":1,"received_data":2895,"sent_data":526,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"oedy9.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-10-27","domain_rank":150266,"first_seen":"2023-10-27T10:41:23Z","last_seen":"2025-11-19T01:17:36.480481Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":429,"comment":"","tags":null,"fingerprints":null},{"fqdn":"filtradas.com","ip":{"addr":"91.234.199.87","port":443,"asn":43641,"as":"SOLLUTIUM EU Sp z.o.o.","country":"Ukraine","country_code":"UA"},"domain_registered":"2025-04-09","domain_rank":184383,"first_seen":"2025-06-15T07:12:29.914989Z","last_seen":"2025-11-22T18:11:23.237918Z","alert_count":0,"request_count":4,"received_data":87393,"sent_data":1960,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn5-thumbs.motherlessmedia.com","ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2008-10-11","domain_rank":905009,"first_seen":"2018-12-23T05:30:23Z","last_seen":"2025-11-17T06:19:02.052615Z","alert_count":0,"request_count":2,"received_data":47197,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"zoozhamster.com","ip":{"addr":"172.67.73.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-04-29","domain_rank":71147,"first_seen":"2021-04-29T16:56:41Z","last_seen":"2025-11-15T14:07:07.762695Z","alert_count":0,"request_count":2,"received_data":19024,"sent_data":896,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.redd.tube","ip":{"addr":"54.39.222.96","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"domain_registered":"2022-05-03","domain_rank":13819,"first_seen":"2022-05-09T18:20:16Z","last_seen":"2025-11-17T06:19:05.806792Z","alert_count":0,"request_count":1,"received_data":962,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjs.jpg4.icu/index.php?js=av4\u0026advertisement\u0026","fqdn":"jsjs.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad714036e6fa863af36dc2351383e876","sha1":"4b3d462ce4674d25698c60167f90357ec21f4c67","sha256":"aec77c9b1a836abb00e608abcf331bebea693b945d3d69ff0616780d1c09ac41","sha512":"b81046e1adcfe28a565129534d10dacd3941cc7f20d55e7e448ac59ac1c15501ce97800f862387f31dc0752fc4fa99f8847f7f004e1d9b134bd183dae6930666","ssdeep":"3072:2hV1y+HrO1t7U/KV/i1Ev414EOtsCtJNS63WOVfQzQNt:iPy+H4t7U/KcEvXmOVfQzQNt","tlshash":"2114e8f67608502951f302a79a718684f833a02b99816884fd1c6d751f78e7f297affc","size":191745,"data":"","first_seen":"2025-11-24T03:08:53.457904Z","last_seen":"2025-11-24T03:08:53.457904Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"96908adcab4bbde6821de5b4a4c5db07","sha1":"3694f8e31a562a1453372ae65639453c005bf07e","sha256":"10cce15e63dbf73415501be10073cc2f939aa4f77ca2ef16772488a0a18703ac","sha512":"5f531b30b7161e140935bcfa3420d8321831e04e8fb3fee8f24497f9d41a1711131e3c445f7abcb0ee847a11ddd19b2500537db26086805ce9b58226626dbd8d","ssdeep":"384:y6qsGbiNpuUpsRqePJS+kn5VZ0OUpLxx7bs81qAvCOjapo3G9Ceq:TBNsSjOjpFx9qAvCOiC3","tlshash":"79832d9f8240d77d5cc2a744ada2f36ddcf2694f3cd28117fc62611d21486acacda7a2","size":84191,"data":"","first_seen":"2025-11-24T03:08:53.459217Z","last_seen":"2025-11-24T03:08:53.459217Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"6a6d49c6c2ae70af7aaf37b59e1992be","sha1":"7ec9c0209de4ee75d15551de5b41d72ef95a53d2","sha256":"01cad962eb3c779b21c51c5b10914e8f949d1c08ea965e804a60b5882846833d","sha512":"e65a14ab5a1147e6103f4f6f7b703f5d94c4d06887a51a1ec6ce33769227d9e8636b88c1d3523e3a24523bcd9896f4020be259edcd7249bf8c58ecf8ce74d1a9","ssdeep":"","tlshash":"44110000e2208a28002028332800020800020000c08008008002002000208030ea000a","size":958,"data":"","first_seen":"2025-03-21T10:58:41.402631Z","last_seen":"2025-11-24T03:08:53.460613Z","times_seen":537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea77f824de2ef57acb12e7cb6596365e","sha1":"10bad0dbdf30a0471c2c786b349daeb1dd19180e","sha256":"2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c","sha512":"cf69dd76334b7318c829868da8a7e9c2097ef261555388132fc69f95d42e91420e2988056c3d93c830b20059422ae5a82e1109e3dce9127ccb0e23cc5ca27591","ssdeep":"192:N0rZbTPe+fl9SKRGyFgkw+wi+FrZJqbzr+5rA7wbUCzebIkm:N09voK7gzi+FrZJqbzrarAyUX5m","tlshash":"7a22f8b33133fd9f8fba085ac61d61045c7dbc6f4aa94091bb0884e86af4558ead5d34","size":10687,"data":"","first_seen":"2023-03-07T12:02:01Z","last_seen":"2026-04-12T19:29:51.705432Z","times_seen":2340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"a57152b06a259d44d68ed7bca5713220","sha1":"9e2da37836dd54a48ca9d1427b22407c8100b81e","sha256":"01b11179be37589fc67de3d7e419eec20dc566869de4175df5a4c5793a8dee78","sha512":"f2d79d01dcc9bcd209d8b69139d4a2be40a4918ec37d4eff6265a5a067f54bd8649dfebf7a1cb884dd2f91be15835aa4f008f2c2703e4bd8dcee3325041ab2d0","ssdeep":"","tlshash":"bf110000c802022202030b3a2008280020000200c082028000a000000080820002280c","size":929,"data":"","first_seen":"2025-03-21T10:58:41.403796Z","last_seen":"2026-02-02T21:39:33.582202Z","times_seen":228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b4b936eab4235f662d4eb756534d69d7","sha1":"4ee18cb14eaf40e117a19a7f86dcefe6291bc0cf","sha256":"f7650ed40588ee2d1128869afc47866ee4eb09d4860ce1c3e07c9860b7242d33","sha512":"8ab68f0f71a5ed1bfef35dbdad985867b7695f46cd03e3d3bbf2ebe8de35b5a95638f5fdb41fdd52b85ecca95cbcb4a341f6fa560f1cb6a39a2026e22a9af10c","ssdeep":"","tlshash":"0260003c003f00030cc03c0000c0c000c000003c000303f00f030000000003030cc00c","size":12,"data":"","first_seen":"2023-03-07T12:07:12Z","last_seen":"2026-04-12T19:29:51.780505Z","times_seen":2307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"15f92ca46c20b71e4ac83e0951409c56","sha1":"6c5588ef4c50167ff6ac4cdb52ebec06d8445a92","sha256":"eec1398f03ab6786d9b23ee9d2209731c81e3cd57ea30a4fd5cafa873da424d4","sha512":"9345ee5e7ef82cbc36fb72eb4d5bda2050dcfec4633f28edf10ca2d8b6eff4f396392ffce08c695b8e439b215c7d2762df0d713e949b60f56a790c9f00718fc3","ssdeep":"","tlshash":"8de0c035f42d010202170270ac772a6a743dea75cfc070b0d23825787684cb6a1596fd","size":401,"data":"","first_seen":"2024-05-04T22:45:05Z","last_seen":"2026-04-03T22:52:06.987037Z","times_seen":1276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9372bad49ab06487235a5db71d2ddbfa","sha1":"99b59b1c9a74dd8c490044abae8386b40fc1690c","sha256":"d675fcc09c707a5d6443322663af4df3ce40daf189c8d7d080e7811a791b66ff","sha512":"ae20e8eb97cb3d48483ef5f388beec62ecf126fcc0430fa4282dc65dab37fa7806002bc954ad11f08f63f737cc09b46e10e89d985e1bcc82ee5c79083d722d72","ssdeep":"","tlshash":"09d022e8c238a53826e522f9d10fe3d09ca5a38bf0c339f0dcbe082d0248a491836462","size":260,"data":"","first_seen":"2025-03-12T03:11:58.118079Z","last_seen":"2026-04-03T22:52:06.987837Z","times_seen":258,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fixedjs.4vid.top/?vidjs=51qxezx","fqdn":"fixedjs.4vid.top","domain":"4vid.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"887ac590e12829cd1cd79f00e5dfd938","sha1":"fe3b54ec873afd89047dd569ef5e85eed5c81d5a","sha256":"1ad5bcc74985d6921ef4a70e65234722d2a788f52d40055dbd9cb546a7b7aa64","sha512":"0d2af253d7ec09372f5ecc5e0fe894f91ddf4276e58b4ec79eec302108191abdaa7c7f530872e4a0e002f1474c204534d96fce77eaf24cf14c0b06d2fb302358","ssdeep":"1536:6MJTUxbKOOmmUJKJzQ2ns+VKPv4n7IrNNYl2xGSKLG7EjzjudQoGJUJ3Pj8JnFp/:HUxbKLilPs7rYGSKLG8zq6o7P2z8K7","tlshash":"a173a5bb725d502844e106a369714244fc2be637ad81d290f96c2c316f74e2a99f7fec","size":76814,"data":"","first_seen":"2025-11-22T18:11:56.3696Z","last_seen":"2025-11-24T03:08:53.465509Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7a29ea0dfdff174648e9beb3ecec7f3","sha1":"d0972bc8bd8fc4d4cad30e3142cc0140caa89cac","sha256":"469a4a22e000da2392229fea77db04fa8b63cac64cf65597e4798e61f7e16c80","sha512":"299ab3946f9675e3ba381a510e4a4124b564e7bcbcf6a25d9b80a380f1c1287be82a5ea9bf72b0fc08f0a7a654438bd8910c0b7b2f9eb04a618b38f85be4543b","ssdeep":"","tlshash":"b9a00000e222008020800c32c0020820ca088888c8002202280a0800202000af0a2383","size":72,"data":"","first_seen":"2024-05-04T22:45:05Z","last_seen":"2026-04-03T22:52:06.989388Z","times_seen":1266,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-620120-3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"58888772cdf1ee35b0ea7816be5f4d8e","sha1":"d05013d4285ed684fce812e70f395d548a9c1a5e","sha256":"14387671328f739ea42c6f38567a72cac12eccefef4c683ad456af869e97996f","sha512":"d6ad94a6fa63a722e00578daa851f6c31367748e8a619b923af76e7552190bdfb32ced13ca9988610ae19730097f91833f5f4a98b37dfe50a11942c2dd88f99b","ssdeep":"3072:LxvNCF05vkzUrzMo0ulFe1dRGeefSJQWfQXr2XdArNbE0jcVWo6O7nGQUO7ujUBK:2FBUXt+eUI2X6u0IVWo6O7GQUO7ujUBK","tlshash":"d95418cc77dab42243a36478503f114bb23b7992f84cc894e186d9d92e70aa94277f7d","size":288465,"data":"","first_seen":"2025-11-23T18:32:40.981883Z","last_seen":"2025-11-24T03:08:53.443971Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4b182d46ed8deb89f173af96cc87d63","sha1":"f284888aa3aa2b4797067f887af101642af71549","sha256":"4c957fa6a4bdaddeee58bcbd3b6ef6b0482f94bfa6516f8167b77eb340d87e03","sha512":"ae3a780ca1f236d37a330cce9dde7ff58a7b50442873f36bcb67b739840eee6422ec83dc2b2fdc1119a1cb9699ea1fa4bd4c2ba87e31001ce8249042b9fb57ee","ssdeep":"","tlshash":"eba000aac02a00a20880283000838000c0000228ca2202a00a020000000002c308800c","size":59,"data":"","first_seen":"2024-05-04T22:45:05Z","last_seen":"2026-04-03T22:52:06.983385Z","times_seen":1275,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0b92303a1cb08e00253e7879d304ee26","sha1":"68bdd0c37dddd5312507918516eaa994a1a1cb93","sha256":"7f10c6dc85b21ab592994c008eea9b75e836674d27bef1d026c511b4fb158432","sha512":"ea194370faf1c720d260f547d126b2beb99385dbbb29af6d954059e7bd3e622bf4040ad7731eaffea192c45551bf8816b8ba85ba40ef1a5ea1edae09e4c770e7","ssdeep":"","tlshash":"e7e0c035342d010202170260ac772a6a743dea750fc060b0d23825787684cb661596fd","size":353,"data":"","first_seen":"2024-05-18T10:55:44Z","last_seen":"2026-04-12T19:29:51.783452Z","times_seen":1353,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjs.jpg4.icu/index.php?js=av4\u0026advertisement\u0026","fqdn":"jsjs.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad714036e6fa863af36dc2351383e876","sha1":"4b3d462ce4674d25698c60167f90357ec21f4c67","sha256":"aec77c9b1a836abb00e608abcf331bebea693b945d3d69ff0616780d1c09ac41","sha512":"b81046e1adcfe28a565129534d10dacd3941cc7f20d55e7e448ac59ac1c15501ce97800f862387f31dc0752fc4fa99f8847f7f004e1d9b134bd183dae6930666","ssdeep":"3072:2hV1y+HrO1t7U/KV/i1Ev414EOtsCtJNS63WOVfQzQNt:iPy+H4t7U/KcEvXmOVfQzQNt","tlshash":"2114e8f67608502951f302a79a718684f833a02b99816884fd1c6d751f78e7f297affc","size":191745,"data":"","first_seen":"2025-11-24T03:08:53.457904Z","last_seen":"2025-11-24T03:08:53.457904Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"abfb777cf034fa2c669e1756a7cc8c53","sha1":"12303aadb2de95480e05f16e2f13454f34bbab38","sha256":"b9fa2ae58df589b0228d43dc71eb3c1a253676ff890967900d5b93014de47f09","sha512":"4e07b2fa65781d1150fb782af96830f6b0474f9d83db72c56b7fbedca7ab05d4b7b9c927a5bf5f7f12572a2c123dac15b531e9486b51a85afa47c428fbc9f59d","ssdeep":"3072:ykMjIS3dT517/JKl/erLUa3K+IvYtjbNsnaC81fqhWnQEb7t72VOm:5MjIS3r1zJKl/ergvYGaH1fqhWP7t7fm","tlshash":"7424e7d97692b062937334b4902f000fb2bea8a6f10c8955f1c5d9d97e78da89137f6c","size":214133,"data":"","first_seen":"2025-11-21T01:17:25.190206Z","last_seen":"2025-11-25T01:11:13.016103Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"264d10031939cccbe6ccacad85d05572","sha1":"6ba289e4515dc98f790c54f154c41f5026e65a3d","sha256":"ca71ec20421522e662c56569f6b1de4a34668cac9465c0dbb28f347952399469","sha512":"4fa8a2033fcbfff126915701936d4656d394f6f3ad7c449f202223b455db9e60555ec46b87bdc3f12d9678610cd9feb23c26efc94d008a4b68df71e12d33ec79","ssdeep":"","tlshash":"558000e0e280a0ba00f2a20ca2002020082ac2280e83e3828c2aa0cc08008f38aeba00","size":34,"data":"","first_seen":"2025-02-08T03:33:08.473479Z","last_seen":"2026-04-12T19:29:51.784158Z","times_seen":497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"13b29d7aeaa1d827a9a3feeb39148a43","sha1":"da2040ef13a2d1ce62b0eef9c6ced0fe14f66b28","sha256":"d2d18329527d4d7d4acda028f92281274ac2a08bd840af1c0480620582f98338","sha512":"86dc2b9ccd6cda65753b62b83dda93aabd9272931c1cd9bae1a56ccb607d7de074a8b9873c3a91b69479abf9fb911a4e10b47e0ae7f9cd242d638ce732869c53","ssdeep":"","tlshash":"466000003333000030c00c03c0000c00cf0c00cc000030003c030c00303000030c33c3","size":14,"data":"","first_seen":"2023-03-07T12:07:12Z","last_seen":"2026-04-12T19:29:51.785587Z","times_seen":1774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"6a6d49c6c2ae70af7aaf37b59e1992be","sha1":"7ec9c0209de4ee75d15551de5b41d72ef95a53d2","sha256":"01cad962eb3c779b21c51c5b10914e8f949d1c08ea965e804a60b5882846833d","sha512":"e65a14ab5a1147e6103f4f6f7b703f5d94c4d06887a51a1ec6ce33769227d9e8636b88c1d3523e3a24523bcd9896f4020be259edcd7249bf8c58ecf8ce74d1a9","ssdeep":"","tlshash":"44110000e2208a28002028332800020800020000c08008008002002000208030ea000a","size":958,"data":"","first_seen":"2025-03-21T10:58:41.402631Z","last_seen":"2025-11-24T03:08:53.460613Z","times_seen":537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea77f824de2ef57acb12e7cb6596365e","sha1":"10bad0dbdf30a0471c2c786b349daeb1dd19180e","sha256":"2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c","sha512":"cf69dd76334b7318c829868da8a7e9c2097ef261555388132fc69f95d42e91420e2988056c3d93c830b20059422ae5a82e1109e3dce9127ccb0e23cc5ca27591","ssdeep":"192:N0rZbTPe+fl9SKRGyFgkw+wi+FrZJqbzr+5rA7wbUCzebIkm:N09voK7gzi+FrZJqbzrarAyUX5m","tlshash":"7a22f8b33133fd9f8fba085ac61d61045c7dbc6f4aa94091bb0884e86af4558ead5d34","size":10687,"data":"","first_seen":"2023-03-07T12:02:01Z","last_seen":"2026-04-12T19:29:51.705432Z","times_seen":2340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9f832047715f01438c3556824a9aa11","sha1":"174108d5d6cf22d1b907fb0958e29bba7d91576b","sha256":"eb83f6f5d35599bc9dd1268d123d878d528d8289754e9a80c8cdcf62158b57ab","sha512":"7e6972c9f5a59f9f96a5812d3ba1ab18cb32cf665dd82e2ed1dd60d477c4221c7ce9517d5ae25d066c4b0903e0a94a889d4ef6fb94bd67f618c8cfaa9fb4bd62","ssdeep":"","tlshash":"0ca000b0c008a02880a020382000820200308030c0020080aa08808c080083203c2000","size":69,"data":"","first_seen":"2024-05-04T22:45:05Z","last_seen":"2026-04-03T22:52:06.986179Z","times_seen":1271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.mymediaing.my/sdk/p/?zid=9801","fqdn":"cdn.mymediaing.my","domain":"mymediaing.my","tld":"my"},"ip":{"addr":"172.67.170.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7242a02dfc80190808863a570f784df6","sha1":"55ea91ef3484e34e53fb3fa06e122d1204cf75c8","sha256":"4cc4fa21dd49f5194fd41a4d19d1c5c8d21ea87ff07a9105101db501f5d63f65","sha512":"7a88065d84a21ac5940df3ee28d2ce8bb73d6eb974011ecf0e753add0e5e75485cce22d3af31ef7b1292ed0abbbba82dd220c409d70cbcb48c01d18760a4bf1a","ssdeep":"1536:nFiJtBRiqSJQUUBU1wpIbS0UboLxCSMzHUgNvFv:nDqSJQUUBU1wpIbS0UboLxCSMzHHH","tlshash":"da3392982fd0b94053dbab7b772fb4e5f4570c2f6a81484fe225bc20759071beaa5930","size":52894,"data":"","first_seen":"2025-11-24T03:08:53.397313Z","last_seen":"2025-11-24T03:08:53.397313Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"031272e79a9911f16d484b354be88c9d","sha1":"7d875792a099de314c9ddffbe10de67a443a96f5","sha256":"4562dba0f875615fa36535736a46725e70e63715a6ddcf54aa661fd653ca3db3","sha512":"abb30f2699a3c36dd5511949b2d74ffae557f269e6544cd36a28741a22561f1c6f2508bb0c16d53e9f9ec6c35fc7893d2b28bca2345d0102204045862a408249","ssdeep":"","tlshash":"54d022e88228a52826a522c9d10fe3d09ca5a38b708339f0dc7e082d02489491436462","size":202,"data":"","first_seen":"2025-03-12T03:12:27.527113Z","last_seen":"2026-04-12T19:29:51.786298Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"a57152b06a259d44d68ed7bca5713220","sha1":"9e2da37836dd54a48ca9d1427b22407c8100b81e","sha256":"01b11179be37589fc67de3d7e419eec20dc566869de4175df5a4c5793a8dee78","sha512":"f2d79d01dcc9bcd209d8b69139d4a2be40a4918ec37d4eff6265a5a067f54bd8649dfebf7a1cb884dd2f91be15835aa4f008f2c2703e4bd8dcee3325041ab2d0","ssdeep":"","tlshash":"bf110000c802022202030b3a2008280020000200c082028000a000000080820002280c","size":929,"data":"","first_seen":"2025-03-21T10:58:41.403796Z","last_seen":"2026-02-02T21:39:33.582202Z","times_seen":228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fixedjs.4vid.top/?vidjs=51qxezx","fqdn":"fixedjs.4vid.top","domain":"4vid.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"887ac590e12829cd1cd79f00e5dfd938","sha1":"fe3b54ec873afd89047dd569ef5e85eed5c81d5a","sha256":"1ad5bcc74985d6921ef4a70e65234722d2a788f52d40055dbd9cb546a7b7aa64","sha512":"0d2af253d7ec09372f5ecc5e0fe894f91ddf4276e58b4ec79eec302108191abdaa7c7f530872e4a0e002f1474c204534d96fce77eaf24cf14c0b06d2fb302358","ssdeep":"1536:6MJTUxbKOOmmUJKJzQ2ns+VKPv4n7IrNNYl2xGSKLG7EjzjudQoGJUJ3Pj8JnFp/:HUxbKLilPs7rYGSKLG8zq6o7P2z8K7","tlshash":"a173a5bb725d502844e106a369714244fc2be637ad81d290f96c2c316f74e2a99f7fec","size":76814,"data":"","first_seen":"2025-11-22T18:11:56.3696Z","last_seen":"2025-11-24T03:08:53.465509Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d170c17ae6ff8efc74d28a6e19f8ea0d","sha1":"6389888951ca149b44a486dc199f4b395352f544","sha256":"d0b2da63a59351dcae26ceea570d089c69fdf5c03b6e0161cbada6386d663122","sha512":"e2984271e11c901481d7202e69e1d3294cedfedef0ad757f50de8437e4d035f49b559f819359da2a13aa47914c6567f04d5b97304ea44597ea66ed4f47f3e7a2","ssdeep":"","tlshash":"a890027b98243042154900829047551c401d240896e096494857704564c012d61b1105","size":51,"data":"","first_seen":"2025-11-19T01:18:40.603002Z","last_seen":"2026-03-03T14:10:04.007743Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"e8165bfbe0a84a065d8bba5ecdde8647","sha1":"7e5f9ca58e40f57650ab5078b295e3e6af7777cd","sha256":"916d5f069ecab1ea3e57a97502d36d60d04968f99a9413b0d620e850ffdc970e","sha512":"28858e8e914beb5bc12479df8f2920faeec9681bddad25493876e9eba301373af1e813819db91eb7fdcf9dab9d0aa552cd2735987f1d61d597ff60853df0b906","ssdeep":"","tlshash":"3ea0027f963554762a814781708f5e5d5466754b89b58728b85734f2708006db131b52","size":66,"data":"","first_seen":"2025-11-19T01:18:40.601427Z","last_seen":"2026-03-15T05:55:43.328248Z","times_seen":313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"6e9f29df6b23b4f9fa1811c685b5660f","sha1":"39f337a684d8b40c91a0542906f0e5b3af4ee9a6","sha256":"c18c76603be6b57bd9670866666004cec062ddd87d3c5570c258302900b8c168","sha512":"6f1c164eec2ec7700e5f604891558f3ada0faab7eb4e075bcf3c39ae1cde6f8fc4afb6c7cf252e8dcb5fd78a123d5661306a1934fc8849f871b959d26a69f1c8","ssdeep":"","tlshash":"c441095f82c8b0bf6291e349987bf70bc0a534c6659b4903f8b2056f74449cdbd47b9a","size":2220,"data":"","first_seen":"2025-11-20T13:25:44.164958Z","last_seen":"2025-12-16T23:48:26.300315Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8da66cae5fc09ad0ad54710cd4960dbd","sha1":"01ef404d9c252491d6f0cd6900cce145d4b76db1","sha256":"90b1ab53462f9b18c6a0d06704f07055e834c86239bdc87a3708514e9a6b6762","sha512":"5d4f175963755b790e21d7765434cab11676f9d02d4d9fa2885c05dbb2dd665ec871d93e3b7d9f50f79de7ed991f8815f7e6dc1bf82f9b1c70c8d4becf28e953","ssdeep":"","tlshash":"c1b0124b1d0c882f25319c40a552647f0072f0263510caee84b40120dc302cc4420400","size":88,"data":"","first_seen":"2023-03-07T12:02:01Z","last_seen":"2026-04-12T19:29:51.788908Z","times_seen":2424,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ba2d069a5ce8ce7375ebf3de4090d6ab","sha1":"047efdb45f9ab165220bad539963beafff342c21","sha256":"f9d065cd35e491e424a72fd109f41436dc68807c941b0dac69ef18756b5be44b","sha512":"8f42f09500b77f9a4a064300140e70273f97f89f18fa9916343576c0a585f22f072c75bff915ba21cfcec94719465b509a8d417aba75860b4192627abdcac837","ssdeep":"","tlshash":"10d0a76b0c21b4528a2042e5e067500cc05e980a93d4da6280c794327580bed247d51a","size":232,"data":"","first_seen":"2025-11-19T01:18:40.612848Z","last_seen":"2026-03-15T05:55:43.351877Z","times_seen":337,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"93c82f48611458106afc8e26c8420f5a","sha1":"22b166cfde30820d46e7207bb7f103783554bddc","sha256":"f73f26676daba7d128f22eed68ae038184a343928bea20064a80307821270645","sha512":"6e7eadbeab25adc4b3357f3b0bf3e0f04460af31891ee09ce79e7751d6f51ea8cc3bde2a061032c4177243901d25121a6e1e063a174fc687b6502d24ab362ec5","ssdeep":"","tlshash":"7c8004d45710713440c0c5d050547015d45500d300f575c3c0514c011404d513145515","size":35,"data":"","first_seen":"2025-11-21T15:06:31.275347Z","last_seen":"2025-11-24T03:08:53.47362Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2badd01f80cd03eb7ffce90487ab3f71","sha1":"1d0af7cc184466c7d86216085ea60242daeb1eb4","sha256":"e8f6c4dca8b7093bad96494bef55525265ce366c13dc6f76d9358cca8ee182d4","sha512":"ec9d7c3fe33550482bf70ec70ab0f2bb4c989ce096f4744d2e29646fae993113711dcf2c447e743ce4d422299d5b5155561522571a5b3c617d138ea55299078c","ssdeep":"","tlshash":"0b900410c47007103004550cc47573570531430d5f45171c0f10d4d3f5cf110553014c","size":43,"data":"","first_seen":"2023-03-07T12:07:12Z","last_seen":"2026-04-12T19:29:51.790342Z","times_seen":2354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"edc24b7d2fc7536422daee6621435edf","sha1":"71fd4875b509449d820e6a3dd7d83e5f6c31fac8","sha256":"ec599569faa2feb73e0954dcb1f0f7ac5ba6d49ad50d17d3932506608b86a2fc","sha512":"04c6206b3bc1bac7456e96da9d1c58b9a9173e86ff91e8c94fbcd1088b011b5660519419f7971fae6370e8f281951c046c3539ea74a00f7b29830311e0174b34","ssdeep":"","tlshash":"c79002532d0494c2214558c564a0a80f9411644a58a4869688a5051161082ec0842500","size":55,"data":"","first_seen":"2024-04-16T15:37:12Z","last_seen":"2026-04-12T19:29:51.790983Z","times_seen":2325,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"www.redd.tube/favicon.ico","fqdn":"www.redd.tube","domain":"redd.tube","tld":"tube"},"ip":{"addr":"54.39.222.96","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"redd.tube","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Oct 2025 10:20:02 GMT","end":"Thu, 22 Jan 2026 10:20:01 GMT"},"fingerprint":{"sha1":"95:1D:2A:86:AB:4D:C5:1C:4F:C2:19:92:87:34:1B:C0:23:48:59:E0","sha256":"BF:31:17:0C:92:A6:68:39:78:C2:E8:07:A6:9B:F1:36:93:0E:F2:ED:7D:83:83:6F:AC:A6:83:ED:4D:1B:A8:FF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.redd.tube\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html\r\ncontent-length: 737\r\nlast-modified: Thu, 31 Oct 2019 10:30:48 GMT\r\netag: \"5dbab7d8-2e1\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":737,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3cd2dc2fa3f65859bdde384930e5ebe8","sha1":"b87e6a19ab1c5492b075aed017b8a5e502e5b584","sha256":"fb1932fb1e5fe197a279db728c4d03c2f8b07dac065b5a37f4e265c4bc66506c","sha512":"1b8fad05711b59e2a42ebe3872ea3a319a3aad0a06c5a04e7b2f34f088e4471a5a20d2b015f23101bf94b9ce3abd00eaa906c5d90f41905ef2d40279ee798445","ssdeep":"","tlshash":"01011582c0d22006310b544438b8e784a95781cad9c587bd7179d876375c5b3fb2b15c","first_seen":"2024-08-19T21:51:14.227067Z","last_seen":"2026-04-13T16:22:59.748971Z","times_seen":184,"resource_available":true,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":29,"connect":118,"send":0,"wait":101,"receive":0,"ssl":215},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.mymediaing.my/sdk/p/?zid=9801","fqdn":"cdn.mymediaing.my","domain":"mymediaing.my","tld":"my"},"ip":{"addr":"172.67.170.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mymediaing.my","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 13:16:40 GMT","end":"Fri, 23 Jan 2026 12:32:23 GMT"},"fingerprint":{"sha1":"7A:56:92:3E:9A:7C:89:5C:10:48:A1:3D:9B:17:85:60:6A:29:66:07","sha256":"F9:A8:EA:A5:2D:E6:06:ED:FB:6D:DF:D7:41:B4:B1:EB:E9:5C:6A:69:DB:A3:4F:E4:8C:39:CA:59:87:EF:53:4E"}}},"request":{"raw":"GET /sdk/p/?zid=9801 HTTP/1.1\r\nHost: cdn.mymediaing.my\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sVDLvnDVVzc2LRXeFkJtaemPSmJEzofdtAzSsCaW4%2Fvp96CkM4N%2FR%2Bq7xqTa8RUQVWnfS82tXOtlDwhPbk0FM9L4QxRINGGDPfxwFy5Z5Q%3D%3D\"}]}\r\nx-time: 1763953695\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a35b365eb7ab4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52894,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52408)","md5":"7242a02dfc80190808863a570f784df6","sha1":"55ea91ef3484e34e53fb3fa06e122d1204cf75c8","sha256":"4cc4fa21dd49f5194fd41a4d19d1c5c8d21ea87ff07a9105101db501f5d63f65","sha512":"7a88065d84a21ac5940df3ee28d2ce8bb73d6eb974011ecf0e753add0e5e75485cce22d3af31ef7b1292ed0abbbba82dd220c409d70cbcb48c01d18760a4bf1a","ssdeep":"1536:nFiJtBRiqSJQUUBU1wpIbS0UboLxCSMzHUgNvFv:nDqSJQUUBU1wpIbS0UboLxCSMzHHH","tlshash":"da3392982fd0b94053dbab7b772fb4e5f4570c2f6a81484fe225bc20759071beaa5930","first_seen":"2025-11-24T03:08:53.397313Z","last_seen":"2025-11-24T03:08:53.397313Z","times_seen":1,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":15,"dns":4,"connect":1,"send":0,"wait":51,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"baraag.net/@KDE/image/png","fqdn":"baraag.net","domain":"baraag.net","tld":"net"},"ip":{"addr":"185.178.208.171","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"relay.baraag.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 17:52:45 GMT","end":"Mon, 12 Jan 2026 17:52:44 GMT"},"fingerprint":{"sha1":"C2:AC:A1:7A:5A:E4:1C:EC:19:8B:1C:BA:3E:61:A6:43:39:BB:0D:7F","sha256":"BC:9A:FF:DC:C5:EC:AD:AD:84:26:F5:80:58:AC:33:21:DA:F0:04:F4:CE:66:DF:B4:DF:D3:6E:34:56:C5:FE:F3"}}},"request":{"raw":"GET /@KDE/image/png HTTP/1.1\r\nHost: baraag.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=IgdD9C7x3Mnais7M; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:16 GMT\n__ddg10_=1763953696; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:16 GMT\n__ddg9_=91.90.42.154; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:16 GMT\n__ddg1_=WEEJdYoGPibIMmMtcVFY; Domain=.baraag.net; HttpOnly; Path=/; Expires=Tue, 24-Nov-2026 03:08:16 GMT\r\ndate: Mon, 24 Nov 2025 03:08:03 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreferrer-policy: same-origin\r\nvary: Accept-Encoding, Accept, Accept-Language, Cookie\r\ncache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400\r\netag: W/\"4e3f1a2ae443e329982d243b6ec7cc12\"\r\ncontent-security-policy: upgrade-insecure-requests;, base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://baraag.net; img-src 'self' data: blob: https://baraag.net https://media.baraag.net; media-src 'self' data: https://baraag.net https://media.baraag.net; manifest-src 'self' https://baraag.net; form-action 'none'; child-src 'self' blob: https://baraag.net; worker-src 'self' blob: https://baraag.net; connect-src 'self' data: blob: https://baraag.net https://media.baraag.net wss://baraag.net; script-src 'self' https://baraag.net 'wasm-unsafe-eval'; frame-src 'self' https:; style-src 'self' https://baraag.net 'nonce-GewItlWTWSQ7ty72e+q92Q=='\r\nx-request-id: 18313ea2-91c5-483a-8be8-e24645f521aa\r\nx-runtime: 0.020129\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cached: EXPIRED\r\ncontent-encoding: gzip\r\nage: 13\r\nddg-cache-status: HIT,MISS\r\ncontent-length: 15998\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js?1 HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 17 Nov 2025 11:18:55 GMT\r\nexpires: Tue, 17 Nov 2026 11:18:55 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 575362\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoobeegnet.z00.monster/scj/thumbs/46/422_body-and.jpg","fqdn":"zoobeegnet.z00.monster","domain":"z00.monster","tld":"monster"},"ip":{"addr":"148.113.152.129","port":443,"asn":16276,"as":"OVH SAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoobeegnet.z00.monster","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Oct 2025 04:18:19 GMT","end":"Tue, 30 Dec 2025 04:18:18 GMT"},"fingerprint":{"sha1":"12:D6:A4:6E:47:F3:0F:D0:E9:F4:47:9A:58:D1:4B:CC:7C:3F:83:FD","sha256":"DC:4C:A7:9F:A3:EC:F3:F3:FD:B1:99:FB:DD:7A:F0:7E:6B:E8:88:03:05:B9:14:F6:57:EF:98:68:88:25:2C:2A"}}},"request":{"raw":"GET /scj/thumbs/46/422_body-and.jpg HTTP/1.1\r\nHost: zoobeegnet.z00.monster\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11166\r\nlast-modified: Mon, 17 Apr 2023 21:31:29 GMT\r\netag: \"643dbab1-2b9e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11166,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3","md5":"b8ffcf264d27872c6e476b98fe00d407","sha1":"b50597882bea177c629a69b7db68c12fbccc30ce","sha256":"a32122781ba8f3d6699ebcade46131263b4bd24af2d452ce52bd18024e2184de","sha512":"2c7b25f223288660afeda7b9325d123e1b26d9e5e70e79013b51f3284b1f9af182391e5a99ce541d8364ee5df1927e4b00f173e14a97017383a904ab087dc437","ssdeep":"192:7q8NnYscD/dJEnTk0MG1xFsRN8gi2AuaRsx5nxELPvZgOFrucm5en:7q8N9cD/dJqfNxFsH8mtrAPvZ5rRmAn","tlshash":"c032b0a7a6a9e3cec3de9a2818705525fb3e3316c419fd6fa81929043fd5da08dc4062","first_seen":"2025-11-24T03:08:53.40252Z","last_seen":"2026-01-08T22:43:45.88451Z","times_seen":2,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":4,"dns":7,"connect":110,"send":0,"wait":98,"receive":91,"ssl":191},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.youjizz.com/favicon.ico","fqdn":"www.youjizz.com","domain":"youjizz.com","tld":"com"},"ip":{"addr":"66.254.114.242","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youjizz.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Dec 2024 00:00:00 GMT","end":"Tue, 06 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7","sha256":"B8:B2:2C:F3:DA:14:43:7C:79:64:F3:2C:36:B2:0A:52:EF:A7:AE:C8:FF:5D:57:E2:D1:26:9D:FD:B8:D7:77:B9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.youjizz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Tue, 25 Feb 2020 06:57:19 GMT\r\netag: \"5e54c54f-10be\"\r\naccept-ranges: bytes\r\nset-cookie: RNLBSERVERID=ded6731; path=/\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"cd65da5df2a2cfd472a198524ec61296","sha1":"e51ea1800eec5985026a37498f4aa7044c757d04","sha256":"321ac040acb1c782abf632960125319b8925361510e13b1a9dfd904a9e733515","sha512":"cc9c5a4b3aa6509950565314184d43312530129c5b891ac8e7bc4f830dfa476c8da2ad281f4482b8f633edd6718536b1313005a26798c4452dca43bbccc21b7d","ssdeep":"24:sub7bP5a7a5TaBFraLahza8C9ajaRGa6RagaAOaAOa5F7aq9ramaP:df5a7iMZcyBSMUGzRnsdOG7NR","tlshash":"7c91efe1972ef89ecb4c82b4e01ad1fdd52e5d08d590031ba0dfbe6b7eb2366147010a","first_seen":"2023-07-17T14:42:33Z","last_seen":"2026-04-03T22:52:06.966753Z","times_seen":672,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":65,"dns":28,"connect":19,"send":0,"wait":35,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oedy9.com/favicon.ico","fqdn":"oedy9.com","domain":"oedy9.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.338Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: oedy9.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"oedy9.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gcore-pic.xvideos-cdn.com/videos/thumbs169ll/37/7a/02/377a0222a53cdcfcf5178b4dd5df10ae/377a0222a53cdcfcf5178b4dd5df10ae.3.jpg","fqdn":"gcore-pic.xvideos-cdn.com","domain":"xvideos-cdn.com","tld":"com"},"ip":{"addr":"185.244.209.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xvideos.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 15 Oct 2025 00:00:00 GMT","end":"Sun, 15 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3C:93:93:D2:61:40:5B:B9:F9:EB:A2:B0:78:48:57:C0:F2:41:42:42","sha256":"D9:3E:6D:83:C8:0E:74:42:32:A1:4F:A3:9B:CA:3A:9D:E0:D2:60:38:FF:BF:EB:0E:36:AA:3E:41:44:D5:A7:59"}}},"request":{"raw":"GET /videos/thumbs169ll/37/7a/02/377a0222a53cdcfcf5178b4dd5df10ae/377a0222a53cdcfcf5178b4dd5df10ae.3.jpg HTTP/1.1\r\nHost: gcore-pic.xvideos-cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23099\r\ntraceparent: 00-b47a249f54f1d27f9e3f359e30fb2c66-b6ddf99bfc4c52b6-01\r\nx-frame-options: sameorigin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nlast-modified: Wed, 25 Oct 2023 07:22:48 GMT\r\nexpires: Sun, 23 Mar 2025 10:36:28 GMT\r\ncache-control: max-age=10368000, public\r\naccess-control-allow-origin: *\r\nx-id-shield: am3-hw-edge-gc131\r\nage: 8044279\r\nx-id: osix-hw-edge-gc4\r\ncache: HIT\r\nx-cached-since: 2025-11-18T10:42:02+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23099,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100\", progressive, precision 8, 352x198, components 3","md5":"3cd821476e5ac6ee8c964fc379992956","sha1":"50661f6d18715fc83d48ff0d1953b01074f5bd8e","sha256":"1b116cbc7e963c4e60eef71713fdeffcdd8709394f2597199b2c26b49336d304","sha512":"da8ae8af549f7e33db3ff908953435a371eee9c6ad76d614f2c0ebc0e9448f23f884fea1b19d4a11cb7d84d0ce2dde1d73295205e3e0b3af188c47ab3f80f66a","ssdeep":"384:enW5nn7kkP4zkeaAoV/yiu3V+2TsSXWhcMcS/0teOldiPNenJ9QTq0ZDt//D:enW5nn7vAoV/yiurJXqcMcO0ANenJY1","tlshash":"a0a2f1692b04c57de0dcc7ebd0700849653ef221dbc0e2c562a748fd794f412bb66a16","first_seen":"2024-12-13T01:11:03.586414Z","last_seen":"2026-02-06T12:13:15.666591Z","times_seen":53,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":7,"dns":8,"connect":3,"send":0,"wait":2,"receive":1,"ssl":376},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:16.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 17 Nov 2025 09:58:24 GMT\r\nexpires: Tue, 17 Nov 2026 09:58:24 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 580192\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.youtube.com/vi/aQfIUXd1wts/0.jpg","fqdn":"img.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /vi/aQfIUXd1wts/0.jpg HTTP/1.1\r\nHost: img.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 24 Nov 2025 02:50:26 GMT\r\nexpires: Mon, 24 Nov 2025 04:50:26 GMT\r\ncache-control: public, max-age=7200\r\nage: 1071\r\netag: \"1530897381\"\r\ncontent-type: image/jpeg\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20500,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3","md5":"8b04f4824e6388db7e3fd267161901b7","sha1":"121c07f699da8ee3ee310f679d060d6e64a9d945","sha256":"db15ebea3ec4f81e493327dba883bfce7486d23e563db8a85ce57ed09b304225","sha512":"1ad132c94e3808c63b0370e74c6821ad0754274da6acd476313749886bfa8517659ebe7a7b91dc93aa2cc8209c2fac8b7062cf1f37c9977eb2a4d507bd5c7971","ssdeep":"384:8RqYVp5mCmZcmhlQRziEnNjD4rOE+h2swyQbGbDfvZijXqdk+s:8RqYVgcmhaxNUA6W3YWdk/","tlshash":"6592e1a21ab03a9c58162a718f3df6cb71877305e7f1edf070c2188572e4cd58a97a50","first_seen":"2024-12-08T18:32:56.498038Z","last_seen":"2026-04-12T19:29:51.77606Z","times_seen":46,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":33,"send":0,"wait":28,"receive":11,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"motherless.com/favicon.ico","fqdn":"motherless.com","domain":"motherless.com","tld":"com"},"ip":{"addr":"185.107.81.233","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.motherless.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Wed, 02 Apr 2025 00:00:00 GMT","end":"Sun, 03 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BC:66:10:ED:31:C2:E1:48:61:92:BF:BD:98:9C:71:7C:41:97:BB:15","sha256":"DC:4B:D9:73:E2:0F:70:E0:0F:00:83:14:04:82:39:70:D2:DC:F4:3D:ED:56:CB:DA:C8:73:69:B1:19:73:4A:D9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: motherless.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 24 Nov 2025 03:08:18 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 1150\r\nConnection: keep-alive\r\nLast-Modified: Thu, 20 Apr 2023 06:59:04 GMT\r\nETag: \"6440e2b8-47e\"\r\nX-Server-W: web802\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"71fed71dccb91a13bdf68a6444f25ce4","sha1":"38da7202842147ecda5521d50f094a54d1381f2c","sha256":"18f6675d329e6cb3bb7d7d1e546a1c68c5cc599f1b3ae98c2abbd21a53dc42c2","sha512":"5026edac9534773d52080439a13fe7dd5de5516c7813e062d25501d90ee67cf4cc01cf721070b90fc47f2d164a33a968c475d511c09fa528850a6294bb54795a","ssdeep":"","tlshash":"fc213e8ad700d86cc57456bce13a31f73e88ce40da20286b6f1a3c007c3522178ecc84","first_seen":"2023-05-25T17:44:41Z","last_seen":"2026-04-15T17:24:27.777758Z","times_seen":797,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":201,"dns":5,"connect":17,"send":0,"wait":20,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 3953\r\ncf-ray: 9a35b365f8750b65-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5ed16b69-29bf\"\r\nlast-modified: Fri, 29 May 2020 20:07:05 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 244819\r\nexpires: Sat, 14 Nov 2026 03:08:15 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QO%2FdJmMLe1KSB%2BQAmP4vrLI1fhf0PduaAMJhgTJxk0ybmmJ2va2vnvkAfK9zP5eK99O3aDz5kHN7S6RY7dWTLNA8fyVMgXYGjjvS3b8dav5KhTFQ8h0p3IvTk5Zd96nRl1yCTctf\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10687,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10613)","md5":"ea77f824de2ef57acb12e7cb6596365e","sha1":"10bad0dbdf30a0471c2c786b349daeb1dd19180e","sha256":"2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c","sha512":"cf69dd76334b7318c829868da8a7e9c2097ef261555388132fc69f95d42e91420e2988056c3d93c830b20059422ae5a82e1109e3dce9127ccb0e23cc5ca27591","ssdeep":"192:N0rZbTPe+fl9SKRGyFgkw+wi+FrZJqbzr+5rA7wbUCzebIkm:N09voK7gzi+FrZJqbzrarAyUX5m","tlshash":"7a22f8b33133fd9f8fba085ac61d61045c7dbc6f4aa94091bb0884e86af4558ead5d34","first_seen":"2023-03-07T12:02:01Z","last_seen":"2026-04-12T19:29:51.705432Z","times_seen":2340,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":19,"dns":0,"connect":1,"send":0,"wait":20,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pdocac.4vid.top/av4usimage.png","fqdn":"pdocac.4vid.top","domain":"4vid.top","tld":"top"},"ip":{"addr":"172.67.181.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4vid.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 04:08:57 GMT","end":"Fri, 13 Feb 2026 05:05:33 GMT"},"fingerprint":{"sha1":"99:1F:D8:6E:39:72:6F:D5:11:7F:B0:79:4D:F6:40:0E:A5:37:9F:9A","sha256":"F4:87:3F:1A:B8:E5:52:39:3C:56:29:BB:B7:CD:E0:20:DE:45:F2:30:28:80:C4:8D:AB:CA:AE:DC:24:7C:14:56"}}},"request":{"raw":"GET /av4usimage.png HTTP/1.1\r\nHost: pdocac.4vid.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 2619\r\npriority: u=6,i=?0\r\netag: \"a3b-6437702003080\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\ncache-control: public, max-age=360000\r\nx-proxy-cache-192g-la: HIT\r\nxkey-192la: pdocac.4vid.top/av4usimage.png--pdocac.4vid.top--myzone---yes\r\naccept-ranges: bytes\r\nage: 167560\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mc82eL2KbPORFpBnyd0FWOTXIV06%2BqtB1%2BnGrG%2BNPa0dup4XekSngnGT%2BDXfYFyppLTvaMSrCKruac%2FvJ4yMD44EPKaY2WZDfN8iHHlzjw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a35b36ed81c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 339 x 89, 8-bit/color RGB, non-interlaced","md5":"8267aaadeeeb8c9fa7482f2f9db2d4e3","sha1":"a2ef23d3b5f9d9bb3102c855a8ace072884ba60c","sha256":"998cf9d427c2e322904e89a056ba823b56078fb199b7395883f3eafabaadbea8","sha512":"719215d8ec70b8b36b24277a80e7876be2fa1afe3698c05bbff013b6a2936701f266e694c221756e7306d1a945013986a53e41af0bc90bdd4bbf0dcbe33f7637","ssdeep":"","tlshash":"f5513ccb05b2fdbc657d79976105a79ef3a896c72982b872565c38c14243a0096c1fe1","first_seen":"2025-11-13T21:07:01.541567Z","last_seen":"2026-04-12T19:29:51.682384Z","times_seen":362,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"pdocac.4vid.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.w3schools.com/w3css/4/w3.css","fqdn":"www.w3schools.com","domain":"w3schools.com","tld":"com"},"ip":{"addr":"23.36.76.136","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certification.w3schools.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Oct 2025 05:09:45 GMT","end":"Sun, 18 Jan 2026 05:09:44 GMT"},"fingerprint":{"sha1":"1B:0A:07:AA:E5:29:0E:01:21:18:F3:4C:23:42:E9:6A:3F:85:C5:39","sha256":"57:8C:78:FA:CB:E0:9B:8C:76:B8:05:E6:78:67:4F:0D:0C:B6:F1:8A:3B:26:BD:E1:51:03:95:09:8B:93:A0:12"}}},"request":{"raw":"GET /w3css/4/w3.css HTTP/1.1\r\nHost: www.w3schools.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Fri, 21 Nov 2025 13:08:32 GMT\r\naccept-ranges: bytes\r\netag: \"088b7efe75adc1:0\"\r\ncontent-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;\r\nx-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 5256\r\ncache-control: public, max-age=31396664\r\nexpires: Sun, 22 Nov 2026 12:26:02 GMT\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\nx-loc: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23427,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"75b37d4abbdde1322116d2744181081d","sha1":"6d6b5ff442af4682c30e970c382002a7c694ac5b","sha256":"c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5","sha512":"8ba303e078af3f71176b6e7fa5c32b0f3984014393133a960da7103bc78204a144a3d034a3d1ad7126f1547f45408e00e036175f54766ffccc8cf84cd4c129a5","ssdeep":"384:aHHLO7eS0F4bBY/fn6jZcy9/cGK1q8CarY64Cb+dOy:aHHCLYXfl1q8CarY64Cb+dl","tlshash":"fbb2f022ff8a1138261a873660d5fbfc573a8681df9f1b7a7030373943894c26796e49","first_seen":"2023-06-26T21:08:35Z","last_seen":"2026-04-22T05:38:12.907638Z","times_seen":16787,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":50,"dns":35,"connect":1,"send":0,"wait":10,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filtradas.com/uploads/default/optimized/2X/e/e27f9fb5ad331a402e9e9302b3386080c84837f7_2_585x1024.jpeg","fqdn":"filtradas.com","domain":"filtradas.com","tld":"com"},"ip":{"addr":"91.234.199.87","port":443,"asn":43641,"as":"SOLLUTIUM EU Sp z.o.o.","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filtradas.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Nov 2025 03:08:59 GMT","end":"Mon, 02 Feb 2026 03:08:58 GMT"},"fingerprint":{"sha1":"E1:A5:18:66:02:A1:30:48:C0:63:B8:0D:A6:A0:6A:4D:49:FB:31:A4","sha256":"F3:EF:EA:51:6F:29:3C:97:1C:9E:B5:C9:DB:69:E9:BE:55:EA:E1:47:AC:EB:1B:EB:A6:2A:5B:B1:74:85:D0:AB"}}},"request":{"raw":"GET /uploads/default/optimized/2X/e/e27f9fb5ad331a402e9e9302b3386080c84837f7_2_585x1024.jpeg HTTP/1.1\r\nHost: filtradas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":23,"dns":42,"connect":22,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"image.beckybelike.com/upload/vod/20240909-1/60ce45db0d81643b3b2c6d5ecc0af3f4.jpg","fqdn":"image.beckybelike.com","domain":"beckybelike.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.054Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/vod/20240909-1/60ce45db0d81643b3b2c6d5ecc0af3f4.jpg HTTP/1.1\r\nHost: image.beckybelike.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":4185,"timings":{"blocked":368,"dns":3817,"connect":4020,"send":0,"wait":0,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sorkab.com/wp-content/uploads/2022/02/0000670.jpg","fqdn":"sorkab.com","domain":"sorkab.com","tld":"com"},"ip":{"addr":"172.67.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sorkab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 12:21:44 GMT","end":"Mon, 26 Jan 2026 13:21:42 GMT"},"fingerprint":{"sha1":"0E:87:D0:8D:06:B9:53:D2:4B:10:7E:D4:88:CF:2F:CF:2A:0D:AD:47","sha256":"1F:89:BF:95:E9:44:A7:05:CB:C2:6E:6E:86:A9:E5:1D:6C:12:B2:D1:41:70:41:A2:92:6C:59:56:81:BC:8C:D1"}}},"request":{"raw":"GET /wp-content/uploads/2022/02/0000670.jpg HTTP/1.1\r\nHost: sorkab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CakLbRVp3LAcXJl%2FzCQcU3cseNYCEFKJdIhKcqn0qJG%2B2zAyuTqvjqGkAmkiwGMqpSO7p%2BNChJB9bgbK3NFyigy0QdhPSJr66A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9a35b3690e4a75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theav.xyz/favicon.ico","fqdn":"theav.xyz","domain":"theav.xyz","tld":"xyz"},"ip":{"addr":"104.21.77.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theav.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 06 Nov 2025 14:42:00 GMT","end":"Wed, 04 Feb 2026 15:39:44 GMT"},"fingerprint":{"sha1":"72:06:01:93:87:31:5B:EA:61:96:BD:46:B2:D6:6B:6E:31:7F:41:2D","sha256":"E1:D9:A6:23:7F:37:1F:CC:3C:EC:D6:FE:4C:0F:4F:A2:47:5D:CE:6B:A2:F9:93:F3:A8:0F:5B:37:14:4A:16:D8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: theav.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 135619\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a5dy79zjQ6yNl5OaW3sSoqgtE85RYRYlVC9ZbmDh%2B5%2BWO%2Fy4gktDd4f0Zu54Vi9TVGhjMphYUZwfAYmRURoxQl%2FrjSVNJRnplA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9a35b377ef7d4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":23,"connect":4,"send":0,"wait":10,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjj.gazo.space/index.php?js=very","fqdn":"jsjj.gazo.space","domain":"gazo.space","tld":"space"},"ip":{"addr":"37.48.65.155","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:16.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gazo.space","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Oct 2025 05:37:08 GMT","end":"Wed, 14 Jan 2026 05:37:07 GMT"},"fingerprint":{"sha1":"42:81:9A:C2:12:76:D2:CD:B1:3B:81:D3:A8:54:DE:A0:E4:93:44:C6","sha256":"62:13:BC:B6:25:04:97:D3:E5:46:00:63:FC:25:8D:3C:FE:B2:8F:AF:89:F2:54:1C:2B:02:01:74:80:F1:3B:3E"}}},"request":{"raw":"GET /index.php?js=very HTTP/1.1\r\nHost: jsjj.gazo.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://css.jpg4.icu/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 11\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\nlocation: http://ww1.gazo.space\r\nserver: Cowboy\r\nset-cookie: sid=d278ccda-c8e2-11f0-a685-58bcd0bea69b; path=/; domain=.gazo.space; expires=Sat, 12 Dec 2093 06:22:23 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]},{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"jsjj.gazo.space","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bingato.com/favicon.ico","fqdn":"bingato.com","domain":"bingato.com","tld":"com"},"ip":{"addr":"104.21.62.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bingato.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 21 Oct 2025 05:23:53 GMT","end":"Mon, 19 Jan 2026 06:21:18 GMT"},"fingerprint":{"sha1":"7C:1A:5E:9E:EB:85:6C:29:C7:DE:A5:88:16:06:1D:4C:0A:B4:A7:AD","sha256":"BA:25:3A:71:06:C6:60:9E:87:AA:78:B7:62:C5:8B:6D:4D:FD:DC:3E:73:BB:8C:6B:02:E8:68:C0:1C:54:01:80"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bingato.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: sameorigin\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nage: 78\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WKD7vqQYJEekvJB5Zgt8ghqXi5Vvw7cm33IA5Bene7oKOCjE9Eh5hyCrguKu13VVrpWxdm0oRXObM2yyMFP5aVBxalcpb%2FFqveCd\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9a35b3767b711a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sorkab.com/wp-content/uploads/2022/02/0000670.jpg","fqdn":"sorkab.com","domain":"sorkab.com","tld":"com"},"ip":{"addr":"172.67.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sorkab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 12:21:44 GMT","end":"Mon, 26 Jan 2026 13:21:42 GMT"},"fingerprint":{"sha1":"0E:87:D0:8D:06:B9:53:D2:4B:10:7E:D4:88:CF:2F:CF:2A:0D:AD:47","sha256":"1F:89:BF:95:E9:44:A7:05:CB:C2:6E:6E:86:A9:E5:1D:6C:12:B2:D1:41:70:41:A2:92:6C:59:56:81:BC:8C:D1"}}},"request":{"raw":"GET /wp-content/uploads/2022/02/0000670.jpg HTTP/1.1\r\nHost: sorkab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=udcUf%2FNqrA1p47QlOFl2IoAZmZl5JRQhAjZEtqhDvRmOov5hPl7%2FAOPtk9L0uEkF%2BOnBFyrXBp2mrAK3vhfE8cbvR%2FRWRVE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9a35b362d8ef56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":9,"dns":42,"connect":8,"send":0,"wait":7,"receive":0,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.youtube.com/vi/Zxa9DPlts1A/0.jpg","fqdn":"img.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /vi/Zxa9DPlts1A/0.jpg HTTP/1.1\r\nHost: img.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 6133\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 24 Nov 2025 02:13:37 GMT\r\nexpires: Mon, 24 Nov 2025 04:13:37 GMT\r\ncache-control: public, max-age=7200\r\netag: \"1617981310\"\r\ncontent-type: image/jpeg\r\nage: 3280\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6133,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3","md5":"877fb4923b21a5f1968c28a6d542febf","sha1":"105210c2f499a96b84a127933a0daed0d3c526ab","sha256":"f1ffa9ee49a399f9a69938eb954ddb935ac15cbda65559d114a12a3409d1c2dc","sha512":"7f7adcf75f0575c43734cd210ce872fcef32cadf2aa5c424ecb6944f3a7c250e6cda8cff5efcc4797abdfd9430f88a483eb38dd649eedaf2393f9de5a71122f3","ssdeep":"96:zYefPR0gXmyBsJ9thlrB6Aevh+VCa5CxO20Y+sCau8Ar4iNEKohGt:hPR0lyBYJXGh+Yayi1yArQat","tlshash":"a7c19f79ad7444caf511317418b9d764b1eb6940f524836a2025b7204a7a2c2fe7ebf8","first_seen":"2025-11-24T03:08:53.410911Z","last_seen":"2025-11-24T03:08:53.410911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":147,"dns":0,"connect":0,"send":0,"wait":36,"receive":3,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjj.gazo.space/index.php?js=very","fqdn":"jsjj.gazo.space","domain":"gazo.space","tld":"space"},"ip":{"addr":"37.48.65.155","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gazo.space","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Oct 2025 05:37:08 GMT","end":"Wed, 14 Jan 2026 05:37:07 GMT"},"fingerprint":{"sha1":"42:81:9A:C2:12:76:D2:CD:B1:3B:81:D3:A8:54:DE:A0:E4:93:44:C6","sha256":"62:13:BC:B6:25:04:97:D3:E5:46:00:63:FC:25:8D:3C:FE:B2:8F:AF:89:F2:54:1C:2B:02:01:74:80:F1:3B:3E"}}},"request":{"raw":"GET /index.php?js=very HTTP/1.1\r\nHost: jsjj.gazo.space\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://av.av4.website/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 11\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\nlocation: http://ww1.gazo.space\r\nserver: Cowboy\r\nset-cookie: sid=d18f70df-c8e2-11f0-9b34-58bc23845202; path=/; domain=.gazo.space; expires=Sat, 12 Dec 2093 06:22:22 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":15,"connect":39,"send":0,"wait":187,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"jsjj.gazo.space","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.youtube.com/vi/pQSYJ4_Fp0M/0.jpg","fqdn":"img.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /vi/pQSYJ4_Fp0M/0.jpg HTTP/1.1\r\nHost: img.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30738\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 24 Nov 2025 02:13:37 GMT\r\nexpires: Mon, 24 Nov 2025 04:13:37 GMT\r\ncache-control: public, max-age=7200\r\nage: 3280\r\netag: \"1600306127\"\r\ncontent-type: image/jpeg\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3","md5":"091865981e37ac8bdae330772b0e8c3b","sha1":"2db4073cf449f98f46145b161a1a903303852527","sha256":"6aa253c933ca76d718af127dd8ad019eef365b842bb6e6d62d8f019a37dc2c84","sha512":"602156c4980ff7003b2a98aa08feaab396c05c9a71379d15a1f1aa9e6448e3c389b5ff7c063a3c273a464f7a2471df6c65b87f1cbfa6664fd77cdc400a5bd03a","ssdeep":"384:kjtwPvJUqIp7EcEM4ep+hUCepqTAws3YyQ+KY7xTuTYr6dzaOcfUtSrUuTHCyJXD:kjiHJRIBUehZDwjyQxdziU82MXIXTG","tlshash":"add2d0b62bf418c02b048d3106259b346b89e54619d62a47a681cfbc7bf58f5dfbbc24","first_seen":"2025-07-05T12:25:41.416309Z","last_seen":"2026-03-02T10:40:01.524107Z","times_seen":17,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":104,"dns":73,"connect":28,"send":0,"wait":28,"receive":29,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sexsex16.com/favicon.ico","fqdn":"sexsex16.com","domain":"sexsex16.com","tld":"com"},"ip":{"addr":"23.145.152.20","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sex83.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Sep 2025 14:08:44 GMT","end":"Wed, 10 Dec 2025 14:08:43 GMT"},"fingerprint":{"sha1":"C9:DF:27:A9:2B:47:90:06:7B:5F:0D:64:78:F2:F2:AA:1A:35:1B:98","sha256":"4C:FE:81:8C:DC:92:CE:C9:8C:E0:31:42:DB:60:A1:F2:47:C9:52:17:EF:1D:EF:EB:5D:95:CB:4A:EB:AF:0B:5E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sexsex16.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Sun, 23 Nov 2025 04:40:01 GMT\r\netag: \"645b773c-10be\"\r\nlast-modified: Sun, 23 Nov 2025 04:40:01 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"da00228045bbdc9fc485eee15ae466f7","sha1":"51acd57ef4439a7e622281388e2aa83d53b3fe33","sha256":"18a2fc0c936b1782fb1f1dec65e9ea9dfff00e1a081594c8c3049a5b435c1d2d","sha512":"b7ba13392ab3c6d8c1077989d482399892c1c094599e798b69dc3c6720b5d26dd6186d414f46cacf8ed48061e091d23978248b63cace28ebc601e41348ce608a","ssdeep":"48:uTOtJTTH7TTS/LY64wSKd2sci/6aq3EDP+3yk:uOH73wSKdEv/3v3yk","tlshash":"e2912fa8edf928bfd22403785f0697f8c8338e1f6ce4593308227c9b272ed51848611d","first_seen":"2023-05-17T22:14:46Z","last_seen":"2026-04-15T09:35:07.741394Z","times_seen":552,"resource_available":false,"data":null}},"time_used":1359,"timings":{"blocked":503,"dns":5,"connect":283,"send":0,"wait":270,"receive":8,"ssl":277},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"page.phic4.top/myda.php","fqdn":"page.phic4.top","domain":"phic4.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.205Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /myda.php HTTP/1.1\r\nHost: page.phic4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":0,"dns":51,"connect":238,"send":0,"wait":0,"receive":0,"ssl":238},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"page.phic4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav102.com/contents/videos_screenshots/7000/7268/preview.jpg","fqdn":"cav102.com","domain":"cav102.com","tld":"com"},"ip":{"addr":"45.145.72.132","port":443,"asn":201106,"as":"Spartan Host Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav102.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 10:48:19 GMT","end":"Sat, 17 Jan 2026 10:48:18 GMT"},"fingerprint":{"sha1":"82:94:6E:AC:FA:1B:B3:AD:3A:52:F3:44:5C:22:68:8E:3A:C1:15:86","sha256":"C9:61:FC:04:4A:41:13:4F:00:A5:6F:C2:6B:3D:0E:B4:B1:C6:5B:C5:42:BF:0A:4E:EF:27:16:51:8C:26:96:EA"}}},"request":{"raw":"GET /contents/videos_screenshots/7000/7268/preview.jpg HTTP/1.1\r\nHost: cav102.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104073\r\nlast-modified: Sun, 25 Sep 2022 19:00:11 GMT\r\netag: \"6330a53b-19689\"\r\nexpires: Mon, 24 Nov 2025 03:09:15 GMT\r\ncache-control: max-age=60\r\nstrict-transport-security: max-age=31536000\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Lavc57.89.100\", baseline, precision 8, 720x1280, components 3","md5":"9b893f32567e852fb3a1fcdfb881926f","sha1":"797d89c6b0af79d9c4682b004be77e4296d7d77e","sha256":"d6bfa10297c9b6c29bdf28822a7bbbacd737b9d19a307577672ce9c697c77cd3","sha512":"70aeb8b9155e8b0918bd219bd21744d044133d4ea5954018b03001eade510c2d36239bfaf5cbdd82c348028750248cba66270ff6f2ac9813a559044d7f42f7e5","ssdeep":"3072:eB35T1IK0tEhYcDLj44RWZ108Rec/JlaV4IA6PcK:eBx53GajnK10cec/Ha61K","tlshash":"f3a312fb36c2c7548ff8ac33219d3482a54de85669bb71dc1394ae1ba028db2570c49f","first_seen":"2024-12-07T03:44:49.555286Z","last_seen":"2026-03-01T16:28:28.707284Z","times_seen":75,"resource_available":false,"data":null}},"time_used":1223,"timings":{"blocked":12,"dns":4,"connect":175,"send":0,"wait":168,"receive":504,"ssl":356},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.youtube.com/vi/xEJoeIbGOkk/0.jpg","fqdn":"img.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /vi/xEJoeIbGOkk/0.jpg HTTP/1.1\r\nHost: img.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13998\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 24 Nov 2025 01:47:14 GMT\r\nexpires: Mon, 24 Nov 2025 03:47:14 GMT\r\ncache-control: public, max-age=7200\r\nage: 4863\r\netag: \"0\"\r\ncontent-type: image/jpeg\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13998,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3","md5":"94f0376edbf48624935f49c69619d92e","sha1":"f7a8f3fc894ca288f9ae29362e29f85198d44bc3","sha256":"8aa1e7da1b48268e9ff2f0f4381a067a13f657789f4db1bd20f1a1e54d909443","sha512":"d614280d5c6906730c4bf59b527834ed0315ac83c579de4d164a8f4f53c66883c6861b8d418bab781f385709c90a378d841c618ef24121176997c1b358a672f8","ssdeep":"384:PyNh82LarXVnOMkFvblJ9xWQmNEaIDipcnqxHtb:PAh7arEhlvm6h2pyG","tlshash":"6752beea0262e02ae4099f9b808d43fbb0239a72dd881b8fe727443448103c457fccbc","first_seen":"2025-08-16T02:44:09.218126Z","last_seen":"2026-03-15T05:55:43.170066Z","times_seen":5,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":208,"dns":84,"connect":36,"send":0,"wait":28,"receive":5,"ssl":160},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"baraag.net/favicon.ico","fqdn":"baraag.net","domain":"baraag.net","tld":"net"},"ip":{"addr":"185.178.208.171","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"relay.baraag.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 17:52:45 GMT","end":"Mon, 12 Jan 2026 17:52:44 GMT"},"fingerprint":{"sha1":"C2:AC:A1:7A:5A:E4:1C:EC:19:8B:1C:BA:3E:61:A6:43:39:BB:0D:7F","sha256":"BC:9A:FF:DC:C5:EC:AD:AD:84:26:F5:80:58:AC:33:21:DA:F0:04:F4:CE:66:DF:B4:DF:D3:6E:34:56:C5:FE:F3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: baraag.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=KquK2I9fkmyA1VLb; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:18 GMT\n__ddg10_=1763953698; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:18 GMT\n__ddg9_=91.90.42.154; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:18 GMT\n__ddg1_=Tz1PqesG8MWu1FHNguN0; Domain=.baraag.net; HttpOnly; Path=/; Expires=Tue, 24-Nov-2026 03:08:18 GMT\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreferrer-policy: same-origin\r\ncache-control: private, no-store\r\ncontent-security-policy: upgrade-insecure-requests;, base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://baraag.net; img-src 'self' data: blob: https://baraag.net https://media.baraag.net; media-src 'self' data: https://baraag.net https://media.baraag.net; manifest-src 'self' https://baraag.net; form-action 'self'; child-src 'self' blob: https://baraag.net; worker-src 'self' blob: https://baraag.net; connect-src 'self' data: blob: https://baraag.net https://media.baraag.net wss://baraag.net; script-src 'self' https://baraag.net 'wasm-unsafe-eval'; frame-src 'self' https:; style-src 'self' https://baraag.net 'nonce-4Dgx8q9MTk5VnpTxUEPBHg=='\r\nx-request-id: fb05895f-733e-4965-b1f5-815fc4573139\r\nx-runtime: 0.005807\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\ncontent-encoding: gzip\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fqjpg4.top/upload/vod/20250611-1/e60a30f0baaaec6a09fb31d109373ea6.png","fqdn":"fqjpg4.top","domain":"fqjpg4.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.152Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /upload/vod/20250611-1/e60a30f0baaaec6a09fb31d109373ea6.png HTTP/1.1\r\nHost: fqjpg4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":0,"dns":1,"connect":108,"send":0,"wait":0,"receive":0,"ssl":115},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"fqjpg4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"av.av4.website/","fqdn":"av.av4.website","domain":"av4.website","tld":"website"},"ip":{"addr":"172.67.167.160","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-24T03:08:13.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"av4.website","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 11:37:16 GMT","end":"Sat, 10 Jan 2026 12:36:05 GMT"},"fingerprint":{"sha1":"4C:E2:90:4E:A8:EA:D3:7F:CB:16:98:32:46:93:81:8B:39:8E:7D:2B","sha256":"AB:13:9F:6D:34:E7:2A:3C:69:66:AB:C3:A8:F8:15:B0:6F:D2:BA:B6:88:60:D6:A7:F4:D5:A7:C7:7F:DF:3D:74"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: av.av4.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:14 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npdojs-line8: host-av.av4.click4.194.8.20-myhost-av.av4.click38.220.248/\r\nphost: av.av4.click\r\npdojs-line359: notjp--myhost-av.av4.click-filteron-\r\npdojs-line967: notjp--myhost-av.av4.click-filteron-/\r\nline1293: URI-/-myhost-av.av4.click-filteron-\r\nline1430: \r\nline1465: -\r\npdojs-line1525: host-13739\r\npdojs-line1526: host-/dev/shm/hotthum-2-1\r\npdojs-line1534: ibig--chname--filteron--txtlang--shows-61\r\ncache-control: public, max-age=14400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HH2wbvVELj63j5Xma8A%2BkSQxjRqHtMuVvnzmEgJaBSc8Ad95X5%2BxQ8ls3sqdF1cqMFYwHVEwR1MeDzR1t%2BURU1lLxPhRdbjE8r6S4P9e\"}]}\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\nx-proxy-cache-192g-la: HIT\r\nxkey-192la: av./-A-av.av4.website-av.av4.website-myzone---yes\r\nx-proxy-cache-g-sg1: MISS\r\nxkey-g-sg1: av./-A-av.av4.website--my_zone\r\ncf-cache-status: EXPIRED\r\nlast-modified: Mon, 24 Nov 2025 03:08:14 GMT\r\ncontent-encoding: br\r\ncf-ray: 9a35b35afc601525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40959,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (33869), with CRLF, LF line terminators","md5":"364f5fa834e5d0eedae6946b0deef1d0","sha1":"d7e8959788a8a7c36751b8db450d4d25ca2489cf","sha256":"8d938d90e88c0aaf5f2980ae7d47bf1a63fb8326aa65b1d8280112e3b2b63aa0","sha512":"7276cff0407bf59248613c559df9c97ca7e1e697d3a850158529cf729aa7811577e9cc597032da6bf1ed61fa711866118b5bafbc1f6ea08c848878f1a91db978","ssdeep":"768:pdqrGYatmjq6v9Ea7a7WI584ZQecUyoIoWoPSRZmO4OWf+j:TyGYJvya7a7WGpXm","tlshash":"b203b33ba144387b2ac351e3f09653bed477a21dc6ca198cb86e20e673c2e7d9533564","first_seen":"2025-11-24T03:08:53.41772Z","last_seen":"2025-11-24T03:08:53.41772Z","times_seen":1,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":35,"dns":15,"connect":1,"send":0,"wait":762,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"av.av4.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.reddit.tube/thumbnails/b2997a23ba60c0a9884d07d761702cd6d16d9346.jpg","fqdn":"img.reddit.tube","domain":"reddit.tube","tld":"tube"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.reddit.tube","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 12:11:00 GMT","end":"Sat, 14 Feb 2026 12:10:59 GMT"},"fingerprint":{"sha1":"E7:37:BC:05:50:1A:A3:51:F2:62:A9:A0:AC:7E:00:41:87:49:6C:79","sha256":"ED:2C:E8:23:63:3E:01:61:65:53:82:C2:62:F2:77:06:B2:68:6B:36:01:CB:25:0D:CE:52:8B:43:76:EA:96:AE"}}},"request":{"raw":"GET /thumbnails/b2997a23ba60c0a9884d07d761702cd6d16d9346.jpg HTTP/1.1\r\nHost: img.reddit.tube\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13044\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 114851\r\ncdn-requestcountrycode: NO\r\ncache-control: public, max-age=31919000\r\nlast-modified: Wed, 29 Jan 2025 10:58:11 GMT\r\ncdn-storageserver: DE-1127\r\ncdn-requestpullsuccess: True\r\ncdn-fileserver: 652\r\nperma-cache: HIT\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 206\r\ncdn-cachedat: 08/14/2025 09:14:33\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 7d383a43d8d4a3aac2ac61809200f5ec\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":13044,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x680, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ba9df76372e0609779b49c1809de836e","sha1":"973e20a48fc45f89e668bb9c343bc239e409a20e","sha256":"750d35a06b73cf434a9aa42a53a6e152c4f10ad27b1a7752358420a35f009692","sha512":"fc73e3ca17dcd9b70361ec74f02e6bdd813ce05ebc7c76c85d7423b909d5650d33c4c3063e35e36952dab8bc30f968045dcaaba25c42cbecd906c427d332a1fb","ssdeep":"192:bv2toJh4DTtEZMSC8CUZCwOv9tTu4FFFJRWhlR1i4UxVeLkzj4PJ7N9oQGSK2O1Z:r264iDsFPNrRWxM4UxALCA7/oQGjvXF","tlshash":"c342cf33b2f6119836bd38de09e1b7b44e848894d45c20191f6ca84e78b6994f25cff9","first_seen":"2025-06-29T13:38:06.903811Z","last_seen":"2025-11-30T19:19:25.731911Z","times_seen":18,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":229,"dns":107,"connect":15,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/mycss/av4.css?33","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:16.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpg4.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 12:55:24 GMT","end":"Mon, 29 Dec 2025 13:47:12 GMT"},"fingerprint":{"sha1":"96:85:BD:ED:76:A2:73:09:97:53:FA:59:74:7A:3B:21:78:1E:B0:55","sha256":"F2:46:44:0F:FB:CD:4B:FF:7C:0E:8B:3C:20:1A:52:F4:2B:40:FE:06:E3:6A:64:8F:01:48:F0:28:37:C6:95:6C"}}},"request":{"raw":"GET /mycss/av4.css?33 HTTP/1.1\r\nHost: css.jpg4.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\ncache-control: public, max-age=360000\r\nx-proxy-cache-192g-la: MISS\r\nxkey-192la: css.jpg4.icu/mycss/av4.css?33--css.jpg4.icu-css.jpg4.icu-myzone---no\r\nx-proxy-cache-tot-vt: HIT\r\nxkey-tot-vt: css.jpg4.icu/mycss/av4.css?33--css.jpg4.icu--my_zone\r\ncontent-encoding: br\r\nage: 175714\r\ncf-cache-status: HIT\r\netag: W/\"103e-62edbddabc000\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Z%2BmsWkeZNFE5%2FEBtVgcyAcksCy9aRRHXyYWu5psAnYij7GRI9lEPvxEMW4%2FK8xDk7qTRASiWvQ3O7T%2FqfeuvgWTSpi2AN9CF%2BBw5w%3D%3D\"}]}\r\ncf-ray: 9a35b36e1c072efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4158,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e05d356eb3c9cb0366e5491f098c5b66","sha1":"9c82f99795bf55512147a0bd629e9775446291bf","sha256":"7c7a5f32e5c6a2e6e1f3e71112f35691714019685cc4c7d567e158cb32d1579c","sha512":"94dd9b84614bae349bcaa9dafea12a08589b4b899cf59c1228cf9bf70d657a715b49cfc18748b2d174dac63a6df076828bfa8da9b25c686d74bc742ddbe9283c","ssdeep":"96:Uq6qw2a3Alqiqq7rShmo3NxlIAFrQH+42+F2fFB:+eYXih/SMoHlIAFkHL2+F2fFB","tlshash":"ca813f729b550141b51b92946f62b79123369013d907cf79bafa217ccf891ec21e2f4e","first_seen":"2025-04-08T05:19:22.565686Z","last_seen":"2026-02-10T20:33:51.228745Z","times_seen":840,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjs.jpg4.icu/index.php?js=very","fqdn":"jsjs.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpg4.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 12:55:24 GMT","end":"Mon, 29 Dec 2025 13:47:12 GMT"},"fingerprint":{"sha1":"96:85:BD:ED:76:A2:73:09:97:53:FA:59:74:7A:3B:21:78:1E:B0:55","sha256":"F2:46:44:0F:FB:CD:4B:FF:7C:0E:8B:3C:20:1A:52:F4:2B:40:FE:06:E3:6A:64:8F:01:48:F0:28:37:C6:95:6C"}}},"request":{"raw":"GET /index.php?js=very HTTP/1.1\r\nHost: jsjs.jpg4.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Mon, 24 Nov 2025 03:08:14 GMT\r\ncontent-type: text/html\r\nlocation: https://jsjj.gazo.space/index.php?js=very\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ng-jp-very1: /index.php?js=very\r\ncache-control: public, max-age=14400\r\nage: 1183\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MY6veR146xomLZlioHl%2BTCjMK26A7%2Bu12rFGEuvz7ebqfDU9ZnD5CBWYzvpmBCkiJim%2Betrx1P730b2Tn4X1q3lpj%2B6w6%2BYejlCkmps%3D\"}]}\r\ncf-ray: 9a35b3613bf72efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":27,"dns":29,"connect":1,"send":0,"wait":4,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.ytimg.com/vi/fdyql2aB44A/hqdefault.jpg","fqdn":"i.ytimg.com","domain":"ytimg.com","tld":"com"},"ip":{"addr":"142.251.38.118","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:42 GMT","end":"Mon, 19 Jan 2026 08:33:41 GMT"},"fingerprint":{"sha1":"A5:AF:4B:FA:75:93:1D:71:E3:13:0F:54:62:E3:C1:CD:54:FA:BB:3C","sha256":"BD:B3:95:9F:5C:41:DD:AB:ED:97:A5:A6:69:97:2C:11:29:D4:2C:22:07:36:93:DD:C7:20:46:DD:57:97:1A:E5"}}},"request":{"raw":"GET /vi/fdyql2aB44A/hqdefault.jpg HTTP/1.1\r\nHost: i.ytimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 12304\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 24 Nov 2025 02:31:11 GMT\r\nexpires: Mon, 24 Nov 2025 04:31:11 GMT\r\ncache-control: public, max-age=7200\r\nage: 2224\r\netag: \"1550385048\"\r\ncontent-type: image/jpeg\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12304,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3","md5":"0d59a6f260895024e38188684cfbc2de","sha1":"d83faaa92ec1935e688d3084c48da440655ff086","sha256":"d1ca2baa91bdc77a750cdcaba28f607427912da2068162d36c716a32a24ad371","sha512":"7e45e684afba1332c533ec43333ce062ee39a6e81d58edd91a20f9e731d55a598926c73c67a9b89970885ac05d6e20fe2909b7eaef2bcdceb69e2775f2f4dcbf","ssdeep":"384:X/wfouhYwUEZHQTQi4+lCNPkKaZCMxxshdgB8hxrm:u9Y6Wr5xUY8O","tlshash":"f342ae689c08d10fe476c8f39c2f89c37dbc4c0496e6cee6d084ae46e7a1156b65f646","first_seen":"2025-07-02T22:51:17.80652Z","last_seen":"2025-11-24T03:08:53.421396Z","times_seen":18,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":303,"dns":5,"connect":22,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thumbs.dreamstime.com/b/little-child-girl-using-tablet-night-teen-plays-online-games-social-lifestyle-media-indoors-concept-117680070.jpg","fqdn":"thumbs.dreamstime.com","domain":"dreamstime.com","tld":"com"},"ip":{"addr":"151.101.129.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thumbs.dreamstime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Oct 2025 09:28:24 GMT","end":"Sun, 25 Jan 2026 09:28:23 GMT"},"fingerprint":{"sha1":"FC:5E:68:8D:B5:13:7A:76:A5:46:F1:B6:CA:3E:02:06:9C:5A:4D:E5","sha256":"5E:6C:6C:B9:1D:DE:B2:F1:C7:CC:9C:32:D9:70:45:04:B6:72:31:BB:A7:84:41:01:27:9A:DE:87:3B:6C:05:D8"}}},"request":{"raw":"GET /b/little-child-girl-using-tablet-night-teen-plays-online-games-social-lifestyle-media-indoors-concept-117680070.jpg HTTP/1.1\r\nHost: thumbs.dreamstime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\netag: \"8eTSZEfQnJsNHQ7VrHA3Fud7wgDwFOsagWx8mzvMQV4\"\r\nfastly-io-served-by: vpop-kiad7010229\r\nfastly-stats: io=1\r\nserver: nginx\r\nstrict-transport-security: max-age=63072000\r\nvia: 1.1 varnish, 1.1 varnish\r\ncache-control: max-age=31536000, public\r\nvcl-version: 34\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\nage: 1693333\r\nx-served-by: cache-iad-kcgs7200038-IAD, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 12760, 28\r\nx-timer: S1763953695.209786,VS0,VE0\r\nvary: Accept\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 12432\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12432,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f559c569d40c11f1fa9bd1336d1ababd","sha1":"315c930bfdb0c29c9c88b2e198c7cc8550e66d21","sha256":"9fd5928d22d31a8f34480104456e1af5f3881822ef7b5869fb48728bf2a5a39c","sha512":"53a4e72d2f81b67abbebbb8be155f3bc61d1115bc11ec5fc8acf95f2285c89aca12a6c3716ed3ed3743f3dc713260de075474c8559738a73f66ccbaa5c7f8439","ssdeep":"192:6T+pLPgWvboYLdXRsL2+/eCqFKwNQUVaD0kTwDdaGzI6Gm0DzuDrbdZtaKS9tdDe:8MLpfLsLv/fYKcwDdTm3wuDrbEKSPdpo","tlshash":"7142e193a3fc84f18988ec4495874de063fa818a74da1c51fe94b1e117e1061faf7702","first_seen":"2024-12-23T10:50:43.70127Z","last_seen":"2026-03-02T10:40:01.488268Z","times_seen":9,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":10,"dns":42,"connect":31,"send":0,"wait":27,"receive":6,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"baraag.net/@KDE/image/png","fqdn":"baraag.net","domain":"baraag.net","tld":"net"},"ip":{"addr":"185.178.208.171","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"relay.baraag.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 17:52:45 GMT","end":"Mon, 12 Jan 2026 17:52:44 GMT"},"fingerprint":{"sha1":"C2:AC:A1:7A:5A:E4:1C:EC:19:8B:1C:BA:3E:61:A6:43:39:BB:0D:7F","sha256":"BC:9A:FF:DC:C5:EC:AD:AD:84:26:F5:80:58:AC:33:21:DA:F0:04:F4:CE:66:DF:B4:DF:D3:6E:34:56:C5:FE:F3"}}},"request":{"raw":"GET /@KDE/image/png HTTP/1.1\r\nHost: baraag.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=0xsEQIthWLHKdXq4; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:15 GMT\n__ddg10_=1763953695; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:15 GMT\n__ddg9_=91.90.42.154; Domain=.baraag.net; Path=/; Expires=Mon, 24-Nov-2025 03:28:15 GMT\n__ddg1_=XekWin1arahAq6F0YTKc; Domain=.baraag.net; HttpOnly; Path=/; Expires=Tue, 24-Nov-2026 03:08:15 GMT\r\ndate: Mon, 24 Nov 2025 03:08:03 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreferrer-policy: same-origin\r\nvary: Accept-Encoding, Accept, Accept-Language, Cookie\r\ncache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400\r\netag: W/\"4e3f1a2ae443e329982d243b6ec7cc12\"\r\ncontent-security-policy: upgrade-insecure-requests;, base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://baraag.net; img-src 'self' data: blob: https://baraag.net https://media.baraag.net; media-src 'self' data: https://baraag.net https://media.baraag.net; manifest-src 'self' https://baraag.net; form-action 'none'; child-src 'self' blob: https://baraag.net; worker-src 'self' blob: https://baraag.net; connect-src 'self' data: blob: https://baraag.net https://media.baraag.net wss://baraag.net; script-src 'self' https://baraag.net 'wasm-unsafe-eval'; frame-src 'self' https:; style-src 'self' https://baraag.net 'nonce-GewItlWTWSQ7ty72e+q92Q=='\r\nx-request-id: 18313ea2-91c5-483a-8be8-e24645f521aa\r\nx-runtime: 0.020129\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cached: EXPIRED\r\ncontent-encoding: gzip\r\nage: 12\r\nddg-cache-status: HIT,MISS\r\ncontent-length: 15998\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":6,"dns":18,"connect":40,"send":0,"wait":23,"receive":20,"ssl":153},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.twi-dl.net/favicon.ico","fqdn":"www.twi-dl.net","domain":"twi-dl.net","tld":"net"},"ip":{"addr":"104.21.2.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"twi-dl.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 21:11:58 GMT","end":"Mon, 26 Jan 2026 22:10:41 GMT"},"fingerprint":{"sha1":"7B:5A:31:55:FE:D9:83:76:C3:AE:C5:F0:67:0A:52:98:13:89:00:03","sha256":"CD:0C:06:69:10:2E:6D:47:9E:83:99:4F:07:F8:20:9C:5D:55:AD:8F:0A:F2:6A:EC:08:85:FE:97:A4:F1:3B:F2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.twi-dl.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=npk3DR8i55uQRAqVwJ9CUcdp1VesGwxEqlUT9NeJas9hndMdDdR8oMx2quSHoXOkzvDHODIgR2JFitoXvG%2F%2FldqRkjVyd%2FpIrtAfKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9a35b377e92156c4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":7,"connect":10,"send":0,"wait":10,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/mycss/av4.css?33","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpg4.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 12:55:24 GMT","end":"Mon, 29 Dec 2025 13:47:12 GMT"},"fingerprint":{"sha1":"96:85:BD:ED:76:A2:73:09:97:53:FA:59:74:7A:3B:21:78:1E:B0:55","sha256":"F2:46:44:0F:FB:CD:4B:FF:7C:0E:8B:3C:20:1A:52:F4:2B:40:FE:06:E3:6A:64:8F:01:48:F0:28:37:C6:95:6C"}}},"request":{"raw":"GET /mycss/av4.css?33 HTTP/1.1\r\nHost: css.jpg4.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\ncache-control: public, max-age=360000\r\nx-proxy-cache-192g-la: MISS\r\nxkey-192la: css.jpg4.icu/mycss/av4.css?33--css.jpg4.icu-css.jpg4.icu-myzone---no\r\nx-proxy-cache-tot-vt: HIT\r\nxkey-tot-vt: css.jpg4.icu/mycss/av4.css?33--css.jpg4.icu--my_zone\r\ncontent-encoding: br\r\nage: 175713\r\ncf-cache-status: HIT\r\netag: W/\"103e-62edbddabc000\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Xre2I%2B6qX5xMdZRRl2v5cm%2Fv1qtsvDiD3HDJDiQIZFOInHYGwI2iLxIA9HPrCgeTBGbTbwEJw5bYarAhEVfYK1314FtYHW56jhDfw%3D%3D\"}]}\r\ncf-ray: 9a35b365fbb22efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4158,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e05d356eb3c9cb0366e5491f098c5b66","sha1":"9c82f99795bf55512147a0bd629e9775446291bf","sha256":"7c7a5f32e5c6a2e6e1f3e71112f35691714019685cc4c7d567e158cb32d1579c","sha512":"94dd9b84614bae349bcaa9dafea12a08589b4b899cf59c1228cf9bf70d657a715b49cfc18748b2d174dac63a6df076828bfa8da9b25c686d74bc742ddbe9283c","ssdeep":"96:Uq6qw2a3Alqiqq7rShmo3NxlIAFrQH+42+F2fFB:+eYXih/SMoHlIAFkHL2+F2fFB","tlshash":"ca813f729b550141b51b92946f62b79123369013d907cf79bafa217ccf891ec21e2f4e","first_seen":"2025-04-08T05:19:22.565686Z","last_seen":"2026-02-10T20:33:51.228745Z","times_seen":840,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"timg216.top/videos/45f6ca65e30a9b5125b9f03978714478eb247865/cover/5_505_259?ih=1","fqdn":"timg216.top","domain":"timg216.top","tld":"top"},"ip":{"addr":"172.66.155.86","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"timg216.top","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 02 Oct 2025 04:28:49 GMT","end":"Wed, 31 Dec 2025 05:27:41 GMT"},"fingerprint":{"sha1":"0A:EF:84:22:E6:0D:56:57:B7:F6:C3:7D:6D:91:EF:17:49:1B:A6:01","sha256":"B5:3B:20:B4:05:8F:49:AA:87:FC:31:5E:8E:7E:0C:C5:77:A9:A2:5E:FA:54:61:41:C2:B4:A3:9D:CA:1B:2B:AA"}}},"request":{"raw":"GET /videos/45f6ca65e30a9b5125b9f03978714478eb247865/cover/5_505_259?ih=1 HTTP/1.1\r\nHost: timg216.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 26008\r\nserver: cloudflare\r\nlast-modified: Tue, 04 Mar 2025 11:12:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"67c6e02b-6598\"\r\nexpires: Thu, 30 Oct 2025 07:25:32 GMT\r\ncache-control: public, max-age=31536000, stale-if-error=7200\r\nt-cache: LHIT\r\naccept-ranges: bytes\r\nage: 248328\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iGlWwzx4uGGRkBPDUeV1LJbbTAjvME3g11Mr%2Fx919Yex1%2FC7yAS1PSWd%2Fe6b8EnYrIpEFlpznu7x%2BJdF2gim20yQla5NQalC0Q%3D%3D\"}]}\r\ncf-ray: 9a35b3647c90b4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26008,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Lavc57.107.100\", baseline, precision 8, 505x259, components 3","md5":"f4c61c949a7a672778b77698e9288d6b","sha1":"e8904ddf90a934aa1266456d414c4073dee42edc","sha256":"d86b96a42a0388930cc2dabeec4b08d745d3ba8c91e058ebe84cc90699b2262a","sha512":"8ba55889e51afa30d784ee4dc1ff848fadf149b587f9f9e7ea253a764f84a72c5440b0a341449fcff901708bacf48a74c6d3e1ccd310cec9a920b27a23a304c5","ssdeep":"384:Qo923r2ImqpgEkdQ4s3FQS9QY5ofeWheBC+yZHKq1nF3nFVVW231/9Y8:eiImqtkPmQY5Wege4+ydKqnh1FV","tlshash":"06c29e07dd084b83581c87bcbe074cfd6b0d5b0d6a957afb00728e83fa207ab4c5a569","first_seen":"2025-06-06T07:13:00.482556Z","last_seen":"2026-03-02T10:40:01.239839Z","times_seen":84,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":311,"connect":6,"send":0,"wait":8,"receive":1,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"timg216.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jsjs.jpg4.icu/index.php?js=very","fqdn":"jsjs.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:16.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpg4.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 12:55:24 GMT","end":"Mon, 29 Dec 2025 13:47:12 GMT"},"fingerprint":{"sha1":"96:85:BD:ED:76:A2:73:09:97:53:FA:59:74:7A:3B:21:78:1E:B0:55","sha256":"F2:46:44:0F:FB:CD:4B:FF:7C:0E:8B:3C:20:1A:52:F4:2B:40:FE:06:E3:6A:64:8F:01:48:F0:28:37:C6:95:6C"}}},"request":{"raw":"GET /index.php?js=very HTTP/1.1\r\nHost: jsjs.jpg4.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlocation: https://jsjj.gazo.space/index.php?js=very\r\ng-jp-very1: /index.php?js=very\r\ncache-control: public, max-age=14400\r\nage: 1185\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BxEOmInAvVBIP1RIm6KyJXYM%2BgK1dCqux36%2Fom18JckaOOw3m%2Fhw9ewlNGxORhSrXsOg9F7KdKN8mNCQLfkvOX6uXoxKx%2FHoycxSQK8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a35b36cabf12efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"en.vidmo.pro/thumbs_320/10/a2/10a285c1dc0fa273b0ab6d7b6b849611/11880112.jpg","fqdn":"en.vidmo.pro","domain":"vidmo.pro","tld":"pro"},"ip":{"addr":"89.248.193.244","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"en.vidmo.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 20:48:10 GMT","end":"Thu, 19 Feb 2026 20:48:09 GMT"},"fingerprint":{"sha1":"B8:8B:9C:2B:E9:53:D3:85:0E:57:74:8D:32:07:72:DF:38:F3:91:DA","sha256":"9B:B3:9F:DD:FB:1B:36:C3:04:60:BF:DF:87:AA:AB:5D:F6:0D:45:20:77:9B:29:19:5F:C4:B6:F1:04:C9:23:3E"}}},"request":{"raw":"GET /thumbs_320/10/a2/10a285c1dc0fa273b0ab6d7b6b849611/11880112.jpg HTTP/1.1\r\nHost: en.vidmo.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34097\r\nlast-modified: Sun, 24 May 2020 18:28:27 GMT\r\nexpires: Wed, 10 Apr 2024 08:44:16 GMT\r\ncache-control: max-age=604800, public, no-transform\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34097,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 320x240, components 3","md5":"cb9a26ed2a938ac294b7d6fad37d5f2d","sha1":"b749a068952976f03182c036485e4fee83dd6b2b","sha256":"2ac0aa8392712962d24ecf23daae7fc3f9d18e4bda7d4ff251121df7e9d262f2","sha512":"90d2629f40d17023a94ada655ba375a3987b61a5813ae39732b819fdc72193dc358714a0b3482818935a8a4e9d73e4a1c665116208dc5d4db3fa86c9409f6880","ssdeep":"768:YeuWWl4JCW2Dli6jCO9/POZ4QXO1Zc2soDBql66hvWCA6gB:YDr4JCNlhjCOJOH+15sy6661P5gB","tlshash":"01e2e173434e4bbadc086de19bb1191ed98646b3445e5b1532727e9bca24ccce0be289","first_seen":"2025-03-21T10:58:41.316324Z","last_seen":"2026-03-02T07:55:32.807041Z","times_seen":54,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":69,"connect":61,"send":0,"wait":56,"receive":74,"ssl":138},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"en.vidmo.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:16.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 3953\r\ncf-ray: 9a35b36e28190731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5ed16b69-29bf\"\r\nlast-modified: Fri, 29 May 2020 20:07:05 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 244820\r\nexpires: Sat, 14 Nov 2026 03:08:16 GMT\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=srpejC%2FA0buWAK%2BhOqtZxx8PEoAYsCB1ll1vOqjlbjNMe%2F93W8rLhfD0j1Q%2BifACBifMdYrHPCp1Y9CpyfAOU%2FPOoSwaDWyOYCr7ks9erTcsAWTcUk6%2F7Z%2BIScAxYmzjy20uCQCW\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10687,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10613)","md5":"ea77f824de2ef57acb12e7cb6596365e","sha1":"10bad0dbdf30a0471c2c786b349daeb1dd19180e","sha256":"2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c","sha512":"cf69dd76334b7318c829868da8a7e9c2097ef261555388132fc69f95d42e91420e2988056c3d93c830b20059422ae5a82e1109e3dce9127ccb0e23cc5ca27591","ssdeep":"192:N0rZbTPe+fl9SKRGyFgkw+wi+FrZJqbzr+5rA7wbUCzebIkm:N09voK7gzi+FrZJqbzrarAyUX5m","tlshash":"7a22f8b33133fd9f8fba085ac61d61045c7dbc6f4aa94091bb0884e86af4558ead5d34","first_seen":"2023-03-07T12:02:01Z","last_seen":"2026-04-12T19:29:51.705432Z","times_seen":2340,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"page.phic4.top/myda.php","fqdn":"page.phic4.top","domain":"phic4.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:17.052Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /myda.php HTTP/1.1\r\nHost: page.phic4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":468,"timings":{"blocked":0,"dns":0,"connect":233,"send":0,"wait":0,"receive":0,"ssl":233},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"page.phic4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"duga.jp/favicon.ico","fqdn":"duga.jp","domain":"duga.jp","tld":"jp"},"ip":{"addr":"153.126.247.101","port":443,"asn":7684,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"duga.jp","organization":"APEX INC."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 07 Aug 2025 00:00:00 GMT","end":"Tue, 01 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F9:8B:85:70:03:8E:10:D1:DB:8F:F8:D8:46:E7:F3:17:B9:50:82:B9","sha256":"1C:14:EE:30:34:4E:BD:C1:01:B4:93:7A:35:EE:98:24:38:BB:90:12:6F:96:BC:26:8E:CD:54:CA:8D:20:8D:5A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: duga.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:19 GMT\r\nserver: Apache/2.4.46 (Unix) OpenSSL/1.0.2k-fips mod_antiloris/0.7.0\r\nlast-modified: Sun, 03 Mar 2019 07:34:13 GMT\r\netag: \"63a4e-5832baaa00740\"\r\naccept-ranges: bytes\r\ncontent-length: 408142\r\ncontent-type: image/x-icon\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"OpenSSL:1.0.2k","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.46","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":408142,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 7 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"5425e9f6487051730183128ce840ae37","sha1":"1e27308af6582504eed9294644ea448eaf9d4987","sha256":"ab4bf8e5d8fb9f0bb09869175fbab745dc1557a46784643ba55db5f3b73d10de","sha512":"6054f1d3e47b1c249481d186392c46dc14ee55d60f508f0cb7d621f1a34c38ac7c7064ec04c93af1316b931bc37b355de6e15fedc7f6fd95fd8fd8e597fa4fcb","ssdeep":"96:OCrYaV62SU+ceiG4+6Tb3DTmaOLXyOqG/LzKeUBnXjGTzHyWaeXz:i2r+ti1r3DOGOqjeUBnXj7Way","tlshash":"22942d7dff92e610d824887d0cb88b151664cd2367052afd1d66be2b7d36211a8bd3ce","first_seen":"2023-09-24T09:10:51Z","last_seen":"2026-04-12T19:29:51.678518Z","times_seen":144,"resource_available":false,"data":null}},"time_used":3472,"timings":{"blocked":870,"dns":10,"connect":288,"send":0,"wait":285,"receive":1432,"ssl":577},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mylen-handmade.ru/sexfilme24/wp-content/uploads/2018/01/%E0%B8%8A%E0%B8%AD1.jpg","fqdn":"mylen-handmade.ru","domain":"mylen-handmade.ru","tld":"ru"},"ip":{"addr":"172.67.130.43","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mylen-handmade.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 16:09:10 GMT","end":"Sat, 24 Jan 2026 17:07:44 GMT"},"fingerprint":{"sha1":"38:F9:92:68:7B:72:DD:90:60:BA:39:9A:D8:4E:EB:23:CB:7E:97:16","sha256":"F0:9A:04:9E:49:51:B0:EA:45:D4:A2:21:27:AE:95:90:6E:1E:38:2D:AE:AE:F1:15:63:45:D5:A3:D6:D5:26:36"}}},"request":{"raw":"GET /sexfilme24/wp-content/uploads/2018/01/%E0%B8%8A%E0%B8%AD1.jpg HTTP/1.1\r\nHost: mylen-handmade.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpg\r\ncontent-length: 16876\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 462665\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Tue, 18 Nov 2025 18:37:10 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=thpqBnrQ75GtanXYLbBJNHN6D8fROcRCzDLq8hiVjEgoPdz3p7wOult9%2FHxxOk96iFh0W8hsavc%2BDhXwA9rbxEyv1700Di5njbaZaxYdNQ%3D%3D\"}]}\r\ncf-ray: 9a35b364bece5695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3","md5":"224d3f7fe8f08a5a3aa8c2d9360929bc","sha1":"d2b3e87fb8e6750cd2d0714e9f26a561b020f142","sha256":"3a483d2a510349fba6cd4e80700f028072472913f62a989e708165c456896cbb","sha512":"7ce314325116183b0bd34b37d45586c1dc61743b0f57954d44d81c10a61830925c5e70ae66f531f648c350d6fa1b1d6174b75571f873b6a173e265cc7b2c1785","ssdeep":"384:NqelTLI2Loe2WJTXO15aqktjVf6iV/cJXGKMqVJIO:NXTLI2Er4f6idKMqVJd","tlshash":"5572d117cbd7bc3cc691543d0ddc44a512c0f846f9568ddac0a436b864be564ff9e88a","first_seen":"2024-06-16T03:37:30Z","last_seen":"2026-01-22T04:57:16.089596Z","times_seen":54,"resource_available":false,"data":null}},"time_used":466,"timings":{"blocked":401,"dns":0,"connect":1,"send":0,"wait":6,"receive":1,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cos.tv/favicon.ico","fqdn":"cos.tv","domain":"cos.tv","tld":"tv"},"ip":{"addr":"108.157.229.92","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cos.tv","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 26 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:7D:2B:26:31:1A:16:74:E4:83:B5:3D:05:BC:5C:77:13:E8:0D:3C","sha256":"FB:7B:F7:98:69:A3:91:86:AA:79:E2:52:23:F6:2D:11:69:6C:28:78:82:B0:C3:05:E1:DA:C1:1E:3E:67:48:91"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cos.tv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/x-icon\r\ncontent-length: 15086\r\ndate: Sun, 23 Nov 2025 06:09:26 GMT\r\naccept-ranges: bytes\r\nserver: nginx\r\nlast-modified: Thu, 20 Nov 2025 05:41:09 GMT\r\netag: \"691ea9f5-3aee\"\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b7956d91cf1fe016b86fc209319f03ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: usIFzbsV-d1cnGAND00w_t9MaygnOPNcaNmyh40uKU0Yrduo2uMT3w==\r\nage: 75532\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"6a846442ae66a8b43e521e92c8ee81e4","sha1":"7c590cbb0485ec0006da361d7cc17181e3488323","sha256":"c21d5d73768fe5fb3d93058183191579b00c880b11021fbaa69f6cc84d1bae56","sha512":"a53057ea2f3d74b9b23a3ebae8d993433074f7e42c56b6422cf03eae547e77bc67a0eb570234401e00c7f94bb644aa728fd0ea852ab9190b3efe8463eb0b5ec5","ssdeep":"192:jy6g9hS8n7tcKeZvysSsW8F2MMVSuc8X0eDJjmQ:ji9Q8nxReZvyAWy2TVSuc8/JCQ","tlshash":"d962c7407982d6d6fe964db8271d84f817f77c61d542e3b62090f76f2eeac3aa1b1480","first_seen":"2025-01-24T08:58:41.572618Z","last_seen":"2026-04-12T19:29:51.683124Z","times_seen":274,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":9,"connect":32,"send":0,"wait":16,"receive":1,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"idolerotic.net/wp-content/uploads/2016/08/ZEUSUB-001-T.jpg","fqdn":"idolerotic.net","domain":"idolerotic.net","tld":"net"},"ip":{"addr":"153.122.86.155","port":443,"asn":131921,"as":"GMO GlobalSign Holdings K.K.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"idolerotic.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Oct 2025 20:51:49 GMT","end":"Thu, 15 Jan 2026 20:51:48 GMT"},"fingerprint":{"sha1":"69:D5:59:9B:5A:EF:0F:E1:16:05:F8:3C:F0:54:6E:E3:C2:70:E4:14","sha256":"8A:4C:2E:B1:D5:C3:8B:60:53:64:B5:A8:B2:55:D4:EC:33:9D:2C:3B:BD:5D:39:8D:6A:30:4B:20:D8:F4:B1:23"}}},"request":{"raw":"GET /wp-content/uploads/2016/08/ZEUSUB-001-T.jpg HTTP/1.1\r\nHost: idolerotic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 24 Nov 2025 03:08:16 GMT\r\nServer: Apache\r\nLast-Modified: Sun, 05 Nov 2017 00:21:43 GMT\r\nETag: \"5c66-55d31529704a9\"\r\nAccept-Ranges: bytes\r\nContent-Length: 23654\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":23654,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 201x285, components 3","md5":"73f79b335c83a9b10b5bc54c6037569c","sha1":"36c94ff27220b088f5f136a18e567f4f1e858ca0","sha256":"0d8a09fc6945a238e129ab090fa39c9ae11b48629e4e122f66333de588bb2cb9","sha512":"4445768f5fa991509ae102837dcd7528b47a0a37fe82cb6ed2c1931f70e34b1804009f95ae8feba77f156dcd01bfd902b823fa569d88843693c8d7aaf20dda89","ssdeep":"384:TS1XISrP4xrR4TeigwTP6l8c4S4y6HIIqoHvxtzM0VIhiV3dVv4uFdIk62bOsFnh:TS14Sad4bLTP6X4S4y6H9vLzMCIqt9FB","tlshash":"c8b2e029ada0134a4b05c3b3cd0c045a9a59769b24b6c7437c57f9ffd2c729b68f2278","first_seen":"2025-11-24T03:08:53.426241Z","last_seen":"2026-01-20T20:48:23.948243Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1533,"timings":{"blocked":-1,"dns":67,"connect":290,"send":0,"wait":294,"receive":291,"ssl":591},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filtradas.com/favicon.ico","fqdn":"filtradas.com","domain":"filtradas.com","tld":"com"},"ip":{"addr":"91.234.199.87","port":443,"asn":43641,"as":"SOLLUTIUM EU Sp z.o.o.","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filtradas.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Nov 2025 03:08:59 GMT","end":"Mon, 02 Feb 2026 03:08:58 GMT"},"fingerprint":{"sha1":"E1:A5:18:66:02:A1:30:48:C0:63:B8:0D:A6:A0:6A:4D:49:FB:31:A4","sha256":"F3:EF:EA:51:6F:29:3C:97:1C:9E:B5:C9:DB:69:E9:BE:55:EA:E1:47:AC:EB:1B:EB:A6:2A:5B:B1:74:85:D0:AB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: filtradas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn5-thumbs.motherlessmedia.com/thumbs/665F0A2.jpg","fqdn":"cdn5-thumbs.motherlessmedia.com","domain":"motherlessmedia.com","tld":"com"},"ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.motherlessmedia.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:9C:A7:64:1D:50:C4:66:FC:B5:AE:9C:CB:DF:AC:1E:1F:4B:A0:83","sha256":"FD:6F:CF:79:47:AA:EF:54:72:2A:60:E2:1B:57:6B:D6:33:60:E2:67:DA:83:68:95:02:34:5B:66:53:45:A1:0E"}}},"request":{"raw":"GET /thumbs/665F0A2.jpg HTTP/1.1\r\nHost: cdn5-thumbs.motherlessmedia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21636\r\nvary: x-s-token\r\nlast-modified: Thu, 04 Oct 2018 06:25:19 GMT\r\netag: \"5484-5776138099869\"\r\nx-cache: HIT\r\nx-whom: cdn06\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21636,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 10x9, segment length 16, baseline, precision 8, 640x480, components 3","md5":"4d6002949038c64e3f710f941c4f2c3b","sha1":"f85e0a4f074f1d2cca95f106d4cfb6d97ad598bd","sha256":"93d3f83bbb578dc4810a9bd741d1c6f9fec3c7aff6a7ff55a5d8f0394dc253fd","sha512":"97bcae2c83935593cf3de970cfcbde7bc40ddc1ec4fd0e458f58762bcde2ab4af8e27dce925946798c366799eb9593da409737b3924a7e3b6bd266ce296fc3c4","ssdeep":"384:2nTHQFuD+e8n4M/g/8RggAwcQqdbvZxH4ZDmfBQe+LgMQ/W8YPFLFqp:Imi8n5RRcQIbvHI6fQlQ/iLYp","tlshash":"0fa2e1217c3503d1e007e5b7ce05f3123153791fa42a278ea1ae688de61eccde9d51b9","first_seen":"2025-09-19T11:16:27.118802Z","last_seen":"2026-01-20T05:39:08.078282Z","times_seen":11,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":516,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fqjpg4.top/upload/vod/20250611-1/e60a30f0baaaec6a09fb31d109373ea6.png","fqdn":"fqjpg4.top","domain":"fqjpg4.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.910Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /upload/vod/20250611-1/e60a30f0baaaec6a09fb31d109373ea6.png HTTP/1.1\r\nHost: fqjpg4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":560,"timings":{"blocked":15,"dns":237,"connect":113,"send":0,"wait":0,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"fqjpg4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","fqdn":"css.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpg4.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 12:55:24 GMT","end":"Mon, 29 Dec 2025 13:47:12 GMT"},"fingerprint":{"sha1":"96:85:BD:ED:76:A2:73:09:97:53:FA:59:74:7A:3B:21:78:1E:B0:55","sha256":"F2:46:44:0F:FB:CD:4B:FF:7C:0E:8B:3C:20:1A:52:F4:2B:40:FE:06:E3:6A:64:8F:01:48:F0:28:37:C6:95:6C"}}},"request":{"raw":"GET /tagjpa.php?noself=1\u0026url=av.av4.click/tags/8 HTTP/1.1\r\nHost: css.jpg4.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\n8tagproxuri: /tagjpa.php?noself=1\u0026url=av.av4.click/tags/8\r\nx-frame-options: ALLOWALL\r\ncross-origin-resource-policy: cross-origin\r\ncache-control: public, max-age=72000\r\n597tagproxuri: /tagjpa.php?noself=1\u0026url=av.av4.click/tags/8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\nx-proxy-cache-192g-la: EXPIRED\r\nxkey-192la: css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8--css.jpg4.icu-css.jpg4.icu-myzone---no\r\ncontent-encoding: br\r\nx-proxy-cache-la2: HIT\r\nxkey-la2: css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8--css.jpg4.icu--my_zone\r\nage: 7796\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 24 Nov 2025 00:58:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G5g8PLiB4xrF4zoeTP5LhCns1NwSu8%2BvVz7YquT5okUve6sjYJ%2Bj9TEqiNCtfgPYJQ9R0w69kjs4XMrAqpDFIqhg3j7ZtKl5X%2Fl8KA%3D%3D\"}]}\r\ncf-ray: 9a35b36c0be72efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84236,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"17b86fb688a4e14b855b63699aa13e1e","sha1":"f5e98c83696757853c82134b9d4d3c6b6f8a55a1","sha256":"4fc6f5da3612e5945f9fd8b7ef569162707ece0398ff6562a4e3a4706d0c91ce","sha512":"11f42f62b5a4c81e51adbaa138267b478f5ffe247039b1951d1af39b6108cdbb4f1ab062a22bceb278114bbff415a17f43b5ee01f4d8c3698e2f1fbca8460223","ssdeep":"384:f6qsGbiNpuUpsRqePJS+kn5VZ0OUpLxx7bs81qAvCOjapo3G9Cem:wBNsSjOjpFx9qAvCOiCZ","tlshash":"13833d9f8240d77d5cc2a744ada2f36ddcf2694f3cd28117fc62611d21486acacda7a2","first_seen":"2025-11-24T03:08:53.429727Z","last_seen":"2025-11-24T03:08:53.429727Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xvideos.com/favicon.ico","fqdn":"www.xvideos.com","domain":"xvideos.com","tld":"com"},"ip":{"addr":"185.88.181.5","port":443,"asn":46652,"as":"SERVERSTACK-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.xvideos.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Mon, 30 Dec 2024 00:00:00 GMT","end":"Fri, 30 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8A:99:1B:79:BF:20:90:58:BE:23:F3:B2:15:CA:58:D1:87:C9:8F:0E","sha256":"30:46:58:19:E9:1C:C9:B3:05:E7:D0:33:39:C8:4A:8C:C3:27:BC:55:FD:4A:19:FD:DE:C4:50:B0:FF:69:5F:04"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.xvideos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15086\r\nlast-modified: Mon, 09 Oct 2023 14:43:32 GMT\r\netag: \"65241194-3aee\"\r\nexpires: Mon, 01 Dec 2025 03:08:18 GMT\r\ncache-control: max-age=604800\r\naccept-ranges: bytes\r\nserver: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"d6baf7b631c1e482b6e2f770f9e67057","sha1":"73eb49e766e5954e1ad9538cc35038b9f14494b9","sha256":"fa1ee8d05ad6dfa0731ee0d37badfd019cc3315e6d3b9ca1ae161cee4749481b","sha512":"3e1060de4568d23e10a9e8de1a27e5a965ab9e7e377004badb5f82f6018b46239542efd7378fff55a332b2e04a6211e53031b26a8044f28f3e9507760214e184","ssdeep":"96:jxUVxTXzZJEubLaOmLXa8zyyyyByyyyKzEdgCUPOuQqyyyytyyyuEX:jxUVxTFO722d7NX","tlshash":"ac62a8c7e5054da1dda887b04073998b156bfd6b09632c1a20c63f98d9b3eebf474b01","first_seen":"2023-05-07T23:40:39Z","last_seen":"2026-04-18T20:50:30.125778Z","times_seen":739,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":256,"dns":27,"connect":34,"send":0,"wait":35,"receive":1,"ssl":211},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bingato.com/media/frames/2023-12-25/256054/full_frames_0004.webp","fqdn":"bingato.com","domain":"bingato.com","tld":"com"},"ip":{"addr":"104.21.62.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bingato.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 21 Oct 2025 05:23:53 GMT","end":"Mon, 19 Jan 2026 06:21:18 GMT"},"fingerprint":{"sha1":"7C:1A:5E:9E:EB:85:6C:29:C7:DE:A5:88:16:06:1D:4C:0A:B4:A7:AD","sha256":"BA:25:3A:71:06:C6:60:9E:87:AA:78:B7:62:C5:8B:6D:4D:FD:DC:3E:73:BB:8C:6B:02:E8:68:C0:1C:54:01:80"}}},"request":{"raw":"GET /media/frames/2023-12-25/256054/full_frames_0004.webp HTTP/1.1\r\nHost: bingato.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/webp\r\ncontent-length: 75204\r\nserver: cloudflare\r\nlast-modified: Mon, 25 Dec 2023 05:09:56 GMT\r\netag: \"65890ea4-125c4\"\r\naccept-ranges: bytes\r\nage: 1848\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8i02AJMBRx%2BEa3kHlXP0W2qKcsbjDGGnJ%2BFoEuM6rwFrz2owwn7brO3s7iHrFJQcMXPsrvmKw%2BYBBGBdJcSIJuBvrFHMRi5mlhhl\"}]}\r\ncf-ray: 9a35b361cf720daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75204,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5e33498518217b46131b0cca9f31c165","sha1":"2328f5f9a82587cecbb6d96cf55ec3698caa1420","sha256":"990af5c00a6ac0dba6d6cb937c9868a92fd4dae6c04e90886f594baaccd51d38","sha512":"92163b248a1fc9239eb65edba65c1d8ea3da911e484e77b7dc880a024225bdd8a1d3768a4c2625547f4775bb7f73265b82e7de82888cedbef581ff268168e9c7","ssdeep":"1536:wxMemJxduKzBQnFJd9BvQnsf360pMxgx55QAUCPsTUc8:wDRNnFJhvJ3xpMxgx55dUHN8","tlshash":"06730276b3ad93aba6dca0a5fbb8979fddf4504d634c481798f1c0778d48b24c403648","first_seen":"2025-11-19T01:18:40.45057Z","last_seen":"2025-12-01T14:52:09.727037Z","times_seen":7,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":11,"dns":1,"connect":2,"send":0,"wait":15,"receive":4,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"media.crazyshit.com/content/2021/08/56cc2ba8.jpg","fqdn":"media.crazyshit.com","domain":"crazyshit.com","tld":"com"},"ip":{"addr":"45.133.44.4","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"media.crazyshit.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Sep 2025 02:32:42 GMT","end":"Fri, 26 Dec 2025 02:32:41 GMT"},"fingerprint":{"sha1":"29:50:F0:B9:A2:CA:FE:80:44:45:00:A2:95:68:4A:73:E6:9E:5C:F4","sha256":"BA:98:1C:61:77:77:BE:AC:D5:18:45:30:01:AB:3E:40:5A:79:70:DD:E8:44:E6:25:EB:16:B6:69:C6:EE:82:F3"}}},"request":{"raw":"GET /content/2021/08/56cc2ba8.jpg HTTP/1.1\r\nHost: media.crazyshit.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 130409\r\nserver: nginx/1.28.0\r\netag: 157deda5f73fa2bd225864fb76faf1d5\r\nlast-modified: Mon, 30 Aug 2021 15:41:26 GMT\r\nx-timestamp: 1630338085.49496\r\nx-trans-id: tx98329d0c7b284ab7b59d2-00690cfb22\r\nx-openstack-request-id: tx98329d0c7b284ab7b59d2-00690cfb22\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization\r\naccess-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp\r\nexpires: Wed, 26 Nov 2025 03:08:15 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":130409,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 720x540, components 3","md5":"157deda5f73fa2bd225864fb76faf1d5","sha1":"8879a815c5582824f1b9b49f8def6fae0a494727","sha256":"e25f7fad138ad3cfb1c5bbd0240af1a751d3aedc5982b9b7ba043fe33081349c","sha512":"6d61fc0ca1079034c61e72ac300dd5e0bf00fd60562b20fcc8020b579682b1251655198305d9cfad75224a6647832ec9c6f01277dbeb8544bfff0647c03a73b7","ssdeep":"3072:JzBKo06peaxIZt7tJsLJfeFhLhuG3nB1q7+Bqbh48Hmsc9n0A:D0SHxEvsFeXLhuG3nB1C+BX8GB9nl","tlshash":"70d312bbda90f7fedc8c6c001cc72d5a2fd2c9c76368a8464111b87de62add9e605072","first_seen":"2025-11-24T03:08:53.433145Z","last_seen":"2025-11-24T03:08:53.433145Z","times_seen":1,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":7,"dns":41,"connect":38,"send":0,"wait":36,"receive":45,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn5-thumbs.motherlessmedia.com/thumbs/90544FB.jpg","fqdn":"cdn5-thumbs.motherlessmedia.com","domain":"motherlessmedia.com","tld":"com"},"ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.motherlessmedia.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:9C:A7:64:1D:50:C4:66:FC:B5:AE:9C:CB:DF:AC:1E:1F:4B:A0:83","sha256":"FD:6F:CF:79:47:AA:EF:54:72:2A:60:E2:1B:57:6B:D6:33:60:E2:67:DA:83:68:95:02:34:5B:66:53:45:A1:0E"}}},"request":{"raw":"GET /thumbs/90544FB.jpg HTTP/1.1\r\nHost: cdn5-thumbs.motherlessmedia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25011\r\nvary: x-s-token\r\nlast-modified: Fri, 05 Oct 2018 04:54:23 GMT\r\netag: \"61b3-5777410ad0765\"\r\nx-cache: HIT\r\nx-whom: cdn05\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25011,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3","md5":"d27a449a177d03a6e41a5139a1b237bd","sha1":"bb682d0e75fcdf4451f11848d2cc03917b4c4f08","sha256":"2a641b1260260e02cf0a5a9ccb82b423eaa7ecc0c0a6b044ee2c907d205259d6","sha512":"e74a9aa961bad6346d05a4997ddbb4741c956d43cbfb69e4f20544e3d4aac110d3df45ae6f1b15b2c55c774479a3c4ba9fbcb32481dcff4990548e7bbfc4a1ce","ssdeep":"768:xl8WMaHMdUoIdeE5Bi1jG11GvEqbRRLAjCImIP674aRkk:xvHT1eMg4rG7PkT5677Rkk","tlshash":"f9b2e099300869d25001f8f8331e9119b0ebe521bdeeaf8e48262bdc7fd555252fd2f6","first_seen":"2025-11-08T08:21:42.043342Z","last_seen":"2026-01-14T22:11:03.707447Z","times_seen":5,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":42,"connect":33,"send":0,"wait":36,"receive":1,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdne-pics.youjizz.com/c/0/c/2/1/c0c21a4c633ca9eeed27c51b0f720a101682947681-29.jpg","fqdn":"cdne-pics.youjizz.com","domain":"youjizz.com","tld":"com"},"ip":{"addr":"64.210.135.114","port":443,"asn":30361,"as":"SWIFTWILL2","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youjizz.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Dec 2024 00:00:00 GMT","end":"Tue, 06 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7","sha256":"B8:B2:2C:F3:DA:14:43:7C:79:64:F3:2C:36:B2:0A:52:EF:A7:AE:C8:FF:5D:57:E2:D1:26:9D:FD:B8:D7:77:B9"}}},"request":{"raw":"GET /c/0/c/2/1/c0c21a4c633ca9eeed27c51b0f720a101682947681-29.jpg HTTP/1.1\r\nHost: cdne-pics.youjizz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11854\r\nlast-modified: Tue, 02 May 2023 09:35:26 GMT\r\netag: \"2e4e-5fab2a8c3ffc6\"\r\nexpires: Sun, 29 Dec 2024 05:59:26 GMT\r\ncache-control: max-age=10598657\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,OPTIONS\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=300\r\nx-cdn-diag: ams5-8658-2-3144763-h-0-0---;6249-34-1445967----0-0-0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11854,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 692x693, segment length 16, comment: \"Lavc57.89.100\", baseline, precision 8, 308x232, components 3","md5":"f0cbd676edbd3d2116a33c494ebe54b2","sha1":"c2c4aa9973d62899ff91fb7c3beb30ddadff8db8","sha256":"a2175463da69aaebfde4c1eed5216cde939e015681338d46c6b064912c09f2c5","sha512":"01b8f45d6f61960c9fed521a953e210b2050fb6861da4e4e84e871439af1562a315a1b3da7461e1d79d302a198ff509f4cf80b390969850dcfb06eeccad16fd0","ssdeep":"192:tfd+JKOwyDE3KRz5WFhZT1ecRc6EawC7W/VSNhjUtk0bHQiMcVJrCHz+lm8AFDVB:tFFOwyDEaRz54bp5cRawIVhYtkpiMcV+","tlshash":"6f32cf1ad1a41393c919cd30c50d87e15910b73e3a79ce4c29fedae9726a09d4cfea98","first_seen":"2025-07-27T03:07:07.157508Z","last_seen":"2026-03-02T07:55:32.822548Z","times_seen":54,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":372,"dns":0,"connect":0,"send":0,"wait":42,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoozhamster.com/pic/2021/04/02/606676d138dc0_12_o.jpg","fqdn":"zoozhamster.com","domain":"zoozhamster.com","tld":"com"},"ip":{"addr":"172.67.73.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoozhamster.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 09:42:48 GMT","end":"Sat, 10 Jan 2026 10:42:45 GMT"},"fingerprint":{"sha1":"CA:1A:A2:36:5A:80:27:7F:B1:4E:D6:4E:A1:5F:20:31:0E:E1:3F:74","sha256":"D5:39:2D:46:7D:77:46:08:C8:21:B5:70:ED:49:B0:AC:31:33:4B:B5:C6:F0:AE:18:AE:F7:72:97:E6:9E:39:22"}}},"request":{"raw":"GET /pic/2021/04/02/606676d138dc0_12_o.jpg HTTP/1.1\r\nHost: zoozhamster.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 17494\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ys7jAyVKSfuDC7hHb%2FToSzP2Qy%2BQxAWlP2Ghibo6q0hmMjDyOTRhkgmNqGnGzSnbiXqsRYtH2gTmM9KbWIOMQRWNjOlzTyLX%2FAx1HA%3D%3D\"}]}\r\ncf-bgj: imgq:85,h2pri\r\naccept-ranges: bytes\r\ncf-polished: degrade=85, origSize=19546\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 02 Apr 2021 01:43:45 GMT\r\ncache-control: max-age=31536000\r\netag: \"606676d1-4c5a\"\r\nexpires: Fri, 15 May 2026 12:19:08 GMT\r\ncf-cache-status: HIT\r\nage: 2158532\r\nvary: accept-encoding\r\ncf-ray: 9a35b362cffb56a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17494,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3","md5":"d6f00594383f9df76ddbf2f27281fbf3","sha1":"38017c03c448469bbd185b3c6686dae2b59a0a7d","sha256":"64f791441bd9c6b57eaa37f2fa3b799f7e0538576d1a0150eaec1deeb55968f7","sha512":"0dff6f503dc3a23255d4bbbb56ca00a7bb2e0fc33b939ba8407b7b6d4a92ddb131e3c33cca92e06f231083f984fb332e4164121545d171108b343fbba0e1d63f","ssdeep":"384:TW2nXK0J0TCGvb1+jf06pDC90gzMpjqI3lA8X3e5qwwRnQsqVIAKT:q2PUC01+jffpoPzIO8nuwRQNIbT","tlshash":"2f72e0585f8fc975cbfa02bd23c46be851245d635a9d625b3f3a621e04e61e3c768308","first_seen":"2025-11-01T02:17:50.277645Z","last_seen":"2025-11-24T03:08:53.437725Z","times_seen":10,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":16,"dns":42,"connect":8,"send":0,"wait":9,"receive":1,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sorkab.com/wp-content/uploads/2025/01/0007202.jpg","fqdn":"sorkab.com","domain":"sorkab.com","tld":"com"},"ip":{"addr":"172.67.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sorkab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 12:21:44 GMT","end":"Mon, 26 Jan 2026 13:21:42 GMT"},"fingerprint":{"sha1":"0E:87:D0:8D:06:B9:53:D2:4B:10:7E:D4:88:CF:2F:CF:2A:0D:AD:47","sha256":"1F:89:BF:95:E9:44:A7:05:CB:C2:6E:6E:86:A9:E5:1D:6C:12:B2:D1:41:70:41:A2:92:6C:59:56:81:BC:8C:D1"}}},"request":{"raw":"GET /wp-content/uploads/2025/01/0007202.jpg HTTP/1.1\r\nHost: sorkab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BR4oUTc4G6llmCNrMbp2RKM4d%2FKRJWxYpN0W1AQ6xEkj7fLn43H5AoEjHbO6kEGLJeLfqAXa00r9MvPJF1x%2Bnal5zIE%2Fgfq5MA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9a35b368fe4875ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoozhamster.com/favicon.ico","fqdn":"zoozhamster.com","domain":"zoozhamster.com","tld":"com"},"ip":{"addr":"172.67.73.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoozhamster.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 09:42:48 GMT","end":"Sat, 10 Jan 2026 10:42:45 GMT"},"fingerprint":{"sha1":"CA:1A:A2:36:5A:80:27:7F:B1:4E:D6:4E:A1:5F:20:31:0E:E1:3F:74","sha256":"D5:39:2D:46:7D:77:46:08:C8:21:B5:70:ED:49:B0:AC:31:33:4B:B5:C6:F0:AE:18:AE:F7:72:97:E6:9E:39:22"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zoozhamster.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 18 May 2021 08:15:35 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 31 Oct 2026 16:36:01 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\netag: W/\"60a377a7-0\"\r\ncf-cache-status: HIT\r\nx-accel-buffering: yes\r\nage: 167951\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ztc5Y%2Fhj9E1C8KMnZHUtKI8msqWqleE73iWWT7O1d0Jg8c%2FHdkF7MGb8GEgk8zQWA7pwbLoUppw824Jk8yuxDOXbUVeTfLsTc4Qt7i5\"}]}\r\ncf-ray: 9a35b3761a46b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.twi-videos.net/favicon.ico","fqdn":"www.twi-videos.net","domain":"twi-videos.net","tld":"net"},"ip":{"addr":"172.67.181.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"twi-videos.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 07:08:32 GMT","end":"Thu, 15 Jan 2026 08:05:59 GMT"},"fingerprint":{"sha1":"2B:CE:E4:B6:57:E4:C0:B6:45:08:4F:DC:5D:F2:87:E2:76:18:27:55","sha256":"42:1D:7D:56:ED:A6:13:F2:BF:AA:FA:2B:B2:8A:F5:0D:8B:B1:0D:ED:32:DD:F8:7C:6F:17:36:89:69:E5:5D:25"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.twi-videos.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vxuPv945JXS6RBBVhapxDBU6D77wxxob3kaoJDaJBeMSUJZF5GWuClvDT5iHmOm4vjKGJfC2tCXOL4yn8uMrqp%2BMAFuMn6YWQQ9d019QNlXvuw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9a35b377398c120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":9,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sorkab.com/favicon.ico","fqdn":"sorkab.com","domain":"sorkab.com","tld":"com"},"ip":{"addr":"172.67.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sorkab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 12:21:44 GMT","end":"Mon, 26 Jan 2026 13:21:42 GMT"},"fingerprint":{"sha1":"0E:87:D0:8D:06:B9:53:D2:4B:10:7E:D4:88:CF:2F:CF:2A:0D:AD:47","sha256":"1F:89:BF:95:E9:44:A7:05:CB:C2:6E:6E:86:A9:E5:1D:6C:12:B2:D1:41:70:41:A2:92:6C:59:56:81:BC:8C:D1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sorkab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ASpCta1n%2BbwzDzlJpuJXTlZARlOSjojXmokgi1TPyd8Kfzm7z5IUz5RXu0scUJn6jkq5kFvL8gY2%2BFWqQKYsTjVTsuUwF3kkbQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9a35b3768f1275ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxjav.com/favicon.ico","fqdn":"jxjav.com","domain":"jxjav.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.436Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: jxjav.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"jxjav.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"icdn05.ourladyboys.com/14668/733397_3.jpg","fqdn":"icdn05.ourladyboys.com","domain":"ourladyboys.com","tld":"com"},"ip":{"addr":"45.133.44.6","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"icdn05.ourladyboys.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Oct 2025 02:33:35 GMT","end":"Sun, 25 Jan 2026 02:33:34 GMT"},"fingerprint":{"sha1":"5C:47:AD:FE:EF:B7:5E:78:C9:87:87:88:F1:FE:6E:2C:00:9E:87:D8","sha256":"35:F7:C0:53:DF:D7:51:E5:63:72:4C:40:69:05:3B:FA:01:00:6A:98:D3:A1:15:C1:A6:67:8F:AE:82:B5:CB:8F"}}},"request":{"raw":"GET /14668/733397_3.jpg HTTP/1.1\r\nHost: icdn05.ourladyboys.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 17293\r\nserver: nginx/1.22.0\r\nx-object-meta-mtime: 1568222177.188056754\r\netag: e8a9bd181491e9357f8513019bf612c7\r\nlast-modified: Sun, 03 May 2020 06:24:39 GMT\r\nx-timestamp: 1588487078.02450\r\nx-trans-id: tx30cabd9164364603a8916-00636ccabc\r\nx-openstack-request-id: tx30cabd9164364603a8916-00636ccabc\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization\r\naccess-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp\r\ncache-control: max-age=2592000\r\nexpires: Wed, 24 Dec 2025 03:08:15 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS9225\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17293,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, components 3","md5":"e8a9bd181491e9357f8513019bf612c7","sha1":"78e4fa6c298521b21a9f6d0474a0830d62838fa6","sha256":"fcbe6e82c53c903d97c4b0e544eb1ece34d5763888799bf6526e5994bb928fcd","sha512":"3aa872a0c2b3cb3b11da1a872122ab7ae1a47f5f8d06ee5f00a7f672430c7d8b6ca66eb8878b57c4a1ea8eec09b069d627913a361e4b4576214bddb22d938443","ssdeep":"384:nDzl4nFpcvaI2PsSA0Bh+Kww6SDsyPyX3lVVHRH2Ew7ZGF4uyo:nD6FpCkPsSA6hWw6Fm4lLHgEFT","tlshash":"d472cf7266c8cb9d4eaf5117d40100a25826f85fc7f59e3728652c9a87f13a8d60de5c","first_seen":"2025-11-01T11:47:41.419397Z","last_seen":"2025-12-25T10:42:57.724018Z","times_seen":5,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":77,"connect":37,"send":0,"wait":20,"receive":20,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdne-pics.youjizz.com/5/0/e/50e15a3c1d3a4720002f24bc02-574-392-400-h264.flv-3.jpg?revnum=8195","fqdn":"cdne-pics.youjizz.com","domain":"youjizz.com","tld":"com"},"ip":{"addr":"64.210.135.114","port":443,"asn":30361,"as":"SWIFTWILL2","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youjizz.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Dec 2024 00:00:00 GMT","end":"Tue, 06 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7","sha256":"B8:B2:2C:F3:DA:14:43:7C:79:64:F3:2C:36:B2:0A:52:EF:A7:AE:C8:FF:5D:57:E2:D1:26:9D:FD:B8:D7:77:B9"}}},"request":{"raw":"GET /5/0/e/50e15a3c1d3a4720002f24bc02-574-392-400-h264.flv-3.jpg?revnum=8195 HTTP/1.1\r\nHost: cdne-pics.youjizz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 17004\r\nlast-modified: Fri, 22 Nov 2013 03:51:08 GMT\r\netag: \"426c-4ebbbeca131f8\"\r\nexpires: Mon, 17 Nov 2025 01:59:34 GMT\r\ncache-control: max-age=10603650\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,OPTIONS\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=300\r\nx-cdn-diag: ams5-7846-1-1862238-h-0-0---;6249-34-1445967----0-0-0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17004,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"Lavc52.20.1\", baseline, precision 8, 308x232, components 3","md5":"a13f9d7f20b35c3e21e727b9859fd99c","sha1":"c52e5204af1caad33eba181ab55b888357fa456b","sha256":"66a392b942a23e0792c837e3d7687a3d04cbd5f47e96b950dc080369ac69287f","sha512":"83211fb515db92d56536ba5134424c0ceef07081c8f710412490b3e94b115ed1ca0d51edea8ea38d6ffe1f4f74c527e8e79d75ede63f43e696aa9e963a25bc3e","ssdeep":"384:n+/Va6k9ldb8c5+8qEqKW14wxhwXMQ1jvSctF5PULGMREQoCwX3G:n+sP9lr7qChwxSXMWSoECOEQ0X3G","tlshash":"0372d18714d760c0f63a41738af643b38b0f46491ae061983e9d5bde45413c5edecd4b","first_seen":"2024-04-24T02:28:42Z","last_seen":"2025-11-24T03:08:53.441381Z","times_seen":10,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":400,"dns":0,"connect":0,"send":0,"wait":51,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 17 Nov 2025 09:58:24 GMT\r\nexpires: Tue, 17 Nov 2026 09:58:24 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 580191\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"resource_available":true,"data":null}},"time_used":355,"timings":{"blocked":143,"dns":1,"connect":30,"send":0,"wait":30,"receive":29,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav102.com/favicon.ico","fqdn":"cav102.com","domain":"cav102.com","tld":"com"},"ip":{"addr":"45.145.72.132","port":443,"asn":201106,"as":"Spartan Host Ltd","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav102.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 10:48:19 GMT","end":"Sat, 17 Jan 2026 10:48:18 GMT"},"fingerprint":{"sha1":"82:94:6E:AC:FA:1B:B3:AD:3A:52:F3:44:5C:22:68:8E:3A:C1:15:86","sha256":"C9:61:FC:04:4A:41:13:4F:00:A5:6F:C2:6B:3D:0E:B4:B1:C6:5B:C5:42:BF:0A:4E:EF:27:16:51:8C:26:96:EA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cav102.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Mon, 25 Jul 2022 15:38:39 GMT\r\netag: \"62deb8ff-10be\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: no-cache\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"79ca959796fd758988aa0acfb9952640","sha1":"8a8e7fa57c016b5cbc943faefc7c651e8959b0ce","sha256":"01d4884a0070a4804680dc80361b4695aa48ca7b37eb6768127b17d9763464cb","sha512":"93862024062645f7a461f4d8b7fac1304642d17c8017d03643a9a20a069437950f2716ec736198b7e201fef0d0d0e3e420e564790e6f8337c8579b87ed530e0f","ssdeep":"24:sueJWJ6kDtRzPzXsComfXGUDe6WSCWn6/+GXG7oJ32n:YkDtRz7XsCn/he9SZU+s2n","tlshash":"899155bbaa7ff1cdec74fe32629006024f2f5d3c46e661838716bd948630c106d8e10a","first_seen":"2024-02-24T21:02:43Z","last_seen":"2026-04-12T19:29:51.617586Z","times_seen":300,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"en.vidmo.pro/favicon.ico","fqdn":"en.vidmo.pro","domain":"vidmo.pro","tld":"pro"},"ip":{"addr":"89.248.193.244","port":443,"asn":49505,"as":"JSC Selectel","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"en.vidmo.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 20:48:10 GMT","end":"Thu, 19 Feb 2026 20:48:09 GMT"},"fingerprint":{"sha1":"B8:8B:9C:2B:E9:53:D3:85:0E:57:74:8D:32:07:72:DF:38:F3:91:DA","sha256":"9B:B3:9F:DD:FB:1B:36:C3:04:60:BF:DF:87:AA:AB:5D:F6:0D:45:20:77:9B:29:19:5F:C4:B6:F1:04:C9:23:3E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: en.vidmo.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 5430\r\nlast-modified: Sun, 14 Oct 2012 21:41:38 GMT\r\netag: \"507b3192-1536\"\r\ncache-control: public, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5430,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"6b6734885d5e4ff9dbb7d82ba6023598","sha1":"3c454d68a346b375ed7b59a131699061e7393b1f","sha256":"0f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819","sha512":"e3d4562da250a2096981bd9a211efa643400ebe18a2d0765e750454b4cf75cb31e9594d8fccfa61a4c86e1c08bbf130dbc635c2974996838444cef029bf3eb50","ssdeep":"96:12lbcmeAscXXZCGv56cOtAe8CKfMibd+tLMiWMyuFa:0muCQpBQ6d+ti","tlshash":"a9b173c151c1e587e0274f38e237d750b1fa2c13bab0ea85156b7a555a731898317b1e","first_seen":"2023-05-05T08:02:57Z","last_seen":"2026-04-12T19:29:51.616695Z","times_seen":690,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-23","alert":"Sinkholed","trigger":"en.vidmo.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pornvideoq.com/thumbs/pqa77-cvp.kivqrbf-pqa.pbz/ivqrbf/guhzof169yy/ns/2n/69/ns2n69n7918o0538609nr28pq044p2r3/ns2n69n7918o0538609nr28pq044p2r3.23.wct.jpg","fqdn":"pornvideoq.com","domain":"pornvideoq.com","tld":"com"},"ip":{"addr":"104.21.235.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pornvideoq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 21:45:44 GMT","end":"Thu, 05 Feb 2026 22:44:19 GMT"},"fingerprint":{"sha1":"3D:99:38:53:3D:43:80:ED:58:14:DE:B8:83:E4:5B:9A:2B:60:17:66","sha256":"A5:56:2E:DD:98:DF:B6:BC:3E:05:41:FE:22:22:1D:65:27:A9:48:09:FB:9D:7A:5E:81:F2:7E:AD:CA:1D:86:A9"}}},"request":{"raw":"GET /thumbs/pqa77-cvp.kivqrbf-pqa.pbz/ivqrbf/guhzof169yy/ns/2n/69/ns2n69n7918o0538609nr28pq044p2r3/ns2n69n7918o0538609nr28pq044p2r3.23.wct.jpg HTTP/1.1\r\nHost: pornvideoq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\nx-litespeed-cache-control: no-cache\r\ncache-control: public, max-age=2073600\r\nexpires: Mon, 24 Nov 2025 01:25:20 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Mon, 17 Nov 2025 01:25:20 GMT\r\nage: 427454\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P%2BAbpkz4NGSSXtOtq9EPZAFPXdrtuu6RwrlqD3x8Jg8kLuOIlsprfm3uB77ZSjdw%2FGz1BfPoS0YHA65bxqW32lqDFAZCBn%2F%2B0c%2Biz2DF\"}]}\r\ncf-ray: 9a35b362a8760731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12404,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 352x198, components 3","md5":"6dd616f9e7a899f3af2a90f3cf90c9c7","sha1":"9f3e5c2d3e5b085bd9853539a44274a417a095a1","sha256":"ec3a2de930ef194572a18273ea5e647ccfc54bd2678db2f8eb4f1d1dc761aa44","sha512":"dfec8505aea890c904af5d8766da9a6d1c2ca8a49ce29bcdd508de2b97a74d35ce3e093299d460542b1a277a7825641516eeeb7f512df7a540e07885c2dbc862","ssdeep":"384:Gy6Y7T0I5dolYIGYc+bnsLAsajzckF5CH:GyD7T0VyIeTLAsEe","tlshash":"cd42d06fbb21d38a07d0cc27c9a5785061dd0f974aad3a368de072f0eb49c73b849514","first_seen":"2025-07-07T16:54:36.537458Z","last_seen":"2026-01-28T09:36:22.189177Z","times_seen":18,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":26,"connect":11,"send":0,"wait":8,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-620120-3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:50 GMT","end":"Mon, 19 Jan 2026 08:33:49 GMT"},"fingerprint":{"sha1":"48:8A:E6:98:60:86:BA:71:57:34:7F:7F:AB:BA:86:86:8F:73:20:E2","sha256":"AF:F1:47:F8:37:C7:C4:95:30:91:49:71:1C:6F:0E:A8:5A:0D:92:0C:E2:D9:F4:A7:AF:27:C5:6B:39:0D:33:46"}}},"request":{"raw":"GET /gtag/js?id=UA-620120-3 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\nexpires: Mon, 24 Nov 2025 03:08:15 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 102425\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":288465,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3318)","md5":"58888772cdf1ee35b0ea7816be5f4d8e","sha1":"d05013d4285ed684fce812e70f395d548a9c1a5e","sha256":"14387671328f739ea42c6f38567a72cac12eccefef4c683ad456af869e97996f","sha512":"d6ad94a6fa63a722e00578daa851f6c31367748e8a619b923af76e7552190bdfb32ced13ca9988610ae19730097f91833f5f4a98b37dfe50a11942c2dd88f99b","ssdeep":"3072:LxvNCF05vkzUrzMo0ulFe1dRGeefSJQWfQXr2XdArNbE0jcVWo6O7nGQUO7ujUBK:2FBUXt+eUI2X6u0IVWo6O7GQUO7ujUBK","tlshash":"d95418cc77dab42243a36478503f114bb23b7992f84cc894e186d9d92e70aa94277f7d","first_seen":"2025-11-23T18:32:40.981883Z","last_seen":"2025-11-24T03:08:53.443971Z","times_seen":2,"resource_available":true,"data":null}},"time_used":445,"timings":{"blocked":160,"dns":5,"connect":37,"send":0,"wait":58,"receive":63,"ssl":108},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:17.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js?1 HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 17 Nov 2025 11:18:55 GMT\r\nexpires: Tue, 17 Nov 2026 11:18:55 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 575362\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T17:07:29.912995Z","times_seen":122539,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dragon.brettspizzeria.com/favicon.ico","fqdn":"dragon.brettspizzeria.com","domain":"brettspizzeria.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.420Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dragon.brettspizzeria.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":47,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"idolerotic.net/favicon.ico","fqdn":"idolerotic.net","domain":"idolerotic.net","tld":"net"},"ip":{"addr":"153.122.86.155","port":443,"asn":131921,"as":"GMO GlobalSign Holdings K.K.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"idolerotic.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Oct 2025 20:51:49 GMT","end":"Thu, 15 Jan 2026 20:51:48 GMT"},"fingerprint":{"sha1":"69:D5:59:9B:5A:EF:0F:E1:16:05:F8:3C:F0:54:6E:E3:C2:70:E4:14","sha256":"8A:4C:2E:B1:D5:C3:8B:60:53:64:B5:A8:B2:55:D4:EC:33:9D:2C:3B:BD:5D:39:8D:6A:30:4B:20:D8:F4:B1:23"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: idolerotic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 24 Nov 2025 03:08:18 GMT\r\nServer: Apache\r\nLink: \u003chttps://idolerotic.net/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nX-Redirect-By: WordPress\r\nLocation: https://idolerotic.net/wp-content/uploads/2022/04/cropped-favicon-32x32.png\r\nX-Powered-By: PHP/8.2.29, PleskLin\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":84,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":460,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":459,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"idolerotic.net/wp-content/uploads/2022/04/cropped-favicon-32x32.png","fqdn":"idolerotic.net","domain":"idolerotic.net","tld":"net"},"ip":{"addr":"153.122.86.155","port":443,"asn":131921,"as":"GMO GlobalSign Holdings K.K.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"idolerotic.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Oct 2025 20:51:49 GMT","end":"Thu, 15 Jan 2026 20:51:48 GMT"},"fingerprint":{"sha1":"69:D5:59:9B:5A:EF:0F:E1:16:05:F8:3C:F0:54:6E:E3:C2:70:E4:14","sha256":"8A:4C:2E:B1:D5:C3:8B:60:53:64:B5:A8:B2:55:D4:EC:33:9D:2C:3B:BD:5D:39:8D:6A:30:4B:20:D8:F4:B1:23"}}},"request":{"raw":"GET /wp-content/uploads/2022/04/cropped-favicon-32x32.png HTTP/1.1\r\nHost: idolerotic.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://av.av4.website/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 24 Nov 2025 03:08:19 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 Apr 2022 01:48:52 GMT\r\nETag: \"54-5ddd55c7791b5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 84\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":84,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 1-bit colormap, non-interlaced","md5":"d146cb398929f06017919596f5c2335b","sha1":"fb4a61bde5a5b06aee6cec64ecfbe273c9758288","sha256":"9c8abfd90c9d3bdf792c35be6cc84b42f37a03b99ec4c52282ae4c0510d98841","sha512":"9d6f58cfab14ee1195dfbf25de6a3d7699e204fad6850ef441111ed905492b1b4f40c4706492dc754438c2d0847c186864318c7e502652a170dba9e76064f8cf","ssdeep":"","tlshash":"1ba012d629601c23d28802632115c010e9a2412605370017121845259631000d864351","first_seen":"2025-02-26T09:30:37.529667Z","last_seen":"2026-01-20T20:48:23.879634Z","times_seen":28,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sorkab.com/wp-content/uploads/2025/01/0007202.jpg","fqdn":"sorkab.com","domain":"sorkab.com","tld":"com"},"ip":{"addr":"172.67.68.98","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sorkab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 12:21:44 GMT","end":"Mon, 26 Jan 2026 13:21:42 GMT"},"fingerprint":{"sha1":"0E:87:D0:8D:06:B9:53:D2:4B:10:7E:D4:88:CF:2F:CF:2A:0D:AD:47","sha256":"1F:89:BF:95:E9:44:A7:05:CB:C2:6E:6E:86:A9:E5:1D:6C:12:B2:D1:41:70:41:A2:92:6C:59:56:81:BC:8C:D1"}}},"request":{"raw":"GET /wp-content/uploads/2025/01/0007202.jpg HTTP/1.1\r\nHost: sorkab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: referer, accept-encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=quBVM6ni0855eduUmfszKrTvCF4ZLkz54B5DV3aoBX5%2FEFON218iWqDcAgyLZ3rXWLUVZx7%2BSc1oKiKxfhBeqEAaIKigMrw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9a35b362d8ed56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":10,"dns":42,"connect":8,"send":0,"wait":9,"receive":0,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdne-pics.youjizz.com/b/4/0/c/6/b40c67ef179017438d9f510c2249c94e1490939739-39.jpg","fqdn":"cdne-pics.youjizz.com","domain":"youjizz.com","tld":"com"},"ip":{"addr":"64.210.135.114","port":443,"asn":30361,"as":"SWIFTWILL2","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youjizz.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Dec 2024 00:00:00 GMT","end":"Tue, 06 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7","sha256":"B8:B2:2C:F3:DA:14:43:7C:79:64:F3:2C:36:B2:0A:52:EF:A7:AE:C8:FF:5D:57:E2:D1:26:9D:FD:B8:D7:77:B9"}}},"request":{"raw":"GET /b/4/0/c/6/b40c67ef179017438d9f510c2249c94e1490939739-39.jpg HTTP/1.1\r\nHost: cdne-pics.youjizz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20421\r\nlast-modified: Sat, 23 Oct 2021 11:31:05 GMT\r\netag: \"4fc5-5cf03769938e0\"\r\nexpires: Thu, 11 Sep 2025 20:52:18 GMT\r\ncache-control: max-age=10734541\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,OPTIONS\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=300\r\nx-cdn-diag: ams5-7619-1-1858265-h-0-0---;6249-34-1445967----0-0-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20421,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 692x693, segment length 16, comment: \"Lavc57.89.100\", baseline, precision 8, 308x232, components 3","md5":"e008456dec01cfbd3ef45f3259fb5848","sha1":"c26449d2b51c078cac80b78117b0bec4753963d8","sha256":"4ec517aac74f6036d7d792ec1782437823c73e9501e72d913cb5ff914fd8491f","sha512":"a08ed48db8742beecf992bfa12d3a22e932cd7214b5072a1b79cd2eb3f73d46c3ad12ea741fe0a9ec1f93524f82618c6962cfdaba02fb27e6f5f7f4249cb8f5c","ssdeep":"384:tFpEaZWsHlry0+vvWKvln8BwAjFt5dkEkoKxkTvqqlnkFnCztjOnzU1icn:LNAyX+vl8B/tuoKxkTvHlkFnC0cn","tlshash":"3392d0a2f342dd1aca14ad30479c8bba445f3e506e7fe6199081a6f5c3b11bc4245fdc","first_seen":"2025-11-24T03:08:53.445516Z","last_seen":"2025-11-24T03:08:53.445516Z","times_seen":1,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":25,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/yandex-metrica-watch/watch.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 84534\r\ncf-ray: 9a35b3660d9956b9-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.419.0\r\nx-jsd-version-type: version\r\netag: W/\"34478-Ywa9buIArT/49Z352XDhYNedp30\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220131-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 3395\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=8n%2BPtkVJAAwTr0mf7Z79CbgSCZyQE77FWboTRsHBvzvFWZkhS2m2neX6XErT423jladSjeTkWk%2FsxZxiI3Pb4ey25lIWMMiCKJ8TE2v7LJ6nQp2YNje8mWeOEB6NykdXGjo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":214136,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (675)","md5":"abfb777cf034fa2c669e1756a7cc8c53","sha1":"12303aadb2de95480e05f16e2f13454f34bbab38","sha256":"b9fa2ae58df589b0228d43dc71eb3c1a253676ff890967900d5b93014de47f09","sha512":"4e07b2fa65781d1150fb782af96830f6b0474f9d83db72c56b7fbedca7ab05d4b7b9c927a5bf5f7f12572a2c123dac15b531e9486b51a85afa47c428fbc9f59d","ssdeep":"3072:ykMjIS3dT517/JKl/erLUa3K+IvYtjbNsnaC81fqhWnQEb7t72VOm:5MjIS3r1zJKl/ergvYGaH1fqhWP7t7fm","tlshash":"7424e7d97692b062937334b4902f000fb2bea8a6f10c8955f1c5d9d97e78da89137f6c","first_seen":"2025-11-21T01:17:25.190206Z","last_seen":"2025-11-25T01:11:13.016103Z","times_seen":18,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":22,"dns":1,"connect":2,"send":0,"wait":17,"receive":5,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"download.mp3tube.club/favicon.ico","fqdn":"download.mp3tube.club","domain":"mp3tube.club","tld":"club"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.380Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: download.mp3tube.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":334,"timings":{"blocked":0,"dns":26,"connect":109,"send":0,"wait":0,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filtradas.com/uploads/default/optimized/2X/e/e27f9fb5ad331a402e9e9302b3386080c84837f7_2_585x1024.jpeg","fqdn":"filtradas.com","domain":"filtradas.com","tld":"com"},"ip":{"addr":"91.234.199.87","port":443,"asn":43641,"as":"SOLLUTIUM EU Sp z.o.o.","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filtradas.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Nov 2025 03:08:59 GMT","end":"Mon, 02 Feb 2026 03:08:58 GMT"},"fingerprint":{"sha1":"E1:A5:18:66:02:A1:30:48:C0:63:B8:0D:A6:A0:6A:4D:49:FB:31:A4","sha256":"F3:EF:EA:51:6F:29:3C:97:1C:9E:B5:C9:DB:69:E9:BE:55:EA:E1:47:AC:EB:1B:EB:A6:2A:5B:B1:74:85:D0:AB"}}},"request":{"raw":"GET /uploads/default/optimized/2X/e/e27f9fb5ad331a402e9e9302b3386080c84837f7_2_585x1024.jpeg HTTP/1.1\r\nHost: filtradas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"page.phic4.top/myda.php","fqdn":"page.phic4.top","domain":"phic4.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.204Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /myda.php HTTP/1.1\r\nHost: page.phic4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":497,"timings":{"blocked":497,"dns":0,"connect":242,"send":0,"wait":0,"receive":0,"ssl":245},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"page.phic4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"page.phic4.top/myda.php","fqdn":"page.phic4.top","domain":"phic4.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://css.jpg4.icu/tagjpa.php?noself=1\u0026url=av.av4.click/tags/8","date":"2025-11-24T03:08:17.053Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /myda.php HTTP/1.1\r\nHost: page.phic4.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://css.jpg4.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":0,"dns":1,"connect":226,"send":0,"wait":0,"receive":0,"ssl":226},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"page.phic4.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zoobeeg.net/favicon.ico","fqdn":"zoobeeg.net","domain":"zoobeeg.net","tld":"net"},"ip":{"addr":"104.21.7.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoobeeg.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 09 Nov 2025 15:49:31 GMT","end":"Sat, 07 Feb 2026 16:48:12 GMT"},"fingerprint":{"sha1":"45:87:6A:00:E2:05:B5:8C:2C:F9:62:B8:F8:83:EB:0E:D8:9E:39:C8","sha256":"D4:E9:D4:2C:9D:60:39:ED:15:DF:77:B5:61:D6:85:DB:9F:F9:66:78:66:5D:68:07:03:79:2F:46:F2:F5:06:5C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zoobeeg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FKdAfctdL0PCumPgwrpRUKQ9YxaUXTrA6yHgbTUxdqi9Ibrbt%2B%2BkHMcTvoceyQx4NZCCZBsUVWFszs%2FJU2SRmj6gTEskuJoJ9g%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ncf-ray: 9a35b377bdb5b4ee-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":8,"connect":8,"send":0,"wait":27,"receive":0,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fixedjs.4vid.top/av4usimage.png","fqdn":"fixedjs.4vid.top","domain":"4vid.top","tld":"top"},"ip":{"addr":"172.67.181.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4vid.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 04:08:57 GMT","end":"Fri, 13 Feb 2026 05:05:33 GMT"},"fingerprint":{"sha1":"99:1F:D8:6E:39:72:6F:D5:11:7F:B0:79:4D:F6:40:0E:A5:37:9F:9A","sha256":"F4:87:3F:1A:B8:E5:52:39:3C:56:29:BB:B7:CD:E0:20:DE:45:F2:30:28:80:C4:8D:AB:CA:AE:DC:24:7C:14:56"}}},"request":{"raw":"GET /av4usimage.png HTTP/1.1\r\nHost: fixedjs.4vid.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 2619\r\nserver: cloudflare\r\netag: \"a3b-6437702003080\"\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\ncache-control: public, max-age=360000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wS2bQtxYRU05N3RHLCcTGI1Z0n3GKnaU2LtFmBk2KgcPOplLqmjSeonj%2B0mn671EwYURx19T%2FQfPX8N0OB0rRqSVqHviyua8rZvwkhaCNrA%3D\"}]}\r\nage: 167527\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9a35b3610924120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 339 x 89, 8-bit/color RGB, non-interlaced","md5":"8267aaadeeeb8c9fa7482f2f9db2d4e3","sha1":"a2ef23d3b5f9d9bb3102c855a8ace072884ba60c","sha256":"998cf9d427c2e322904e89a056ba823b56078fb199b7395883f3eafabaadbea8","sha512":"719215d8ec70b8b36b24277a80e7876be2fa1afe3698c05bbff013b6a2936701f266e694c221756e7306d1a945013986a53e41af0bc90bdd4bbf0dcbe33f7637","ssdeep":"","tlshash":"f5513ccb05b2fdbc657d79976105a79ef3a896c72982b872565c38c14243a0096c1fe1","first_seen":"2025-11-13T21:07:01.541567Z","last_seen":"2026-04-12T19:29:51.682384Z","times_seen":362,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"fixedjs.4vid.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.po-kaki-to.com/wp-content/uploads/2022/02/1644030326.jpg","fqdn":"www.po-kaki-to.com","domain":"po-kaki-to.com","tld":"com"},"ip":{"addr":"104.21.10.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"po-kaki-to.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 08:30:35 GMT","end":"Wed, 07 Jan 2026 09:28:52 GMT"},"fingerprint":{"sha1":"46:A0:A7:82:A8:FC:6F:4E:CF:69:F3:2E:E8:AD:ED:95:0F:24:C9:BD","sha256":"F1:E6:5C:0F:67:3A:87:95:FC:DA:25:3B:AD:26:FC:D2:95:E2:7E:D0:42:A7:6B:2C:86:50:CD:5E:13:EA:AF:A7"}}},"request":{"raw":"GET /wp-content/uploads/2022/02/1644030326.jpg HTTP/1.1\r\nHost: www.po-kaki-to.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52356\r\nserver: cloudflare\r\nlast-modified: Sat, 05 Feb 2022 03:05:26 GMT\r\netag: \"61fde976-cc84\"\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Thu, 19 Feb 2026 02:03:22 GMT\r\ncache-control: max-age=7776000\r\naccept-ranges: bytes\r\nage: 263092\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pYtYoDCAlGsvkY5%2BxpAs2eF148EPfOtdItGU%2BhilXyHg36ti87chfymtnQmiXzdGsk%2Fdcg0zzt1bkGzD5tOOYZePWKAk4kTJRnydkVii7tc%3D\"}]}\r\ncf-ray: 9a35b36279cf569b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52356,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 650x500, components 3","md5":"32bfaf40234c91932ae0700052bfbfa9","sha1":"da154364fefb9cd2fc0bd7a4ae74eddf88c30174","sha256":"b4c85ba31782f842fc507673bdc3d16345c9dcf9ad9ad512fe371bfa6fdc7d14","sha512":"2ce1a9d79500be50f9a1c09f79087b620c87245710da215e02a420abcc7787d88701f96f9b7b0319dbae3468be16a74f8667fd3a26586ba42989f19423206985","ssdeep":"1536:YbG+zuCevHSTXYJJhDhfQ9QUR3VJy6kVgx5A1C/qX:Y7YH95yNRdwC/qX","tlshash":"3e33024d36bad72932286d3d99128235fa8fc8242b4d4d1fd3a47d2785543e26bb7b0c","first_seen":"2025-09-13T05:56:21.970418Z","last_seen":"2026-03-01T22:32:14.175466Z","times_seen":49,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":1,"dns":12,"connect":4,"send":0,"wait":7,"receive":2,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ansuko.net/wp-content/uploads/2024/12/3-12.jpg","fqdn":"ansuko.net","domain":"ansuko.net","tld":"net"},"ip":{"addr":"104.21.54.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ansuko.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 11:42:18 GMT","end":"Tue, 06 Jan 2026 12:39:58 GMT"},"fingerprint":{"sha1":"F5:7A:D2:13:21:CE:EB:03:E2:D6:BE:F2:03:73:1F:55:8F:6B:68:4A","sha256":"4E:51:47:18:74:38:C5:CD:59:59:6B:15:27:21:87:E4:21:5C:E7:A4:96:C3:F6:7A:F3:06:9F:82:BE:6B:3A:65"}}},"request":{"raw":"GET /wp-content/uploads/2024/12/3-12.jpg HTTP/1.1\r\nHost: ansuko.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 168014\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nlast-modified: Sat, 22 Nov 2025 04:28:00 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v7T1OWL1Trk1fwdpY07Afg8S3oIrGhg5aXpG1r13oN2BhlV98lDVbC6mhjCkfO0GdoufxZad6PxZOVWdxF%2Fso%2Brrah2H47ib\"}]}\r\ncf-ray: 9a35b3626fe456a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56954,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 600x400, components 3","md5":"6577c3fdbcbfb024bf8a40085e51fec7","sha1":"af98aa00d3f5f290141be5ce466358859e1f45ba","sha256":"b7e63e084a826371246a257699d010b225831e2f401b3589818dc305c2de0eae","sha512":"eb56448b8d73af5e29c3bf3c789ce4084ef04e0d6c9975c47075fbceec43838d94c80176951614d10d6adfcd9df204b177e5a70a8ddbab92e787feb587947ebf","ssdeep":"1536:+yBh459O1XTwTc5R8aSNK80664/JPVPstzc2H:zBh4zFTcUDNt64xPVU+2H","tlshash":"844302029fb8aaf2781f1db95db3881240f7256f1a9af741ba770240c838f14359629d","first_seen":"2025-11-03T03:17:25.097237Z","last_seen":"2026-03-03T09:47:10.788616Z","times_seen":43,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":143,"dns":30,"connect":4,"send":0,"wait":10,"receive":0,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.webvisor.org/watch/48140495?wmode=7\u0026page-url=https%3A%2F%2Fav.av4.website%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A34uhc9yx47x503v45ilylhckrosdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2272%3Acn%3A1%3Adp%3A0%3Als%3A1154564248525%3Ahid%3A969749996%3Az%3A0%3Ai%3A20251124030816%3Aet%3A1763953696%3Ac%3A1%3Arn%3A158512607%3Arqn%3A1%3Au%3A1763953696163836378%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C20%2C762%2C1%2C26%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1763953693853%3Afip%3A62ad40cc837aebd1bc6ee147cace94d1-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1763953696%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us\u0026t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42534404)fip(1)ti(1)","fqdn":"mc.webvisor.org","domain":"webvisor.org","tld":"org"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mc.webvisor.com","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 18 Aug 2025 21:05:34 GMT","end":"Mon, 09 Feb 2026 20:59:59 GMT"},"fingerprint":{"sha1":"52:51:83:17:11:3C:6A:D0:47:28:FB:42:75:CF:6A:DA:48:B5:5A:C8","sha256":"69:B8:8D:9D:77:CB:F9:C7:48:04:E2:8C:99:28:7C:EF:5E:C7:2B:43:D6:52:7B:21:D2:99:F6:86:18:A6:0F:80"}}},"request":{"raw":"GET /watch/48140495?wmode=7\u0026page-url=https%3A%2F%2Fav.av4.website%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A34uhc9yx47x503v45ilylhckrosdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2272%3Acn%3A1%3Adp%3A0%3Als%3A1154564248525%3Ahid%3A969749996%3Az%3A0%3Ai%3A20251124030816%3Aet%3A1763953696%3Ac%3A1%3Arn%3A158512607%3Arqn%3A1%3Au%3A1763953696163836378%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C20%2C762%2C1%2C26%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1763953693853%3Afip%3A62ad40cc837aebd1bc6ee147cace94d1-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1763953696%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us\u0026t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42534404)fip(1)ti(1) HTTP/1.1\r\nHost: mc.webvisor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://av.av4.website/\r\nOrigin: https://av.av4.website\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1; mode=block\r\npragma: no-cache\r\nlast-modified: Mon, 24-Nov-2025 03:08:16 GMT\r\nexpires: Mon, 24-Nov-2025 03:08:16 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\naccess-control-allow-credentials: true\r\nlocation: /watch/48140495/1?wmode=7\u0026page-url=https%3A%2F%2Fav.av4.website%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A34uhc9yx47x503v45ilylhckrosdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2272%3Acn%3A1%3Adp%3A0%3Als%3A1154564248525%3Ahid%3A969749996%3Az%3A0%3Ai%3A20251124030816%3Aet%3A1763953696%3Ac%3A1%3Arn%3A158512607%3Arqn%3A1%3Au%3A1763953696163836378%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C20%2C762%2C1%2C26%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1763953693853%3Afip%3A62ad40cc837aebd1bc6ee147cace94d1-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1763953696%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842534404%29fip%281%29ti%281%29\u0026redirnss=1\r\nset-cookie: yabs-sid=651117881763953696; Path=/; SameSite=None; Secure\ni=QPdUMFmF9L7x9u91saoBFf8I9dbwrsOU0Mp51SULCt3VxNgfVX0d3PS2A3FT4ZO9FRr7VnyaHBXsbwoRtmCFHusYLuk=; Expires=Thu, 22-Nov-2035 03:08:15 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None\nyandexuid=9514239661763953696; Expires=Thu, 22-Nov-2035 03:08:15 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None\nyuidss=9514239661763953696; Expires=Tue, 24-Nov-2026 03:08:16 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure\nymex=1795489696.yrts.1763953696#1795489696.yrtsi.1763953696; Expires=Tue, 24-Nov-2026 03:08:16 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure\nbh=YKCYj8kGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.webvisor.org; Expires=Tue, 29 Dec 2026 03:08:16 GMT; SameSite=None; Secure\nbh=YKCYj8kGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.webvisor.org; Expires=Tue, 29 Dec 2026 03:08:16 GMT; SameSite=None; Secure\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\naccess-control-allow-origin: https://av.av4.website\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":665,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":431,"timings":{"blocked":190,"dns":13,"connect":46,"send":0,"wait":50,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pdocac.jpg4.icu/av4usimage.png","fqdn":"pdocac.jpg4.icu","domain":"jpg4.icu","tld":"icu"},"ip":{"addr":"172.67.183.25","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jpg4.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 12:55:24 GMT","end":"Mon, 29 Dec 2025 13:47:12 GMT"},"fingerprint":{"sha1":"96:85:BD:ED:76:A2:73:09:97:53:FA:59:74:7A:3B:21:78:1E:B0:55","sha256":"F2:46:44:0F:FB:CD:4B:FF:7C:0E:8B:3C:20:1A:52:F4:2B:40:FE:06:E3:6A:64:8F:01:48:F0:28:37:C6:95:6C"}}},"request":{"raw":"GET /av4usimage.png HTTP/1.1\r\nHost: pdocac.jpg4.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 24 Nov 2025 03:08:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 2619\r\npriority: u=4,i=?0\r\netag: \"a3b-6437702003080\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\ncache-control: public, max-age=360000\r\nx-proxy-cache-192g-la: MISS\r\nxkey-192la: pdocac.jpg4.icu/av4usimage.png--pdocac.jpg4.icu-pdocac.jpg4.icu-myzone---no\r\nx-proxy-cache-tot-vt: HIT\r\nxkey-tot-vt: pdocac.jpg4.icu/av4usimage.png--pdocac.jpg4.icu--my_zone\r\naccept-ranges: bytes\r\nage: 342312\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1i9D%2BtNX7%2Fj%2BrIGLcysKXesKOYwNnUGvIW8Oy7xMA2VvOb44WMrjE4xrv9fwza3k3cib9cDVdRI5BMiqYdcxcOVXuGHzsrBXYDO%2BgRvAMA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a35b377ac452efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 339 x 89, 8-bit/color RGB, non-interlaced","md5":"8267aaadeeeb8c9fa7482f2f9db2d4e3","sha1":"a2ef23d3b5f9d9bb3102c855a8ace072884ba60c","sha256":"998cf9d427c2e322904e89a056ba823b56078fb199b7395883f3eafabaadbea8","sha512":"719215d8ec70b8b36b24277a80e7876be2fa1afe3698c05bbff013b6a2936701f266e694c221756e7306d1a945013986a53e41af0bc90bdd4bbf0dcbe33f7637","ssdeep":"","tlshash":"f5513ccb05b2fdbc657d79976105a79ef3a896c72982b872565c38c14243a0096c1fe1","first_seen":"2025-11-13T21:07:01.541567Z","last_seen":"2026-04-12T19:29:51.682384Z","times_seen":362,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":19,"dns":20,"connect":16,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fixedjs.4vid.top/av4usimage.png","fqdn":"fixedjs.4vid.top","domain":"4vid.top","tld":"top"},"ip":{"addr":"172.67.181.78","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4vid.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 04:08:57 GMT","end":"Fri, 13 Feb 2026 05:05:33 GMT"},"fingerprint":{"sha1":"99:1F:D8:6E:39:72:6F:D5:11:7F:B0:79:4D:F6:40:0E:A5:37:9F:9A","sha256":"F4:87:3F:1A:B8:E5:52:39:3C:56:29:BB:B7:CD:E0:20:DE:45:F2:30:28:80:C4:8D:AB:CA:AE:DC:24:7C:14:56"}}},"request":{"raw":"GET /av4usimage.png HTTP/1.1\r\nHost: fixedjs.4vid.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\nserver: cloudflare\r\netag: \"a3b-6437702003080\"\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Cake\r\ncache-control: public, max-age=360000\r\ncontent-length: 2619\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: image/png\r\nage: 167529\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dtYyLBcB1qmtdBB0Fbg7VxbxkSeGORQNmXpkPhslfG%2BjYcuf6dWOiuJGwHfI8SiXBeQK5BpoetmC4WRHvE8QPba%2BE343C98mssqOXPASsX4%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9a35b369e8010daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 339 x 89, 8-bit/color RGB, non-interlaced","md5":"8267aaadeeeb8c9fa7482f2f9db2d4e3","sha1":"a2ef23d3b5f9d9bb3102c855a8ace072884ba60c","sha256":"998cf9d427c2e322904e89a056ba823b56078fb199b7395883f3eafabaadbea8","sha512":"719215d8ec70b8b36b24277a80e7876be2fa1afe3698c05bbff013b6a2936701f266e694c221756e7306d1a945013986a53e41af0bc90bdd4bbf0dcbe33f7637","ssdeep":"","tlshash":"f5513ccb05b2fdbc657d79976105a79ef3a896c72982b872565c38c14243a0096c1fe1","first_seen":"2025-11-13T21:07:01.541567Z","last_seen":"2026-04-12T19:29:51.682384Z","times_seen":362,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-24","alert":"Sinkholed","trigger":"fixedjs.4vid.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ansuko.net/wp-content/uploads/2024/12/izbvbkbz_header.jpg","fqdn":"ansuko.net","domain":"ansuko.net","tld":"net"},"ip":{"addr":"104.21.54.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ansuko.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 11:42:18 GMT","end":"Tue, 06 Jan 2026 12:39:58 GMT"},"fingerprint":{"sha1":"F5:7A:D2:13:21:CE:EB:03:E2:D6:BE:F2:03:73:1F:55:8F:6B:68:4A","sha256":"4E:51:47:18:74:38:C5:CD:59:59:6B:15:27:21:87:E4:21:5C:E7:A4:96:C3:F6:7A:F3:06:9F:82:BE:6B:3A:65"}}},"request":{"raw":"GET /wp-content/uploads/2024/12/izbvbkbz_header.jpg HTTP/1.1\r\nHost: ansuko.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 970835\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nlast-modified: Wed, 12 Nov 2025 21:27:39 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9xdmfdUHGg47PtMbfJ6Dl3Cpf8fO%2BsHR6Ay6UE0AQclRYYqR6csrsnvwQANFMUvgdtKh3OBmjsDObGmRy1p2nyn2q2EEeS5N\"}]}\r\ncf-ray: 9a35b3624fd356a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150681,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 700x791, components 3","md5":"decfee9195b9b82e6b3788d10a2d01d7","sha1":"1a0c156aa8db0a13c03ef09ec2485506ec48082f","sha256":"e01edbb85df09438bd2ce25ff0c3d4b8a0063e31e748bcbd95077c158af3ad46","sha512":"da51cb2ec9219d025d2b9ef09401c6e44e35a370a787496fa4ec2e6f7435bbe89a312c6854557694efa9a5cd4da30f0e608596b4c699baddf2fa5ce216c677a9","ssdeep":"3072:3Q4MGxwHECo5zhcDdCCJ+zM+GBG3C2wBXuDVQ+ldYtS:3QS0uGgz3GB2GoW+ld5","tlshash":"98e312b2014039c7110c8e97bdaf7c5c65c74c929a5d90d2a5d9dfa8bb4b19a7cbc338","first_seen":"2025-11-03T22:08:47.093047Z","last_seen":"2025-12-16T06:19:43.928165Z","times_seen":9,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":0,"dns":13,"connect":4,"send":0,"wait":10,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filtradas.com/uploads/default/optimized/2X/2/23b1992490ed4e3678351eba1330379754989404_2_1024x576.jpeg","fqdn":"filtradas.com","domain":"filtradas.com","tld":"com"},"ip":{"addr":"91.234.199.87","port":443,"asn":43641,"as":"SOLLUTIUM EU Sp z.o.o.","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filtradas.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Nov 2025 03:08:59 GMT","end":"Mon, 02 Feb 2026 03:08:58 GMT"},"fingerprint":{"sha1":"E1:A5:18:66:02:A1:30:48:C0:63:B8:0D:A6:A0:6A:4D:49:FB:31:A4","sha256":"F3:EF:EA:51:6F:29:3C:97:1C:9E:B5:C9:DB:69:E9:BE:55:EA:E1:47:AC:EB:1B:EB:A6:2A:5B:B1:74:85:D0:AB"}}},"request":{"raw":"GET /uploads/default/optimized/2X/2/23b1992490ed4e3678351eba1330379754989404_2_1024x576.jpeg HTTP/1.1\r\nHost: filtradas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86656\r\nlast-modified: Wed, 12 Nov 2025 20:47:47 GMT\r\nexpires: Tue, 24 Nov 2026 03:08:15 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86656,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x576, components 3","md5":"0571a99a1e63f6fb6629d95c2f476e34","sha1":"68e6ba18b78bcdf04028c2926002aefaa2a7990a","sha256":"bc155e148dd125ed415a156be6830fe5beca2ed135fc7cfd128c27c16dd29881","sha512":"3291c94fdc01d0564798524405aacb6a7021b842e7e20b74932764d21b203824b10765af842a768946681e2cf58738e24b856ea09a7a06ef52dd583a818c6f42","ssdeep":"1536:ndmdDSpqOXVxLaNKNi/xaHHdfXYdxA79VRXKFJMmt1HpyPPUU8PufFsL7iMcGhGk:gaqOlKBkHHFXcxM36UdkU8PmF2cGUk","tlshash":"188302480e335631ab93da5919118ef5f04e8ceae24e2c3c827d16bddef24cd1ec4966","first_seen":"2025-11-21T22:46:48.391454Z","last_seen":"2026-01-09T07:48:48.59827Z","times_seen":33,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":132,"dns":0,"connect":0,"send":0,"wait":53,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thumb.aporntv.com/thumbs/6/3/0/5/0/62fe1792ed168Taboo%20family%20hard.mp4/62fe1792ed168Taboo%20family%20hard.mp4-9.jpg","fqdn":"thumb.aporntv.com","domain":"aporntv.com","tld":"com"},"ip":{"addr":"104.26.1.238","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aporntv.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Oct 2025 20:50:31 GMT","end":"Wed, 14 Jan 2026 20:50:30 GMT"},"fingerprint":{"sha1":"1A:53:66:D8:5B:B7:E8:29:37:40:02:2C:4E:15:FA:CF:D8:50:0C:0D","sha256":"E0:FE:7A:AA:4C:34:05:2A:2C:11:85:67:A0:47:68:FE:F2:FB:27:DF:D4:67:03:5D:AB:5F:DE:E6:91:53:A8:47"}}},"request":{"raw":"GET /thumbs/6/3/0/5/0/62fe1792ed168Taboo%20family%20hard.mp4/62fe1792ed168Taboo%20family%20hard.mp4-9.jpg HTTP/1.1\r\nHost: thumb.aporntv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2109\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5bzDUS5ArCKaKs37%2BW8gig5EdIE1FOHVkF5SRCLWi4NC8shiTgnJP%2BOk5cyaYvsuE%2F%2B0AnPj5GI472q9djdw%2BvW3MrJdZYDGkGoJfOnSkKs%3D\"}]}\r\ncache-control: public, max-age=16070400\r\ncf-bgj: imgq:100,h2pri\r\naccept-ranges: bytes\r\ncf-polished: origSize=2165\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"63050e73-875\"\r\nexpires: Thu, 27 Nov 2025 06:54:00 GMT\r\nlast-modified: Tue, 23 Aug 2022 17:29:23 GMT\r\ncf-cache-status: HIT\r\nage: 332055\r\nvary: accept-encoding\r\ncf-ray: 9a35b362383e0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2109,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 71x40, segment length 16, progressive, precision 8, 200x150, components 3","md5":"bee9e3f86387b2f5e5f42e71a12b8ed5","sha1":"00908c6d9da6ae59b7790a07282d718276b2b707","sha256":"66749a5442bfbb5107751b67fbeb0bd529dd7f2d107a5aefe718920cb5ae4acd","sha512":"9f533e811ab9ee74707d75c9d62affb20b3647a72bc6fe697487d33e0ffb05e0e2d21ad2d142912ed2a43808cc27077336271fc8c0d56f3eac56aafc54a50c87","ssdeep":"","tlshash":"9841fc6bc1718517ee62a0fe4952456868297946331507371a802c37be6e5632f85317","first_seen":"2025-11-24T03:08:53.451313Z","last_seen":"2025-11-24T03:08:53.451313Z","times_seen":1,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":3,"dns":8,"connect":4,"send":0,"wait":25,"receive":1,"ssl":131},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdne-pics.youjizz.com/d/b/b/dbb88a6eab427f1e258ab0cea833eda81349737867.Tight_Skinny_Teen_-_Teen_sex_video_-_Tube8com.flv-14.jpg?revnum=1","fqdn":"cdne-pics.youjizz.com","domain":"youjizz.com","tld":"com"},"ip":{"addr":"64.210.135.114","port":443,"asn":30361,"as":"SWIFTWILL2","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:15.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youjizz.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Dec 2024 00:00:00 GMT","end":"Tue, 06 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7","sha256":"B8:B2:2C:F3:DA:14:43:7C:79:64:F3:2C:36:B2:0A:52:EF:A7:AE:C8:FF:5D:57:E2:D1:26:9D:FD:B8:D7:77:B9"}}},"request":{"raw":"GET /d/b/b/dbb88a6eab427f1e258ab0cea833eda81349737867.Tight_Skinny_Teen_-_Teen_sex_video_-_Tube8com.flv-14.jpg?revnum=1 HTTP/1.1\r\nHost: cdne-pics.youjizz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Nov 2025 03:08:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13423\r\nlast-modified: Thu, 21 Jun 2018 09:14:37 GMT\r\netag: \"346f-56f23583586e4\"\r\nexpires: Fri, 06 Mar 2026 07:35:36 GMT\r\ncache-control: max-age=10424735\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,OPTIONS\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=300\r\nx-cdn-diag: ams5-6140-2-2960347-h-0-0---;6249-34-1445967----0-0-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13423,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"Lavc52.123.0\", baseline, precision 8, 308x232, components 3","md5":"373c9b67c2705a57b339c09b923e194c","sha1":"5aa1567a44d9552e7179eb6f7b29dd63ff7da1e0","sha256":"be3bfbcc2311f3d918597f369b639420d43dcef6a9a7ce6fe64fd08702684161","sha512":"e7ddbbad631a3882adf7c88cdd69dc6baf20cd50cb3a1aa7f167b638f6c98c969b8ce4c72d921c02f754e1dfa36323d0a0a232cf560e7fd61c30c448fab30ad7","ssdeep":"192:F3X3LOMuizfKvfNyTA5polqh47H16xW8FoN+lIHFbNkfPJPibYjkPWf+wt6qZiKX:F3lHzfKvwIelmYHD8oRNkH82kPWf+Q6c","tlshash":"a152b026ddbbe89de55af2324d03384abe8dd402f9e79a24c8d3b1d677231c8442056d","first_seen":"2025-05-26T16:44:39.320366Z","last_seen":"2026-01-24T20:33:37.498846Z","times_seen":17,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":8,"dns":13,"connect":28,"send":0,"wait":19,"receive":4,"ssl":331},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.webvisor.org/watch/48140495/1?wmode=7\u0026page-url=https%3A%2F%2Fav.av4.website%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A34uhc9yx47x503v45ilylhckrosdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2272%3Acn%3A1%3Adp%3A0%3Als%3A1154564248525%3Ahid%3A969749996%3Az%3A0%3Ai%3A20251124030816%3Aet%3A1763953696%3Ac%3A1%3Arn%3A158512607%3Arqn%3A1%3Au%3A1763953696163836378%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C20%2C762%2C1%2C26%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1763953693853%3Afip%3A62ad40cc837aebd1bc6ee147cace94d1-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1763953696%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842534404%29fip%281%29ti%281%29\u0026redirnss=1","fqdn":"mc.webvisor.org","domain":"webvisor.org","tld":"org"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:16.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mc.webvisor.com","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 18 Aug 2025 21:05:34 GMT","end":"Mon, 09 Feb 2026 20:59:59 GMT"},"fingerprint":{"sha1":"52:51:83:17:11:3C:6A:D0:47:28:FB:42:75:CF:6A:DA:48:B5:5A:C8","sha256":"69:B8:8D:9D:77:CB:F9:C7:48:04:E2:8C:99:28:7C:EF:5E:C7:2B:43:D6:52:7B:21:D2:99:F6:86:18:A6:0F:80"}}},"request":{"raw":"GET /watch/48140495/1?wmode=7\u0026page-url=https%3A%2F%2Fav.av4.website%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A34uhc9yx47x503v45ilylhckrosdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2272%3Acn%3A1%3Adp%3A0%3Als%3A1154564248525%3Ahid%3A969749996%3Az%3A0%3Ai%3A20251124030816%3Aet%3A1763953696%3Ac%3A1%3Arn%3A158512607%3Arqn%3A1%3Au%3A1763953696163836378%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C20%2C762%2C1%2C26%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1763953693853%3Afip%3A62ad40cc837aebd1bc6ee147cace94d1-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1763953696%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB-%E5%8B%95%E7%94%BB%40AV4.us\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842534404%29fip%281%29ti%281%29\u0026redirnss=1 HTTP/1.1\r\nHost: mc.webvisor.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://av.av4.website\r\nReferer: https://av.av4.website/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: yabs-sid=651117881763953696; i=QPdUMFmF9L7x9u91saoBFf8I9dbwrsOU0Mp51SULCt3VxNgfVX0d3PS2A3FT4ZO9FRr7VnyaHBXsbwoRtmCFHusYLuk=; yandexuid=9514239661763953696; yuidss=9514239661763953696; ymex=1795489696.yrts.1763953696#1795489696.yrtsi.1763953696; bh=YKCYj8kGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 665\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\naccess-control-allow-credentials: true\r\nlast-modified: Mon, 24-Nov-2025 03:08:16 GMT\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\npragma: no-cache\r\nexpires: Mon, 24-Nov-2025 03:08:16 GMT\r\naccess-control-allow-origin: https://av.av4.website\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":665,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4df77ce02c4fb5e85bf720937b4525be","sha1":"51e6b3692274d9aaf56fd8d53a73d5ffc74a43cb","sha256":"03d11b3eba91ffd65a5bd4db8b760b0534105c63933489f1f93b9287a0d5ba67","sha512":"52c47f178a498d25232a02079489f1ff1550f9489020261c954b0f4388ff8f8f1fee79af17b3b2baff48290c8d404031669c476112a849992f2fcdc4fdaadd04","ssdeep":"","tlshash":"400123183a6d047249c70fd8597e311230dc224d9c913bfa6dc3d2b4488ee9b3302ab0","first_seen":"2025-11-24T03:08:53.453275Z","last_seen":"2025-11-24T03:08:53.453275Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.youtube.com/vi/-97_lgMCnpA/0.jpg","fqdn":"img.youtube.com","domain":"youtube.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:17.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /vi/-97_lgMCnpA/0.jpg HTTP/1.1\r\nHost: img.youtube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"youtube\"\r\nreport-to: {\"group\":\"youtube\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/youtube\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11359\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 24 Nov 2025 03:04:09 GMT\r\nexpires: Mon, 24 Nov 2025 05:04:09 GMT\r\ncache-control: public, max-age=7200\r\nage: 248\r\netag: \"1466676395\"\r\ncontent-type: image/jpeg\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11359,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3","md5":"bc4d9894ee6ac014dab641852bfb1079","sha1":"d5a33c49817e5395b0450247ee7a1dccd948558a","sha256":"fa51b49d9dc80e782a73fceb37b6c458491ba4ec42bcdf3a7e35472fe202f8eb","sha512":"1bc2011f9e7afe2a9b88445212f84a5e052fb7bea681671fb7993c5e39073a42b3b818e119144551a40485b7acd45d0bb48879e3b0117db6b43f2f08d1fb4845","ssdeep":"192:fYNvvtDyXXXUMgD+8NaKk1JuqCprNlLFRNPLPYsTyGLAZpflNjl:QNNDynEMSXK1NCprdRFPFjLKxlX","tlshash":"ba32bf672254a209f4292e7b52eed0ccbad0cef173b23ca8636065755ca64c12c0bba5","first_seen":"2025-09-19T04:19:40.238539Z","last_seen":"2026-01-24T20:33:37.452727Z","times_seen":37,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":147,"dns":88,"connect":31,"send":0,"wait":34,"receive":3,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sexsex10.com/favicon.ico","fqdn":"sexsex10.com","domain":"sexsex10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:18.429Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sexsex10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T17:09:26.793872Z","times_seen":14067879,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.duga.jp/unsecure/tma2/0385/noauth/jacket_240.jpg","fqdn":"pic.duga.jp","domain":"duga.jp","tld":"jp"},"ip":{"addr":"58.156.255.108","port":443,"asn":17506,"as":"ARTERIA Networks Corporation","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.duga.jp","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Dec 2024 06:29:27 GMT","end":"Tue, 06 Jan 2026 06:29:26 GMT"},"fingerprint":{"sha1":"0C:84:EB:45:29:A6:F2:F3:27:78:C1:B0:45:28:2D:19:98:94:47:FF","sha256":"8F:C6:47:8D:65:BF:8C:B9:8A:5C:D4:39:3E:E9:57:41:46:FA:F6:FD:95:7F:01:EE:7A:02:66:D7:19:C5:59:72"}}},"request":{"raw":"GET /unsecure/tma2/0385/noauth/jacket_240.jpg HTTP/1.1\r\nHost: pic.duga.jp\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 24 Nov 2025 03:08:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53783\r\nlast-modified: Sat, 07 Dec 2024 11:36:24 GMT\r\netag: \"67543338-d217\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53783,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x340, components 3","md5":"b291db1776550c6bad92dcab83a1c272","sha1":"85aa7887cef8fe1b8830fa5eba28ccc7da643905","sha256":"ecdf17cf9f1443e3c9450254ac11c3d033757cf3458af467608d1664e99ba4b2","sha512":"d02b70291751d6a7e320a3b32873fbe51fba202d1ac25962ebcd0ea80671a044ce6e9901ce7c172b0645cb19d6873f503669239f3adc1cbee7b5455ae97af26a","ssdeep":"1536:eafA5LdePi5QuYw4tDXjJn3BFQ6HpSIYZjDtQXHoCBB3hu:2deq5QuYwyDzJX3ajaXvBI","tlshash":"b933026fa7b70133bf87131b732b59650905c229ea47b69f9ced319f1a382e6c009519","first_seen":"2025-06-05T17:56:20.478419Z","last_seen":"2026-01-09T07:48:48.603586Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2903,"timings":{"blocked":1058,"dns":58,"connect":253,"send":0,"wait":504,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1259667713.vod2.myqcloud.com/d677a621vodtransth1259667713/3441478a1397757891023612626/sampleSnapshot/sampleSnapshot_20196_1.jpg","fqdn":"1259667713.vod2.myqcloud.com","domain":"myqcloud.com","tld":"com"},"ip":{"addr":"101.33.11.223","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://av.av4.website/","date":"2025-11-24T03:08:14.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.vod.myqcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 04 Jul 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EA:9E:D0:98:B7:67:96:6A:C2:B2:9E:EE:64:AB:E0:97:95:8D:D4:6F","sha256":"F6:E7:E1:91:5B:A5:46:62:73:A0:43:2A:E4:B9:F8:41:E1:4E:9B:86:D8:39:7B:36:BA:33:BB:27:72:D7:1C:C8"}}},"request":{"raw":"GET /d677a621vodtransth1259667713/3441478a1397757891023612626/sampleSnapshot/sampleSnapshot_20196_1.jpg HTTP/1.1\r\nHost: 1259667713.vod2.myqcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://av.av4.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 28 Oct 2024 11:00:42 GMT\r\nEtag: \"dde16705507f59c6ad5750f92ccb85c8\"\r\nContent-Type: image/jpeg\r\nContent-Length: 65732\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 6621998538890167043\r\nConnection: keep-alive\r\nServer: lego_ovs_video\r\nDate: Mon, 24 Nov 2025 03:08:16 GMT\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Origin,No-Cache,X-Requested-With,If-Modified-Since,Pragma,Last-Modified,Cache-Control,Expires,Content-Type,X_Requested_With,Range\r\nAccess-Control-Allow-Methods: GET,POST,HEAD,OPTIONS\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":65732,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1280x720, components 3","md5":"dde16705507f59c6ad5750f92ccb85c8","sha1":"cb29bb8914f090500d96f50bf26843f491c813f7","sha256":"8c84278929b356a3d1bc4a340467e998d74a1be480c5cb207786eab23ff7003d","sha512":"2ad95b885e572df62f44d620e867c55005458120b5c59769bafef46c5703ce3f2cf1e0f8e5f777200d8bc2b30d247349e958fa49419ed049103e6bc99fa1fd59","ssdeep":"768:aGeJQe3RS2BMGDjlbh+GbAUXhOLzunNchgQF3JekpXZ0FVsBIjVcNTvAuC6yjpHS:/+QeBbjPIzoNc2ypXZAihw3TshrumXD","tlshash":"4053026a44291dcad4f442305cefa928cbf743f8e2ce9764d14084751af2788fe5caac","first_seen":"2025-06-03T07:12:33.348918Z","last_seen":"2026-03-03T08:08:10.189105Z","times_seen":79,"resource_available":false,"data":null}},"time_used":1957,"timings":{"blocked":-1,"dns":826,"connect":21,"send":0,"wait":24,"receive":21,"ssl":1064},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}