{"report_id":"4c7d2635-4c78-401d-83e7-7de2402cff6a","version":6,"status":"done","tags":[],"date":"2026-01-07T12:09:50Z","url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"104.21.32.236","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"title":"75.pexeburay.com/","dom":{"size":2742,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2653)","md5":"e79ed106a3247a9eb0f583a3c72bded0","sha1":"a2c2e4af442266734a43ded02091c12e215775db","sha256":"92d07509f4cadbc0e352d6747973b71ab85899533a1b39c78d8393eaa74da457","sha512":"dceb19cb29034e77beac1664a4835af63c00669336fe33a3b07a4462358847044366ac625e7e8e892900b11cbe124c543772e358a055e1fd360264c05d0cc147","ssdeep":"","tlshash":"bb51d8ff734a78268f4160e5103f5204e4bb5014b899c941eea5f8d49d79aef43b2eac","dom_hash":"domhash48ac854a4779f478aeefcee14490c06d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"104.21.32.236","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T12:09:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-07T12:09:25Z","timestamp":1767787765,"ip_dst":{"addr":"Client IP","port":36338,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO TLS Handshake Failure","source":"{\"timestamp\":\"2026-01-07T12:09:25.312461+0000\",\"flow_id\":1824048131976541,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"188.114.97.1\",\"src_port\":443,\"dest_ip\":\"172.18.0.40\",\"dest_port\":36338,\"proto\":\"TCP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2029340,\"rev\":2,\"signature\":\"ET INFO TLS Handshake Failure\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2020_01_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_01_30\"]}},\"tls\":{\"sni\":\"www.75.pexeburay.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":213,\"start\":\"2026-01-07T12:09:25.306525+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":7987,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.75.pexeburay.com","ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-05-11","domain_rank":0,"first_seen":"2026-01-07T12:09:51.595822Z","last_seen":"2026-01-07T12:09:51.595822Z","alert_count":112,"request_count":28,"received_data":1036840,"sent_data":10730,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.1.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Popper:1.14.0","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":1,"received_data":21520,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2026-01-04T23:46:08.267685Z","alert_count":0,"request_count":1,"received_data":51574,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2026-01-05T00:32:50.346704Z","alert_count":0,"request_count":1,"received_data":122084,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":6,"received_data":72387,"sent_data":3355,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-01-04T22:40:02.941781Z","alert_count":0,"request_count":1,"received_data":86941,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kuolkoola.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-20","domain_rank":47044,"first_seen":"2025-05-08T22:43:24.287422Z","last_seen":"2026-01-01T22:58:40.469813Z","alert_count":0,"request_count":4,"received_data":7639,"sent_data":2375,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-01-04T22:45:39.840493Z","alert_count":0,"request_count":1,"received_data":87913,"sent_data":448,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s.uuidksinc.net","ip":{"addr":"31.220.27.135","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2015-05-05","domain_rank":47808,"first_seen":"2015-07-20T12:00:35Z","last_seen":"2026-01-01T14:21:41.471585Z","alert_count":0,"request_count":1,"received_data":560,"sent_data":689,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.23.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"openrtb.tds.bid","ip":{"addr":"85.202.195.162","port":443,"asn":48716,"as":"PS Internet Company LLP","country":"Kazakhstan","country_code":"KZ"},"domain_registered":"2022-07-21","domain_rank":0,"first_seen":"2025-11-27T16:51:28.145531Z","last_seen":"2026-01-01T22:58:39.828011Z","alert_count":0,"request_count":1,"received_data":192,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"uuidksinc.net","ip":{"addr":"31.220.27.135","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2015-05-05","domain_rank":6184,"first_seen":"2015-05-31T08:43:35Z","last_seen":"2026-01-01T22:58:39.50122Z","alert_count":0,"request_count":1,"received_data":3122,"sent_data":563,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.23.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tsyndicate.com","ip":{"addr":"94.130.167.206","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2017-03-08","domain_rank":1289,"first_seen":"2017-03-16T09:04:54Z","last_seen":"2026-01-06T09:56:19.20983Z","alert_count":0,"request_count":1,"received_data":855,"sent_data":503,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20495,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T16:04:20.787448Z","times_seen":5892,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","size":50676,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-22T16:04:20.786709Z","times_seen":6585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d299fc4158f5ee271d32054f20c567b","sha1":"f7a0862ea30145dcb0a90604dd7898a40e53feb1","sha256":"c9ab2db9b28f51129edfd2aff30ad067245bd34b028991e08f56f7c947f60495","sha512":"cfd527d72368746c57394fde01a5bf34d2a2c64db14d77c41a73f02bd063c5d3a89edb8042774ec98a11cd77e5790004e4fd1d34025976df1dc2bcf49a1fc7bd","ssdeep":"384:hEO8LLwmwafzrI9INlsGx51lVEG42vx6jOv:2HLFNfaelsGL1l+G42vd","tlshash":"6ad26e1c8bf230b9a67fa17ea25f681478e3717b4084d501f5cd92406fd9a43c9ba6e8","size":30513,"data":"","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.4379Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"be3424df8e7865a0fb51c5795569c66d","sha1":"f4d5510869e15be455cdb3b4c60d68e417679fb9","sha256":"3013c73845767be60718111050f947938873f0bacb90e9729dad75bc0103b72c","sha512":"8c64b820f8eee28a5af0da95ff1fcfba63c2f638587697e9ca8934fdd0ff931424c2130998dd19ef1d76c6145fb3be99c7951bf5304a00916b3180e9337a0bc2","ssdeep":"","tlshash":"fc518f7b98a752312a77206a4b6ff210796750331488e8017f9ce700bfa4d1fd669be9","size":2897,"data":"","first_seen":"2024-12-10T07:43:32.152897Z","last_seen":"2026-04-04T02:04:14.552112Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T16:11:38.558201Z","times_seen":122531,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab4681ff11ea8bdd4a9ed4d0a35c8516","sha1":"303697653c882b82f6f3166f682929182af7b430","sha256":"bec24dd2ba9de50a9994f539980aad8406c1fa2c868a853a31870f931e5222b3","sha512":"cc7cf7967ecf93cf06dcb5d5e0b021ad59a3010129180231b7368748fcd9e665dde1ce46fb6d297906cd9df777c67679962a8c7cdba823d0255298933cbe5583","ssdeep":"48:lFZ2swbMigMITnoUH3ZHyvVSyuBqsKcaXe1xib2EF4L3xpACW:Z2swbMjp7HI+qsKcaXe1xf3xpACW","tlshash":"fb910f5ab4eb11e062a7b016d95b5d0438b740bf7a0acf107d9d1ce93f9a434c1b221b","size":4216,"data":"","first_seen":"2025-07-31T20:24:30.294574Z","last_seen":"2026-04-04T02:04:14.55287Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uuidksinc.net/matchx","fqdn":"uuidksinc.net","domain":"uuidksinc.net","tld":"net"},"ip":{"addr":"31.220.27.135","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"39082cf170c0a3b3b4b668cc58538680","sha1":"adcfad95d884cf9fb9adb50c7db8dc7fe0563abc","sha256":"2c55912535071a995289743ad92b47e1ae37d89fae21b4f7e475a8aa5cbcfd35","sha512":"cc1e16db6f310584a6916fd2663a5ff7a4bdfb47a1c4065296d1387142bbb3e66daa8d18d0c09fe1533617508c0bd6df5ef1cafbf5ba61d47046d9a23c8e3b11","ssdeep":"","tlshash":"b651c9ff734a38264b4150d5202f5204e0b750147899c941eda5b8d49d79aef03b2eac","size":2656,"data":"","first_seen":"2026-01-07T12:09:56.334337Z","last_seen":"2026-01-07T12:09:56.334337Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"753dbb5feb34a49295103c16fbbe983e","sha1":"cea88eecf90a2b08ee38ced5c5e2a0ee05aef480","sha256":"c5f375974422e8bac1601a46d2fbfc705028a09acf7077fc407ca12205916db8","sha512":"6c0abe7d0ac77f2ef49014cbbf1aaff7d4111974045dbe3bd16e5d366f980daa6698241eb3ed7d77a94f52cce1c7cf012ebc2f3399be8cce9d7c0e3773257881","ssdeep":"","tlshash":"dc80000faaa28220a022000f0a8222a028033832028200002a0283c022a3c0388002ca","size":28,"data":"","first_seen":"2025-07-31T20:24:30.302021Z","last_seen":"2026-04-04T02:04:14.553814Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"842f960d6b87a586b57595a9f79bf93c","sha1":"1dd3ee042224991efe9d488996d7ad49e2b268df","sha256":"b9708a7e2806e43dca0d6509a91fee7b718ba70c50aa60a2ef81b5df59ae6eab","sha512":"8698fad68917955c243dfc6e708a95e3dd232f97d0a3f4b722ae550752344178aecaebe0e0a2460c1c7fdf4c1eb365f30e4e8ba5a535179f076dd2bf2a24aa27","ssdeep":"","tlshash":"8bf08c2e45a6263028b7b07f5b8f7604256310a70409c9113f8cc680ff36a7f8ef66ca","size":630,"data":"","first_seen":"2025-07-31T20:24:30.306839Z","last_seen":"2026-04-04T02:04:14.554793Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","size":86351,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T13:48:50.993803Z","times_seen":9901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","size":43509,"data":"","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.1.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.1.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1514f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 07 Jan 2026 12:09:25 GMT\r\nage: 4070806\r\nx-served-by: cache-lga21948-LGA, cache-hel1410027-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 99, 9058\r\nx-timer: S1767787766.604263,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30019\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86351,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32014)","md5":"05e51b1db558320f1939f9789ccf5c8f","sha1":"c72c1735b4d903d90dd51225ebefb8c74ebbc51f","sha256":"702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb","sha512":"ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTv:2Qcd5hNLxTwn3t0iUHiTDU8Cu5","tlshash":"4383e6d9b2c670529b7730b850bf450bb17a98dab44c8da0f068c5d47eb4a8d907bf2c","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T13:48:50.993803Z","times_seen":9901,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":61,"dns":21,"connect":13,"send":0,"wait":13,"receive":5,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/search.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.554Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/search.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 2493\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-9bd\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5L9xROGdPX3T8zUIvp%2BivqPg3n63%2B9u7tCKr2xr96Kj1xs%2By8hOIVv3%2F%2FmA9yT6ITfu%2FcOuD5JnPV9hZpmdsUs%2B17wglbcyUsIJvR8ChD547zg%3D%3D\"}]}\r\nCF-RAY: 9ba3589f4ab956c6-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2493,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced","md5":"b6b3c8c375f6ddbc8e017a0920ed8825","sha1":"f60ec6f03911ac85c7561c602c5f4198822f4d63","sha256":"96f31184bb317616f6021b01ad5d2c4cc5b210fe8ceae265384a5d3852461524","sha512":"a618dbcfe1d6d1ea33205c169425abe3a776fff6cbf84ced4c96bac2df88a9e5d0a052dd9c908b03b12f77388c8022a22f21360543039bc48d6db82560f995eb","ssdeep":"","tlshash":"9e515b154d096fe2c7488a0310fb0e00bd2f07aeb3a2ac1cab23b52237c04a7cc4a5c3","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.537923Z","times_seen":60,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":86,"dns":0,"connect":2,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 12:09:25 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6458\r\ncf-ray: 9ba3589f0db85a0f-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fa9-500f\"\r\nlast-modified: Mon, 04 May 2020 16:15:37 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1743954\r\nexpires: Mon, 28 Dec 2026 12:09:25 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=OR%2F71JYU2JoMcw3i3qxTRp%2Bh7Q1vdohHlFpQ3DZ7NOk09%2BNGYb7dq7YrEvLDGIWo1LBmBhA%2BlVo8EZgbhQD%2FRcIYvzmcrDVHJAaRn3%2BEet5yr65RFix8%2F3w17epydJZaakFvClxQ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20495,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (20322)","md5":"6b08ddc901000d51fa1f06a35518f302","sha1":"bafe987c18cbe0587de3e6360e7da40a2885614b","sha256":"02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5","sha512":"7a97fa1cf4a12d0f338090f8a4ffad48d91843d6955304de5f6208de394642b0b412d6fd30d7a880cad92200a8f7f2005c40324bcce3cfeda7b14a57dff098ca","ssdeep":"384:f5LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9A:hNVVVnyiU41xXvlD7wx+v0xyGTgnZO9A","tlshash":"3a92a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-22T16:04:20.787448Z","times_seen":5892,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":22,"dns":19,"connect":9,"send":0,"wait":12,"receive":1,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 04:32:06 GMT","end":"Sun, 05 Apr 2026 05:31:55 GMT"},"fingerprint":{"sha1":"E4:3E:65:D3:05:EF:8F:3A:11:69:6A:52:FE:6B:BB:A4:DF:73:4E:E5","sha256":"B9:7B:F7:C7:4B:6E:66:E0:D7:DA:7A:8B:0D:2E:8F:2F:E9:28:B4:AB:91:95:86:14:DF:44:15:CB:39:DC:EA:41"}}},"request":{"raw":"GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 12:09:25 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9ba3589ebcbac272-OSL\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"ce6e785579ae4cb555c9de311d1b9271\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:05 GMT\r\ncdn-cachedat: 08/01/2025 15:37:48\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 713b277a3541891cb6603e66c15bc60d\r\ncdn-cache: HIT\r\ncf-cache-status: MISS\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50676,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50395)","md5":"ce6e785579ae4cb555c9de311d1b9271","sha1":"5ef2c15b47d7290698c737676ba9c3056b45f2e8","sha256":"0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339","sha512":"a601871568c1b5b2874d30d6e5bb8667d994d2719fc4d6af7f99162bf39ddae800ffff45b8c1c0ba790088c7b98de2ffe565b5af4531c0a8ba0f92e930e243df","ssdeep":"768:D2Ybgh0GBxTHVmcmjWSLsynS/zZ/AcyUenY8yiKKdHPPm26Ro1FH4nx46:D2jh02Lh+SbZ/AbYqdm2mx46","tlshash":"b033b94a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd88312bf3c","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-04-22T16:04:20.786709Z","times_seen":6585,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/home-header-bg.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.100Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/home-header-bg.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/assets/css/main.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 117934\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-1ccae\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0CQsFcHtD1MPQ7kLLCeI1mDTZPTxwoGKPbRaWaymLUt0QmtTMJaavh7vP1QEVNEAreTUu48jVIVQDuWu9jZwhipWcCjg96gSFkPdI4UD%2FL9hOQ%3D%3D\"}]}\r\nCF-RAY: 9ba358a218d40afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117934,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1052, 8-bit/color RGBA, non-interlaced","md5":"192a5c4c38c4668977b4ab6e475d8e2b","sha1":"9e4b5e9ae9a39ea67bce6aa786d14ddd09d428b4","sha256":"a3af5ceaeb32f7ccd4d31b8818802a077ecba3a6edd51ce003ce3eaaf168290f","sha512":"4ff4954766b31133ec4e494bd2eac14dd8ab2a1f629326806ce3799b05f98494e2ddd978df0af736165e26686a913fac4ed84d3d566c7b9433d88bfc184ab29b","ssdeep":"3072:IOAF2lYW5529Zs6MaDVVeNAf1+LCkKYD2w8I1C6Hn:TAFT28Zs6MaDVVeSf8E+h86C6Hn","tlshash":"ceb3e1058d1185e5c3b164b8eab545b332aa4abb5c0c1f947f39f75f0b9daa4f0e02d2","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.542681Z","times_seen":59,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":75,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuolkoola.com/js/cs?uuid=70552455-7e88-4682-b733-76e944032465","fqdn":"kuolkoola.com","domain":"kuolkoola.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:27.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuolkoola.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 07:23:19 GMT","end":"Tue, 10 Feb 2026 08:21:01 GMT"},"fingerprint":{"sha1":"FC:2B:19:59:1B:38:FB:C7:30:93:16:58:CE:B8:18:51:DA:3B:EC:FC","sha256":"4C:64:6D:FC:40:95:00:94:2F:68:3B:50:95:C3:BC:4E:E5:03:71:D8:2E:42:96:E5:4C:49:33:A3:F6:35:4D:3C"}}},"request":{"raw":"GET /js/cs?uuid=70552455-7e88-4682-b733-76e944032465 HTTP/1.1\r\nHost: kuolkoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nCookie: userid=70552455-7e88-4682-b733-76e944032465\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Wed, 07 Jan 2026 12:09:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://s.uuidksinc.net/match/1165/?remote_uid=70552455-7e88-4682-b733-76e944032465\u0026cb_url=https%3A%2F%2Fkuolkoola.com%2Fjs%2Fcs%3Fuuid%3D70552455-7e88-4682-b733-76e944032465%26oid%3D%5BUID%5D\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nset-cookie: uuid=70552455-7e88-4682-b733-76e944032465; expires=Fri, 06-Feb-2026 12:09:27 GMT; Path=/; domain=.kuolkoola.com; SameSite=None; Secure\r\nvary: Accept-Encoding\r\nx-request-id: 43ead26ec78452abfb4007e08fa8b098\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-ng-name: front7\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UAVp5Bvly%2Fu2w4bkXONJhOXf1%2BPccINCOreu0wwaeptDYf4o4118MaC7tTsnigi5bb3sSFt9rn3IqmBU%2Fvuq%2B8735BHTqGerLDIHlIU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba358a9b87bdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/css/main.css","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.540Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/css/main.css HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: W/\"636262bc-22ddb\"\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DOJXwVk%2FgRdIMY1%2F560P5MlB2uAPHWtgoHmq1AsNu9yARaKtnV7MfiFd39DEqTGuyYFVffBb%2B2izADtJP%2B3knoIOcVBHCypDpEtpRXGpyoD7Hw%3D%3D\"}]}\r\nCF-RAY: 9ba3589e7e650afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0e8e48886b7f4e90eb9e7302439ab163","sha1":"fba1e76f548440f3f0e8c5674bfd45cdf5cfc591","sha256":"3f903c41417fd9e7de5d61b17f03947079e143bf27ac7bb0523c281c4d1664f4","sha512":"c1aa2ddc33b67580fc08e0ef18165464e8f0e42580444178a696fb4fbb79be0c51e62bba382ba53743c24525f135150f3a619cbfbcc92a1c765bc8ce16c0f2de","ssdeep":"1536:FzmKQIdelHkbmHuhzL9oMKQDUV1AAstjt4QLxN4fBgskOhDx4qDP4t/ROO4R/gac:zbqIjOhDx4qDP4t/R4Q","tlshash":"b6d39687faf121453426a5ac64ebebf5773a0043c20ddeb9b766621ccf8c7c055b2a49","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.543663Z","times_seen":45,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":91,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/firefox.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.564Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/firefox.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 5945\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-1739\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AtxiAgB63nLk0D%2B9uEfxxVzZQLGhB5pkO0H62juPC4GUn0o%2F9trggbtmjh8GSBAmiFnmKHPaKPHqdxsnAjRAnpgu2Z64fTBd2hx1RbAEO%2F4PJA%3D%3D\"}]}\r\nCF-RAY: 9ba3589fcaf05693-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5945,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 65, 8-bit/color RGBA, non-interlaced","md5":"c42385cdd6e98752cd109fa26362e4ea","sha1":"053eaf315ab8f47b0f0ff98e5312764d9e27f0f9","sha256":"4d40899423ad62f85f8fd4af029518e8fa9e92f703755b1a0b613184fea53a90","sha512":"3b6ed26d27d20dba42e9057e4724c988bf59f332d5919c8084104c8f66279e20a2c62040fda5a95fd10938c3b349b9174f883e57ba6f03866294b08918a8b13d","ssdeep":"96:+WIPakx+LOOE/BLtUfKupwSdgxVv7XJBDeVJIzflJr6H2TIauhfOFu2Lru3:+WIPrl4fhpJdgxVvjJBDeVJITlTIZfOM","tlshash":"46c19fc57aa13056611d663068df39c2bf67416daf4092276bcf6b4d8e70810590dfea","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.518637Z","times_seen":59,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":164,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/money.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.576Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/money.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 1799\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-707\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QL7C7sxqBMfNihWTKxlYa%2BqYS%2FGNfFAVMgEHLAMBlTgU6c9p6yTmo2GubXlHzum6tM3lAy5HTd%2FAOT8F2BmgvEZtINheBRv9GuiUm%2BlWzDH3Keyg\"}]}\r\nCF-RAY: 9ba358a1bbbc4e4c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 72, 8-bit/color RGBA, non-interlaced","md5":"93bb4e0e40b2717a4be6ee0ff6521dd8","sha1":"3232fc7a2a95a6c74d1822f84f821282f70843be","sha256":"ef0925d7955dd97dd979a6e2c8e1bc91a610b5d7339ab75cb7e784aa11c08ca2","sha512":"e0a9d2b38b1fc20722734704942f655c52e362248d5a3dfb896f2612f20f2ae5db91452ab15762d5ac1a0e5695871056df163424e1c93d22b5cb593597015c90","ssdeep":"","tlshash":"d831eb3e1e2a15b1cfab671330c845069f2ec03785a55a1ff3a5e5518c804c953f476e","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.532569Z","times_seen":59,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/money2.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.577Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/money2.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 4109\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-100d\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gbfLDkUgcxdLF56bVnJEQOgzLiZk%2FiVPD2R9s8MIk4pY%2BsZ%2BiEk%2B7co9Kq8h5tIIkgNegS6kyNMZKlskVUUiNgQEZQlF7P24mPjBf5LUJf9%2FSg%3D%3D\"}]}\r\nCF-RAY: 9ba3589f3c2eb51d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4109,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 73 x 71, 8-bit/color RGBA, non-interlaced","md5":"a2011cdc26f3dcdac89e9e4794799b0f","sha1":"c2f07e2304fa8ba1e4f8deeee5cc7aa24bee296c","sha256":"0c4af66b25e16286fb743ebd4579901ac18c1a3fcbf2558415abeeec8686dd24","sha512":"df11e50ed1cd11180cfe38bbc36f4e62052f9534135d5bfd967bcd76d9cc8323d1e28f6bd2917b7f4bd1ffc0fd5cf08c8031df0d20d3b3b40a1852e6ef2e5260","ssdeep":"96:S/kLwXTWuBCNHd1ZkQHXlnhInYAd/o31gL0+kplQ97i:ScwXqusNHd1Zf1n+YAxoiL0dlg+","tlshash":"92816d576df60b1c542ded7611f46181e89f999904e2c98afa9b7a1bea053c4808324b","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.528536Z","times_seen":59,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/night.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.578Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/night.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 1283\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-503\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CR4pxY%2F7hR9cgaRzM1ydNBJqUXcsdKRPigrLByzSmo3YnC22C3nrr8WU5uNlBmhOrD4Ul%2B%2F0qXSC8FjEfPb4%2FREBTgO%2Fn5MdHi4L3YYVaeWhYA%3D%3D\"}]}\r\nCF-RAY: 9ba3589f38030b55-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 60, 8-bit/color RGBA, non-interlaced","md5":"03f3ade42c0222a27a8c39a2160c9128","sha1":"a72933e2c7b64dca30e510f8e548ccba811dd2e9","sha256":"fed26b5026b7fd43a5d8e97b6ae0fadb6ce398605a2042bc203d8e1eff8d48a8","sha512":"b68ebcb0c535d7845f736bcc2a2b5944fc107ee19675bed491b3b289e6f1c5831f4b5a05168afbca1deb8c53b60b375f1d84617eaa028c85b752694c1c5b6d27","ssdeep":"","tlshash":"9521b751ad99d4b5c7a85b5014ea5820bd3b2e2823c47d57a0e9d8fcdb419dc220abc6","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.547366Z","times_seen":59,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":62,"dns":1,"connect":1,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30399\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 05 Jan 2026 09:58:56 GMT\r\nexpires: Tue, 05 Jan 2027 09:58:56 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 180629\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-22T16:11:38.558201Z","times_seen":122531,"resource_available":true,"data":null}},"time_used":721,"timings":{"blocked":314,"dns":1,"connect":32,"send":0,"wait":29,"receive":29,"ssl":311},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuolkoola.com/event/set","fqdn":"kuolkoola.com","domain":"kuolkoola.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:27.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuolkoola.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 07:23:19 GMT","end":"Tue, 10 Feb 2026 08:21:01 GMT"},"fingerprint":{"sha1":"FC:2B:19:59:1B:38:FB:C7:30:93:16:58:CE:B8:18:51:DA:3B:EC:FC","sha256":"4C:64:6D:FC:40:95:00:94:2F:68:3B:50:95:C3:BC:4E:E5:03:71:D8:2E:42:96:E5:4C:49:33:A3:F6:35:4D:3C"}}},"request":{"raw":"POST /event/set HTTP/1.1\r\nHost: kuolkoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.75.pexeburay.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 116\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: userid=70552455-7e88-4682-b733-76e944032465\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":116,"data":"{\"event\":{\"type\":\"event_confirm_show\"},\"data\":{\"visitor_id\":\"70552455-7e88-4682-b733-76e944032465\"},\"ad\":{\"type\":1}}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 12:09:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: http://www.75.pexeburay.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST\r\naccess-control-allow-headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control\r\nvary: Accept-Encoding\r\nx-request-id: 45f2d59ab5e56de44fcd9501af7d550d\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-ng-name: front7\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kKGuxjmetFFSyUHWaiFYC9mKUiR9bDJ7sNfgJOxwKI1L0F0EKjOYFqQb%2BOiTG2qy2w6a7wlJ03iK5RkwbxulWx%2B2czrJMwUwKd1STyI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ba358a90f12dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.uuidksinc.net/match/1165/?remote_uid=70552455-7e88-4682-b733-76e944032465\u0026cb_url=https%3A%2F%2Fkuolkoola.com%2Fjs%2Fcs%3Fuuid%3D70552455-7e88-4682-b733-76e944032465%26oid%3D%5BUID%5D","fqdn":"s.uuidksinc.net","domain":"uuidksinc.net","tld":"net"},"ip":{"addr":"31.220.27.135","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:27.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uuidksinc.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:22:16 GMT","end":"Sat, 28 Mar 2026 23:22:15 GMT"},"fingerprint":{"sha1":"A3:04:43:DF:E7:27:A9:50:C2:BB:1F:85:9F:88:08:C5:EC:23:CE:9C","sha256":"0A:4A:19:47:D5:5B:1B:87:C8:B1:25:95:05:A5:F0:D5:1F:A1:A0:DE:36:53:90:85:15:21:1A:64:2B:18:4B:F0"}}},"request":{"raw":"GET /match/1165/?remote_uid=70552455-7e88-4682-b733-76e944032465\u0026cb_url=https%3A%2F%2Fkuolkoola.com%2Fjs%2Fcs%3Fuuid%3D70552455-7e88-4682-b733-76e944032465%26oid%3D%5BUID%5D HTTP/1.1\r\nHost: s.uuidksinc.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.75.pexeburay.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx/1.23.2\r\ndate: Wed, 07 Jan 2026 12:09:27 GMT\r\ncontent-length: 0\r\naccess-control-allow-headers: X-Requested-With, Cache-Control, Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\nlocation: https://kuolkoola.com/js/cs?uuid=70552455-7e88-4682-b733-76e944032465\u0026oid=JpTW1ciSAn6L4pK6BWKK\r\nset-cookie: jcsuuid=JpTW1ciSAn6L4pK6BWKK; expires=Thu, 07 Jan 2027 12:09:27 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.23.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":64,"dns":19,"connect":18,"send":0,"wait":20,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/step2-phone.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.562Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/step2-phone.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 70228\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-11254\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2BycxfyR0ic146f0XMsqEBcLyTNsWe%2FmJKRl3B0rohHjZ7ku6MIVQLicUIT2cZPe3KlDsPZV9NGHJtqzMKhfcxzXOyEEfiQVF5zKPq0CG36f1A%3D%3D\"}]}\r\nCF-RAY: 9ba3589fcb4456c6-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 184 x 370, 8-bit/color RGBA, non-interlaced","md5":"0b3b58518b6d767925b13ac025f8b283","sha1":"20583d7e05f8907a828c9811a31ddae27461646f","sha256":"0b871122ad03fc90a59cd52f7250404e2ef72518bdf02d927ff5785427b2e9fc","sha512":"9d6eac98b4021ebf7a80ae0ffef6ced4c2d046b5218137642a22b3f77fab42d58b077b0a7729a05240f8c12ae46091c81651fdc1c6cf1e85e3c02ff5f6ff5b8e","ssdeep":"1536:6q/HTsMilg3x8T2AzI4ZdLoxSK+wuO69Ei4+EQqJUg6lQhoRt:6KsMWsCKh4ZdLoUE89E+gJUmoRt","tlshash":"38630240662bff9bde8a929860dcacd4fd18c114e78b125fc6acc7e0092d7115de5ac7","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.544155Z","times_seen":58,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":162,"dns":0,"connect":0,"send":0,"wait":70,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/blank.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.571Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/blank.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 967\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-3c7\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tnPezAMJgYVMTL%2BmIUeTuxRnhPTqo7McJDMdm7GDjgz8XgNUAkPKTF0NJkwNg64zxH4igmHbv0IRFY40f20WLDAfhgSvgz6%2Fpmv861NKJ8vfYw%3D%3D\"}]}\r\nCF-RAY: 9ba358a09c0b56c6-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":967,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 62 x 62, 8-bit/color RGBA, non-interlaced","md5":"b47e4636ee4b11800af715b92faf3a87","sha1":"9d2eb9174f74ac550817f4eb70545e27c156d90e","sha256":"18a5dec1797dd8dfd98ea838277b27e0fea53d82ce5753d014b73d5a34c5cce4","sha512":"9d0e314bac02c893927cbf377e21d1e7649e3f5abdde6436dce7cfb559aa3d21e221f8b5b77e24f02678e5076e02cec4b83407e652c37163b045f1b9add9ced0","ssdeep":"","tlshash":"4411c80359c24565d30fe63b08dd0608ee1b9b0096b47a1cf667dc9e4d0419534603cf","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.531965Z","times_seen":59,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"openrtb.tds.bid/usersync?id={userID}\u0026dspcsid=Kadam","fqdn":"openrtb.tds.bid","domain":"tds.bid","tld":"bid"},"ip":{"addr":"85.202.195.162","port":443,"asn":48716,"as":"PS Internet Company LLP","country":"Kazakhstan","country_code":"KZ"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uuidksinc.net/matchx","date":"2026-01-07T12:09:27.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tds.bid","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 10:53:53 GMT","end":"Sun, 15 Mar 2026 10:53:52 GMT"},"fingerprint":{"sha1":"28:D5:F8:33:8D:A0:02:9A:CE:C0:CB:45:9D:18:0A:49:6C:66:B1:50","sha256":"13:B9:EF:A0:CA:75:54:14:1C:B7:7D:15:C3:82:D1:39:72:CE:94:AB:AA:74:28:07:68:6E:39:81:BF:38:95:08"}}},"request":{"raw":"GET /usersync?id={userID}\u0026dspcsid=Kadam HTTP/1.1\r\nHost: openrtb.tds.bid\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uuidksinc.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 12:09:28 GMT\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":218,"dns":32,"connect":90,"send":0,"wait":191,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T12:09:25.295Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":11,"connect":1,"send":0,"wait":0,"receive":0,"ssl":3},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/styles/arrow.css?v1","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.532Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/styles/arrow.css?v1 HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: W/\"636262bc-1a14\"\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i1g6aX6DGxBHQ1izjB%2BU7G7dpHs4DnsHt17wUpvZQehw7lkHq7uqhizoXjOuG%2Fhc9S25QVmE6TMV5BUWE2etqzq%2BYw6rDDVnDD%2F7CrDATLLsxA%3D%3D\"}]}\r\nCF-RAY: 9ba3589e7b5cb51d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ed4a61ae7235d0e7573766e78dd3fc02","sha1":"090b5cdab4ff3a3b87f491da06b4db99a8c51694","sha256":"ca50536990b949c20119f3134582c654fcd14fabce2517bbc5255fba7faa881b","sha512":"c2d58441829ea6697f14e85f01e1d0c006b6460cd110969578263423016232f407b40490eb5dfde4fbe02e47ac1e19c8db508b8fc0c7fea7a28920c0ad573165","ssdeep":"192:jKRrDP7WWP/8O+t6cjfwZVMLLmmGTA3P8JsRYJbwAzXJtMzZzINvOQpsLr6O:Y3MLLmmGTA3P8JsRWbwAzXJtMzZzSvO9","tlshash":"94d173236a5e2c46a05ed898efd09f4e261f41d7664f8c99fd80340d9fc89a48996f8c","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.435385Z","times_seen":482,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/free.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.549Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/free.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 1190\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-4a6\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xOF%2B38KIATGpb4pAp7Rn2lp1N5JKp01J3TMDHNaRSASGn5X3dX3KGOsebviyLI0Z4BCXSuYq6hfCRpe9z%2FONwxDLYr%2Ficc8C%2FXC1QtSkgheFEA%3D%3D\"}]}\r\nCF-RAY: 9ba358a0c80b0afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1190,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 68, 8-bit/color RGBA, non-interlaced","md5":"ffc46d0a260b965b82fe6bae52345b29","sha1":"7e2ad61e00aff93b3c5fc9e4c0639d9d2d36600c","sha256":"e43ec096f8a53418bac5602c336b02e8ef394586fe059cc2e512b50dd02e94d1","sha512":"368ef4427e8aea7354d65e866b0afe0e7ea533518cd4ff0fa1567b627e44a24e9164b86f794f45f6e2cde29198d0f7b486dc612386c3e9a5ec68b9b9c5e97a26","ssdeep":"","tlshash":"3621da4b184724e3d369a564d0dca036e51e9f1152453b0cff476cf283000cf5ada5fa","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.540156Z","times_seen":59,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":335,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/step1-desktop.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.558Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/step1-desktop.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 134700\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-20e2c\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F4%2B%2F7z%2B9Mvg%2BGkosdCw5HzgHSOAu%2B3HFXzITgJfn9nvNmisP%2Bk4ro9G58U0luq2stgDy8L26d7K0tOmVmW7y3bBIUcOZ%2F9j9KxMw6AIzOAK9AEkI\"}]}\r\nCF-RAY: 9ba3589f8d2d4e4c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134700,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 578 x 318, 8-bit/color RGBA, non-interlaced","md5":"7eff8dfdcf53e466eccefdc9aac9e732","sha1":"b801c28598a2a14c93fe1c6320c4ef0ed719088c","sha256":"74f435be425bebb4f4b195c116d6d2607dccca64b047bd7dc45f5e0a64c45fda","sha512":"387bbc02947e03f57819056711dd2f194cad7a908acd14b502201fba828ab74ccaf9ca898f4a936494aece502fb0b8d9a488cbe7f4c0e5de41e4dcecbd9ee02b","ssdeep":"3072:h7pDpxm7llbHUoKOcyiSuVfOKtct9YSR9bqfPsq53Ps+uT:V5SbUrFvVrGdOsYe","tlshash":"50d3123436cd4137871b9f271037d806e66a62d2080d3693b163afefa6a779f0979308","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.541328Z","times_seen":59,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":129,"dns":0,"connect":0,"send":0,"wait":78,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/favicon.ico","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.305Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:26 GMT\r\nContent-Type: image/x-icon\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gw1oJN9BxWZAKaH75f6hwwaiiRzBpkME7L%2BK4OkZsLFvoTReIFWZM4Dj82zJfQz38CJ5pde%2FNLTApQJsQD7xBn4Iu7hVNhVtCsKd46Ow3%2BQlSg%3D%3D\"}]}\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nETag: W/\"636262bc-1007\"\r\nContent-Encoding: gzip\r\nCF-RAY: 9ba358a369800afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4103,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"4cdf3256cd7b8ec3917adb79d6bf457e","sha1":"bc615337e9223183a126c8fb649774866fb53e69","sha256":"fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0","sha512":"2bcd90a667b80393690e244a979e36e9f482b419e52302571a41412aac296aac1d58f81787b38d00a00257dca8bd3dce7cfe6ab8ef12aa3a91e0801ee3c3f21a","ssdeep":"96:LSDZ/I09Da01l+gmkyTt6Hk8nT2JCkun8i01FZZN:LSDS0tKg9E05T23un8h5N","tlshash":"2e818daf99b0d47f7938fa400dce8281e279256c197637ad94e5c5ee00a7b031bb0232","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-22T16:12:59.093245Z","times_seen":8788,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/first-screen.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.547Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/first-screen.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 123973\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-1e445\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MyACAWSKc6C5zbQt2eImzELYXv5HGHG%2Fl%2Ba6hInE6HDQO7GaCjt7RphHP87zgHPrdEZoVHORrU78Z4LanekWs3A7k%2F57vKzEUw3EKfqw%2ByacvA%3D%3D\"}]}\r\nCF-RAY: 9ba358a04b7f5693-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":123973,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 876 x 545, 8-bit/color RGBA, non-interlaced","md5":"0c05f7ca76aad0880ffc9ea69bfc2d69","sha1":"bc913ac6fbf4922aa3c8fcf93324b70820f1a9af","sha256":"64286c5fe05745673323c33b0249253068742861f7c2ae712f2308b40d83308e","sha512":"b4493833bb8d4619af90c2bd8aceed535efa9d180853b82cc838d28dabae3df353859ae1ac44dff1bc54fc6cc7dd648a4d93e36cb8033110c4e695526572f019","ssdeep":"3072:9I+R2vDWH92pu1AEBjNiSo5HatPxsI3zZpcrHBB9xn/Q8:6+R2bWFzBhvopBI9UX5","tlshash":"9cc312976be6e8284a890ecfcf9db64c1217eacfc0f357a590ea733895570900d92746","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.52562Z","times_seen":59,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":260,"dns":0,"connect":0,"send":0,"wait":76,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/step2-desctop.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.560Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/step2-desctop.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 200767\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-3103f\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vf%2BeGy%2B2TnjEZUEGCujuK5cAMKDRu4C6NZXYvtZ%2B8QnyudHmmF8ebgyQcOB28lgusMBrqi56IpRcg7R19dX4zDsbkQG%2FF%2Bw2dwn0H%2BKmG98EUA%3D%3D\"}]}\r\nCF-RAY: 9ba3589fbf520afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 579 x 360, 8-bit/color RGBA, non-interlaced","md5":"99076f358d9fea4f29adef6c3bb741fa","sha1":"eb50acc9bcf731715101e838c8fea279409d50f5","sha256":"31fe8af2ec08e0515f66da4a9a949305a0d256af3308f37dd2b9920a2b35e011","sha512":"fdd0d89afc1f0a9e73d3b0ba181a1b4d7076d94e9fe704a4adbf041709c9003389972da67548704d043c94f050b7b47b163a9ea82618136083fdca9af81e2fd5","ssdeep":"6144:fC3WuwzZJqfwLIy7O0KRZ8urHiwjQAvsHpbX1KwA1tMTTfB:fCFwzZkiIy71KEKQsMT1EvMHp","tlshash":"ad14239938d896794fc20de88dfbf262a7b3e2a445f48d040322f455e14b928d94de9f","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.53871Z","times_seen":59,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":153,"dns":0,"connect":0,"send":0,"wait":72,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/factors.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.579Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/factors.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 1808\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-710\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=91JqPVXZx5Dnp7FN2IMqbxKQDajdJ6ef%2FomVO9GSsydXOrhOCOgKjgj3xM1YVJhuhyiVjuQ1oXyTjCnmZxtWBQCvz5iu3vlBlmhH41A6RLCCeg%3D%3D\"}]}\r\nCF-RAY: 9ba3589f3a725693-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1808,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 54, 8-bit/color RGBA, non-interlaced","md5":"1f4b1b634ea6c1c5d6d11d81d7bda98e","sha1":"8858bf74f87beab9a34f703851ec6b8b8d670ef3","sha256":"b47f1918a6a67c7c1fae260f50fe0d5dc0c078948929ca6fdc0576162c58af94","sha512":"5f46efb1400580c3a7a45ed09f9ed994f92f13985c2c8688ddc49344efcc52024bec9a132c5df1796f8f04ff2e6ccf97a6bd903635ec8acd0b5d80ed11810fde","ssdeep":"","tlshash":"59314d2d29425051c3a45b35c3f10057471d5d009df52138fe9e78bf3f980e8142d9af","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.541841Z","times_seen":59,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":61,"dns":1,"connect":1,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kuolkoola.com/44740","fqdn":"kuolkoola.com","domain":"kuolkoola.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:27.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuolkoola.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 07:23:19 GMT","end":"Tue, 10 Feb 2026 08:21:01 GMT"},"fingerprint":{"sha1":"FC:2B:19:59:1B:38:FB:C7:30:93:16:58:CE:B8:18:51:DA:3B:EC:FC","sha256":"4C:64:6D:FC:40:95:00:94:2F:68:3B:50:95:C3:BC:4E:E5:03:71:D8:2E:42:96:E5:4C:49:33:A3:F6:35:4D:3C"}}},"request":{"raw":"POST /44740 HTTP/1.1\r\nHost: kuolkoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.75.pexeburay.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 179\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":179,"data":"{\"visitor_id\":\"\",\"domain\":\"\",\"confirm\":\"\",\"mode\":\"native\",\"proto\":\"https:\",\"osp\":0,\"utm_source\":\"\",\"utm_campaign\":\"\",\"utm_content\":\"\",\"utm_term\":\"\",\"utm_site\":\"\",\"utm_clickid\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 12:09:27 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: http://www.75.pexeburay.com\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nset-cookie: userid=70552455-7e88-4682-b733-76e944032465; expires=Tue, 07-Jan-2031 12:09:27 GMT; Path=/; SameSite=None; Secure\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-request-id: dec93f755cbdfa33a0f86a78144e0f2a\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-ng-name: front7\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Md8co9JqIHuuT%2FL2Tw%2F9oM%2FCbq5iy79HlSMCOvJYIXVndpI7K5imN6ZnU7Plgs80qrXwvYSVOkTCBxVVfgsozgKTZYYw%2BkVpl%2B8LYQ%3D\"}]}\r\ncf-ray: 9ba358a858344e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3114,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"616a78320759e69134bcc75b6bf150cb","sha1":"362be7e5682f26942059ca3ee6a5accbde983a9f","sha256":"df46546cbc0e6008a1d36bc350032cd2b476c5c400e18fb184bb24ae783879b1","sha512":"2f8c0d8b84e7eb827baa5e38168c05343a792114f5193b0af87f09bc0d2b51815e6272746b43bb68d7b6dac1cfda3d6069e4664d27eab5588e9cbdb2ffac911b","ssdeep":"","tlshash":"945148db26f9822f86c52dd7d7725c7d30268da8df4a43a9eed7a417d8171340b08784","first_seen":"2026-01-07T12:09:56.290151Z","last_seen":"2026-01-07T12:09:56.290151Z","times_seen":1,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":42,"dns":22,"connect":1,"send":0,"wait":76,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uuidksinc.net/matchx","fqdn":"uuidksinc.net","domain":"uuidksinc.net","tld":"net"},"ip":{"addr":"31.220.27.135","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:27.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uuidksinc.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:22:16 GMT","end":"Sat, 28 Mar 2026 23:22:15 GMT"},"fingerprint":{"sha1":"A3:04:43:DF:E7:27:A9:50:C2:BB:1F:85:9F:88:08:C5:EC:23:CE:9C","sha256":"0A:4A:19:47:D5:5B:1B:87:C8:B1:25:95:05:A5:F0:D5:1F:A1:A0:DE:36:53:90:85:15:21:1A:64:2B:18:4B:F0"}}},"request":{"raw":"GET /matchx HTTP/1.1\r\nHost: uuidksinc.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nCookie: jcsuuid=JpTW1ciSAn6L4pK6BWKK\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.23.2\r\ndate: Wed, 07 Jan 2026 12:09:27 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncache-control: no-cache, no-store, must-revalidate, max-age=0\r\nset-cookie: jcsuuid=JpTW1ciSAn6L4pK6BWKK; expires=Thu, 07 Jan 2027 12:09:27 GMT; domain=idksinc.net; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.23.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2759,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2653)","md5":"146216f52c696f268e9fce573cd23f36","sha1":"7c0f7b3d5410206c6dabc9fb962967a28c69aed7","sha256":"7b83718890f200971a4f4e8e5c8442ecfa54c35ffb8ae384ea92226a713d042c","sha512":"828ca28817d7665c9d9055022a565042e8c3d2df3664f7426db844be4f99cc028c90bb811ad59a09c8dba06b51ae8258c29871ebe6e5eb05be7d4930c1089026","ssdeep":"","tlshash":"0051d8ff734a78264b4160d5203f5204e0bb5014b899c941eee5f8d49d79aef43b2eac","first_seen":"2026-01-07T12:09:56.292306Z","last_seen":"2026-01-07T12:09:56.292306Z","times_seen":1,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 04:32:06 GMT","end":"Sun, 05 Apr 2026 05:31:55 GMT"},"fingerprint":{"sha1":"E4:3E:65:D3:05:EF:8F:3A:11:69:6A:52:FE:6B:BB:A4:DF:73:4E:E5","sha256":"B9:7B:F7:C7:4B:6E:66:E0:D7:DA:7A:8B:0D:2E:8F:2F:E9:28:B4:AB:91:95:86:14:DF:44:15:CB:39:DC:EA:41"}}},"request":{"raw":"GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 12:09:25 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9ba3589eac81c272-OSL\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"ec3bb52a00e176a7181d454dffaea219\"\r\nlast-modified: Mon, 25 Jan 2021 22:03:59 GMT\r\ncdn-cachedat: 08/01/2025 15:36:41\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 6cc518c47930dd77fe1502d8f2c8a041\r\ncdn-cache: HIT\r\ncf-cache-status: MISS\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121200,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65371)","md5":"ec3bb52a00e176a7181d454dffaea219","sha1":"6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68","sha256":"f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c","sha512":"e8c5daf01eae68ed7c1e277a6e544c7ad108a0fa877fb531d6d9f2210769b7da88e4e002c7b0be3b72154ebf7cbf01a795c8342ce2dad368bd6351e956195f8b","ssdeep":"768:Vy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1FS:nw/a1fIuiHlq5mN8lDbNmPbh","tlshash":"2cc3c7a0f21031ea7333c55a75d0ed872219a153e56a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-22T14:59:19.955417Z","times_seen":59356,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":10,"dns":13,"connect":1,"send":0,"wait":73,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/desk.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.555Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/desk.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 1459\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-5b3\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bffFEAHMOxBUEUjVAM8XFFweJ9pMb072Vg69SCw3yptUQDKFgqJmoeQZirSH7DnHfkVNOvby5HOlscZOhKY6UzKoH0WZqKCshSbQQE2u8LXFTw%3D%3D\"}]}\r\nCF-RAY: 9ba3589f3ef60afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1459,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 65, 8-bit/color RGBA, non-interlaced","md5":"82e571ecb48c2816ee6248e3abef0f16","sha1":"d9b636cf40d9934e0cc8b2ea5ced154c2862b63a","sha256":"f873af87cc1331535044bb1d0b1725e8317476ec1b76198ffc6e193b793e3339","sha512":"0d6794a0930774299c2c01f81d02e5a8e4e74e4d481c47b991911fd3e5d016c610adaf6839c2d2dab756798c32fd13ff36c7ac1150585eafd3c9df12391ddadd","ssdeep":"","tlshash":"5331c9031890119da788ab3259ba0556c57d4313fa2826173833bc159f64bcbee43fcd","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.52095Z","times_seen":60,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":85,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/chrome.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.563Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/chrome.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 4885\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-1315\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BXYaa0RxBNGMgFv0xMW8duHEKImoEGDvbhGPNjnyszLfAIyIIxmo0gWsjdfrQSjvtMCTRd1q7NQ%2B0uZRdEIq4rUkVR7XZWooqMq3TMpY5VnBnw%3D%3D\"}]}\r\nCF-RAY: 9ba3589fc8590b55-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced","md5":"ca355e6175e56464789197d4d6e32fa6","sha1":"4754525667211a3ca47f52e1b09ce8b6a03676f5","sha256":"1a81996384eb45ff3b38d89ce30913b613fed54929e6ff776a5156f3e5b2358c","sha512":"5565720e11a3f4611412501cbe2f433a6733a419408447143ff4fd1aa89699b5c20473317a5551d54f5905fd7b8174c6fdecd2567710887c782c446f7ef6618e","ssdeep":"96:dHEegQlWWLdgKus6yXN6DxRi0/+bbR4NFaszTtYl7cLr:dknQowma6sNrY+bd4NgszTthv","tlshash":"24a18e0906dac589169dff1270f96e4e9a212d82f739d01b3a671f743b709d249c9347","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.545775Z","times_seen":59,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":163,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/opera.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.565Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/opera.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 4181\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-1055\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=or3onkz0RRS0IPvsiTWSIss0wvoWRneqjtpivfeBe%2BnyaWeWPNZOosx2EoRWqn9iUsxAt%2B7RRFSqNqTNoFAV0FkR%2BZHoQn%2BogkGwscjbH%2FMnWQ%3D%3D\"}]}\r\nCF-RAY: 9ba358a038a40b55-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced","md5":"7926db789f7f346f97b770f39541e7c7","sha1":"a619a51570ed52c4cb6159aeddb711a95e6334fe","sha256":"7ad0e450617da43151367511c6e0736eee209dd8d12c6a2e6dac8c009786bee6","sha512":"f790dfecf5ff684beb0422104522d70ec6825f26737fa60ee16f6aae8fd82fdff7ef8a080ebd60ea4c408081aeda27979d2c35f1b509ca7d448141dfa7cc7eda","ssdeep":"96:RwdtJBkPKwda/tFiZ2uX3uHGx2qlTDtpNvowckpCa/g3d8Zgq:etCGzi8uucDtqS3Zgq","tlshash":"88816c8df778e5a6c038faf580c4c826a798b43c6b54afded1220081d772216258e3ce","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.534623Z","times_seen":59,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":232,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/by.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.573Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/by.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 2022\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-7e6\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ivGc0BwTLnuj%2F7Mt6SY3qJ6Ov9XGn6rJl0u3sK5eEAMtQYuCRnytmWIB4%2Fz6HBKw1BV1dR%2FeUwowdW%2FIgP3BWSYJ6gw%2BnWt7v9gFynzkdld7dQ%3D%3D\"}]}\r\nCF-RAY: 9ba358a0c91e0b55-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2022,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 67 x 65, 8-bit/color RGBA, non-interlaced","md5":"6c077fcda7443f808bfe1a507239cca9","sha1":"97d2c0ea8ab630d71b57382104b2094872cad53a","sha256":"09f1e28b4bad9daa8a889eafe60fa64200c0e37f20f1e7e7f0e277fd6dc70d9f","sha512":"061c4e7d8430f3744f00ce294e03e6e19f061704ec68c2978e710b53ba4c2b27d8bfcc6f270800b22198bdebf3871726b2de1a993bdc9d406472a2686900dac4","ssdeep":"","tlshash":"53410a6700992d2aa35d9e2264f484b3db231539bb2f4405b28674360f56de7197a2cf","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.521544Z","times_seen":59,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":313,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.584Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /199f8c6.php?utm_source=\u0026utm_campaign= HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M2IrL5HQU4JpNuhNLbF2H88t8b%2FDPM7%2FJZuF8WQwjPE5YuH0gVEsdQRpFpVgIDQxDHxp9sWUF2gyDO0aawFcc3jJukvMzkq4sJ66HdVIVjq57M%2B0\"}]}\r\nCF-RAY: 9ba3589ebac24e4c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43509,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43461), with no line terminators","md5":"0f438343ca01f023dbc4266a58a19a77","sha1":"7a08db25a16e409385c2d706aa2db3df635ae96a","sha256":"2176d85a2eeb7951c357e95b0757f97447aa330f9db446948cb1a11fd18520ac","sha512":"caa06e6cfe10c668cd1f168c968ff67f30103fab3743e4737b2fcb7e90ae572b2324c74a9842f817a9e009a68c4cb41ba06e0c625f3e30a39657e1bcd00cdabe","ssdeep":"768:dExClCwj5iFbMn1gEEJZ2iPf3FH0qGWDHV/u8dI:zdqvl02DHV/ueI","tlshash":"6613089972427025327fb5f1a37f570eb3be690a48a51d50c603f8c03968e8dd67ae8d","first_seen":"2025-12-06T15:23:24.975267Z","last_seen":"2026-02-04T11:33:10.602105Z","times_seen":140,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":103,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14868\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 31 Dec 2025 23:00:18 GMT\r\nexpires: Thu, 31 Dec 2026 23:00:18 GMT\r\ncache-control: public, max-age=31536000\r\nage: 565748\r\nlast-modified: Wed, 10 Sep 2025 16:47:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14868,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14868, version 1.0","md5":"a870ee3703f35f3b772e1ea3aff0abea","sha1":"2f73bac27e4fca1630d90813a858d7b815faf5c2","sha256":"691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc","sha512":"eb7e106769da2737a2d128f7b5ffeb145c03ecb3e0d120ea8e48f66b54ccc92b3657c9ba44385b355643e344329318c3d4eddde64b060ef580b419ac09d48add","ssdeep":"384:mVyQfY5SLPyg3mKvJU/rtyXWtnpeb0qY9X3cCI1Ll62yQ:2YS7fWKvJ2tyqM0PXINl62yQ","tlshash":"7562e0e9d92843e74d2019387b4b78df360adbed631a4878e995c49b6014af79122c1e","first_seen":"2025-09-11T17:07:37.667838Z","last_seen":"2026-04-22T16:16:11.452087Z","times_seen":42647,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":77,"dns":5,"connect":9,"send":0,"wait":8,"receive":2,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tsyndicate.com/api/v2/ssp/set-client-id/X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t?id=JpTW1ciSAn6L4pK6BWKK","fqdn":"tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"94.130.167.206","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uuidksinc.net/matchx","date":"2026-01-07T12:09:27.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tsyndicate.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:10:04 GMT","end":"Tue, 10 Feb 2026 21:10:03 GMT"},"fingerprint":{"sha1":"BB:2C:CE:C9:92:0E:A9:18:50:BD:8C:7E:7D:B2:E6:CC:72:54:29:18","sha256":"3B:E3:8E:A4:C5:EC:08:3B:96:2B:B0:16:ED:56:3F:0A:CD:55:81:4A:8F:FC:97:83:57:FC:6E:F9:FD:F4:43:83"}}},"request":{"raw":"GET /api/v2/ssp/set-client-id/X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t?id=JpTW1ciSAn6L4pK6BWKK HTTP/1.1\r\nHost: tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uuidksinc.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 12:09:28 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\npragma: no-cache\r\nexpires: 0\r\nvary: *\r\nx-api-version: 2\r\nset-cookie: ccid-X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t=JpTW1ciSAn6L4pK6BWKK; path=/; secure; SameSite=None\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, no-transform\r\nx-robots-tag: none, noindex, nofollow\r\nreport-to: { \"url\": \"https://pxl.tsyndicate.com/api/v1/heavy-ad/report\", \"max_age\": 86401 }\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\npermissions-policy: ch-ua-model=(self \"https://tsyndicate.com\"), ch-ua-platform-version=(self)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ba036c43037cfe89320d1ef7b64cd43f","sha1":"88c72d3e26047eb1e45e5564a76427734f120efe","sha256":"42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb","sha512":"aa80ccd27c05eb729f730b9d830b011650bcf12cbb25d19edf29efcf962c7465bb5685a5ff5d084356c6710c08e829d16b59e7a59a41767eb14744f326b6c124","ssdeep":"","tlshash":"19900403f5400003d175d03107170340134cd110057c0307405d505cdc553510c01010","first_seen":"2023-05-10T09:10:20Z","last_seen":"2026-04-22T16:43:46.875239Z","times_seen":14837,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":90,"dns":35,"connect":24,"send":0,"wait":25,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/step1-phone.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.559Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/step1-phone.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 48399\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-bd0f\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e62tsWAZ8GGcLA5h52AQX09dxU097EBqOdc9CgNNkXcAJVCuQBo%2FA503xucSGynIzeCWOARfhdHU44CahUdeFL76aI3zXHlIXUidCJ2kLEko2g%3D%3D\"}]}\r\nCF-RAY: 9ba3589fbc7db51d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48399,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 171 x 349, 8-bit/color RGBA, non-interlaced","md5":"4f5069b203403aa659262e75b98675e0","sha1":"621a5481fb91150b91f4f18fafb8d52a3d546f20","sha256":"10025632c6f7e8e62b9bfc9b4a32aae3407122d1001786344d3ee312c99f4329","sha512":"76d748617c41742348de4eca123d59bd7dccacfe3afc08f6459d8af719cfe4d559e8818ba8ce48b6f92fc9f38587bcd92c3996f0e535b5582ea198d58021bdb3","ssdeep":"768:OlmrtRZ/mIqlAuUhd67oJZhVdXNTkVno7DH1NtMY4gZ/R6iVP:/r7Z/mIqlAuU/6cxFApo7DVNt1XjTP","tlshash":"dc23027f36a4ca404e66d3f43326d6181ab28a0d1b872753c3546713b6e53e97a8b7c0","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.523024Z","times_seen":59,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":71,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/percent.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.568Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/percent.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 3629\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-e2d\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qDwvaBp1%2FOZkggZEkV7VGFuR7XNH5efjmRNinWS2B95UnSSlN8EoGeplUC%2Bp1zk8DQ3CqU3oPors7OWlo5Bo6fBa%2BEMJx9eucE33rNE0rbYrRQ%3D%3D\"}]}\r\nCF-RAY: 9ba358a08d30b51d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3629,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"174236fb5aae3e07c5256d0da0140104","sha1":"0ea872966291bd0355301965576b8f73a311b72e","sha256":"caa6f7055758210d74d99881bae258dcfd724991acf55503979dea8acdea68c1","sha512":"b5c0a13cd8667cbdcbe754e02be89b85e6d5bcf94a17e15c002c72441576a24ebcd41a1bc68c40f0ce0500bbf0ae0e7132ec30c87c435b056b76ce855bc5947e","ssdeep":"","tlshash":"13715bc722958bc7c15aff2742fc1ec51dabec10c22ca10be49fd99ed627200ae03655","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.536884Z","times_seen":58,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":277,"dns":0,"connect":0,"send":0,"wait":74,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14204\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 10:44:28 GMT\r\nexpires: Sun, 03 Jan 2027 10:44:28 GMT\r\ncache-control: public, max-age=31536000\r\nage: 350698\r\nlast-modified: Wed, 10 Sep 2025 16:47:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14204,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14204, version 1.0","md5":"a44fe95a332db9fee477ead82225127c","sha1":"e00f10d9174c32686c5cb27c6ddb9214c6365323","sha256":"01f626ea1f2510f33efbd895b41049a10d2ddfbf2737b5400721ed310cf071a3","sha512":"62e39ad91a98ab2c7ba8da0bad6d502118f98766fa0b6e164263f6dc1acff06a8042efebb6ed846e953d7ff999ccc67e234edcbac5dbfc6139e385dfcebc4025","ssdeep":"384:+w7oj2S+ALeakzpJZ8fvaPNn2xBAvJJhTRW6TCFIYZ:V7oj2S0awJZ8f+2AvrW9","tlshash":"fa52bfa2771bc861cd12f69e0dce367ede9f35897900a333bc495e47b49489904460e7","first_seen":"2025-09-11T20:37:14.08517Z","last_seen":"2026-04-22T15:57:57.103117Z","times_seen":2118,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":153,"dns":0,"connect":20,"send":0,"wait":8,"receive":2,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwkxduz8A.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwkxduz8A.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7596\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 12:25:58 GMT\r\nexpires: Fri, 01 Jan 2027 12:25:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 517408\r\nlast-modified: Wed, 10 Sep 2025 16:45:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7596,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7596, version 1.0","md5":"3c025381ec906e8d6de59dc2371b311d","sha1":"988467ab42646ea650a351d69f4b77e5e200bf2f","sha256":"8c7a5a574b427dafe22ffa653e58b9045888a024dbafd759e122be76e220b625","sha512":"730c0acfedc6984ab79eb461a59a18f3d787f789ddd06ec01f1f375619ebf2baa80220cdfef8f82a0306a24dfeba71928add1fe8a0a69055558eae145571e5d9","ssdeep":"192:64rsGgVr5agoZW84TVCHxixT3UucQ5K1EmhMWT5j:64rsT5oZfkNcQMemh9","tlshash":"03f1bfec8dd197a9e424ceb84bee9546cacb3a430c44d1687a031f0b8737b4c87d6d52","first_seen":"2025-09-20T08:50:26.814382Z","last_seen":"2026-04-16T19:28:24.29112Z","times_seen":60,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":10,"receive":5,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/people.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.551Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/people.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 2921\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-b69\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YM5niFZVqWTQaOSSV8eyXg5gWP5sBwdyjik7bR9QVpNXxw8%2FPgB5HtcJ2WB%2BwkXVi2OsoCzfPwpftsh8v0vL5jsCBgnKfK5Kdra9fOa6PSft40jL\"}]}\r\nCF-RAY: 9ba358a088194e4c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2921,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 71, 8-bit/color RGBA, non-interlaced","md5":"b9be96263c99c3d8c5ab1a4ad7277cf6","sha1":"6a2e27318ee7f1fd4b75ee1cd70f9bbdcedcb4d5","sha256":"fb7242f603c00bd4ee3611be7b317c8314ba2f6e4ee9d0e3edd8eafc7e36e274","sha512":"26774c980383625bc19c5804921c1d14ba5eddd8b7ee24b0e6667e0012df8a698e6c266a889e06ee3155d0e1a525b07fa405ac6a7c207c578e85e304f3b8cc6e","ssdeep":"","tlshash":"a5515a420cd8d6412a9c763129b8d3388c8b33d2065a5a3f2f80efc9460c4ec56a19cf","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.530897Z","times_seen":60,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":298,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/yandex.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.566Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/yandex.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 7804\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-1e7c\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=84r1mR9gNf5YoMpbhqkQTqRXkO4y1VU8EbS5Jegbh1HK0gT74rXeulEpRSkdh1u4nj8M%2Bm1J0l6OptOwOaaoUnxJZ0%2BIV6bmhpzg7Mja3pSoaA%3D%3D\"}]}\r\nCF-RAY: 9ba358a078e80b55-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7804,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"02c02ca7487dd88f5d3ab2912cbe1417","sha1":"fd118c3a2ac3279c7b2bac7d0a7f4ccc63702086","sha256":"f616f538dcfbdcdb559796577d81b729bcdd70631a3135d7dd951c64a464078b","sha512":"6e01057945b42b20aaeed75a8b1edfb175439ccfaf7b4870e00ba42d007283f77c9677a4a56dae7575fbdfcbb1d35373b4e073c26629f0ec1e5dd0c838b600a1","ssdeep":"192:tEuGlaAWGtFkx8zvJn9ar6V+niNiv5GW2MnB:tduFk6zvJEVNMW22","tlshash":"f2f1ae9718b16f82978c268ea4ccf9ac22d12200007268e49dcdc4f6df78ced5399ee5","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.531454Z","times_seen":59,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":270,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/assets/images/phone.png","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.574Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/phone.png HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 1211\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"636262bc-4bb\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TX%2BAscxfJXVd1yG4re5zJABawrrvCTsArjo6zE39KfRH3X8j%2BthyAvqgufKXEyUwQ2YJWXmZGBKMtKrooUtifGHbsbIamUFw%2FPyAvZEbDnD9vQ%3D%3D\"}]}\r\nCF-RAY: 9ba358a1b8990afe-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 64, 8-bit/color RGBA, non-interlaced","md5":"1665329216720182fdda09ccdc56f0dd","sha1":"7a4c75ad95bdc5ae16e075784fc31c0e6e1a5c2a","sha256":"32b984d5b404eca6b70a91ae64e22dc7d02cca4dd8011236cbf2ad589ff471f0","sha512":"fd11a47b82f8f371344318ea79da99dda163a55b7e20e00ab64effcc3dfee4dd30c7e42887c03c738a63c6404865e2f77d155ec913f376c9c2c49fcc6f14f177","ssdeep":"","tlshash":"fc21da972d830b92c1c87b2b5cd47a089f9ba144465c4e74b0499c31671977045c48df","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-04T02:04:14.537392Z","times_seen":58,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":461,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,900","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:25.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Source+Sans+Pro:300,400,900 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.75.pexeburay.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 07 Jan 2026 12:09:26 GMT\r\ndate: Wed, 07 Jan 2026 12:09:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7301,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6859034a8847043c1d5f3d6e54f24805","sha1":"3164cedb89080e4ca278f869da50769de9bb05a7","sha256":"9c6a1d131c7395d62557ef4961f6df90687d1135f4aa7ad401381c52a2369e2b","sha512":"7b7e1d382c804059987ad409fb5029ed99fc3f29295bb704f04519bab85bd86c0e74f98de97888451707b79c8ebb9aa68a0bfdd176aecef9e735124c17bc4cdb","ssdeep":"192:ln1Cb63gYIv3q0eb83JLXCIxjCjo3Kc6xc:JfPk/r7","tlshash":"e7e1aff2411ae44897a31cc623de3e369d8f60207185c16adffd5898eca6c2a53a4f5d","first_seen":"2025-09-20T08:50:26.853908Z","last_seen":"2026-04-04T02:04:14.529066Z","times_seen":51,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":105,"dns":1,"connect":20,"send":0,"wait":33,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14792\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 31 Dec 2025 23:00:54 GMT\r\nexpires: Thu, 31 Dec 2026 23:00:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 565712\r\nlast-modified: Wed, 10 Sep 2025 16:47:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14792,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14792, version 1.0","md5":"c37aa11e5024b0f8908f3742c9a0d9b9","sha1":"b2ccee72f93c83b0be62da9e8bfa77943c481500","sha256":"46d6a0984aa795b764141232671160e61bdcc49e900de67ca6b35bae25b1ebdd","sha512":"dc3f2e177666b9666b0e51399f4e6600246f56865c92ce8a204c2407818b3fa038abb794341cb9d16781451db487aabc1a84e5262619fad90e6886e11fa3e699","ssdeep":"384:XZs0UC5sLGL2sZJCnfayiBoJdSpMzgZqO46EegOHBKagapO:X2C5sLsBmfqSJgMzgUPegOHBRnO","tlshash":"4d62d07198885687b0f5b7348e2f2a6f66f3514028685312acc3fc6cdb5bd4670279ca","first_seen":"2025-09-11T20:37:14.108754Z","last_seen":"2026-04-22T16:06:48.960771Z","times_seen":16209,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":73,"dns":6,"connect":7,"send":0,"wait":12,"receive":1,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 10:44:34 GMT\r\nexpires: Sun, 03 Jan 2027 10:44:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 350692\r\nlast-modified: Wed, 10 Sep 2025 16:47:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8044,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8044, version 1.0","md5":"c73de612786a16532acebaa67640f01b","sha1":"15bb70a8871fbb71fdf4ee312ec06736d738eede","sha256":"a5984c2e2d01b200cc490bc23a4d437a3242c8c1c3d244a89eb7a6f5b11cd160","sha512":"bb0e0324030e8f01f3b65405c7044465d70d9a5b658f214ada46589e89386e683e65e2bdc4bf6cb4d8435861bbe8eb5f4193955993d0b30bce59b1bc11a6b593","ssdeep":"192:WcYBSqZ2yYw/oBeJ5UGqNdvouYnP6XAkG5Q3jhbc8:W7YqZ2ynoBdvouYnP6XNmQRc8","tlshash":"5ef1c0b5e24f274a8b32aef1141507cdf17783795b006f3821f2fcab556a00a79ac42c","first_seen":"2025-09-13T03:49:57.091841Z","last_seen":"2026-04-22T09:00:51.711307Z","times_seen":810,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":148,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":131},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:26.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://www.75.pexeburay.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7876\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 02 Jan 2026 19:09:43 GMT\r\nexpires: Sat, 02 Jan 2027 19:09:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 406783\r\nlast-modified: Wed, 10 Sep 2025 16:47:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7876,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7876, version 1.0","md5":"34144ab96dc42f6c816ccb5f7904d076","sha1":"1a26fb2d25428664d9a77b49cd354d59bc0510e8","sha256":"c7c0156d5a425af173817ffd3be8d652d0d622a71e0cd17c994e56a0de855a0b","sha512":"898272ac594ca2a9f7416113d73b87a852afe7ac6ffbfc4187e343ba4c35575df306d3d42e9e360dca5497392afd882fabdf27fcf314c2d6f2486ff721c35d86","ssdeep":"192:U8vM6dQMZU3IoG7ARrChWUhV2RfHeH+jBtQVtK1pGDrR:UL6hxoGM4wUP0fHVjBtQVfF","tlshash":"26f19f8e9e6393a3402893644c25acc7b9efc7d26282465958df50b2ff2954c712cb5f","first_seen":"2025-09-20T08:50:26.825778Z","last_seen":"2026-04-19T22:59:44.785607Z","times_seen":139,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":147,"dns":4,"connect":9,"send":0,"wait":9,"receive":1,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kuolkoola.com/js/cs?uuid=70552455-7e88-4682-b733-76e944032465\u0026oid=JpTW1ciSAn6L4pK6BWKK","fqdn":"kuolkoola.com","domain":"kuolkoola.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.75.pexeburay.com/","date":"2026-01-07T12:09:27.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kuolkoola.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 07:23:19 GMT","end":"Tue, 10 Feb 2026 08:21:01 GMT"},"fingerprint":{"sha1":"FC:2B:19:59:1B:38:FB:C7:30:93:16:58:CE:B8:18:51:DA:3B:EC:FC","sha256":"4C:64:6D:FC:40:95:00:94:2F:68:3B:50:95:C3:BC:4E:E5:03:71:D8:2E:42:96:E5:4C:49:33:A3:F6:35:4D:3C"}}},"request":{"raw":"GET /js/cs?uuid=70552455-7e88-4682-b733-76e944032465\u0026oid=JpTW1ciSAn6L4pK6BWKK HTTP/1.1\r\nHost: kuolkoola.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.75.pexeburay.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: userid=70552455-7e88-4682-b733-76e944032465; uuid=70552455-7e88-4682-b733-76e944032465\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 12:09:27 GMT\r\ncontent-type: image/gif\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nset-cookie: oid=JpTW1ciSAn6L4pK6BWKK; expires=Fri, 06-Feb-2026 12:09:27 GMT; Path=/; domain=.kuolkoola.com; SameSite=None; Secure\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-request-id: 444c425d48f30b8cbcc3c1a9a2da915e\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nx-ng-name: front7\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SrfXYMf5PBSZsc08lnW6UQPszFvOgdRRxWRp46xloHs3LOQIke6KXTjmlkvRiXsL5o3IuduSMzzTLkWdlqrLxjIxhlnRRJvDCdVn1%2Bw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba358aa9a92dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-04-22T16:10:31.843518Z","times_seen":79104,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.75.pexeburay.com/","fqdn":"www.75.pexeburay.com","domain":"pexeburay.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T12:09:25.323Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.75.pexeburay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 12:09:25 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: no-transform\r\nContent-Encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pXyW18nHSfJVJ3%2B7gAARdZO0HD5LPdw7CwUv2LJXL%2Bqhrg4nEx4g%2BGrAerqMQQiK7pzSGTSaNSWDFxIf%2FvV2uq3hkY2K2N4WrbEn9BuRDvzZrA%3D%3D\"}]}\r\nCF-RAY: 9ba3589d4a6fb51d-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.1.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Popper:1.14.0","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]}],"data":{"size":77780,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators","md5":"51b401596460ce29365d3e4c995a8732","sha1":"1149e1c818db9e388661bd77ba453fc622511a1a","sha256":"d9f7c5ca287fb3b71d6431482f013a8c51c6fd5b5627c0cceefb55108d96e605","sha512":"c2e9ceb9be0221bc52e136bd08a2a3bd251e51b94334ab9b762d1fcb31081251a613ca4278dde8342554eccd356205b730cb7b4ccc7ee77fc82bf4267e7a91e3","ssdeep":"768:JgLFNfaelsGLhO9e4NvvaHE/Zo7a9dusPOv2KVc:JgxNCehhMfpZou9dDGv21","tlshash":"9973c62454f5209701b7e299eb261e0efe93917b85468200baec4b857ff7c42cd63b9d","first_seen":"2023-04-08T14:37:38Z","last_seen":"2026-04-04T02:04:14.54464Z","times_seen":23,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":1,"dns":0,"connect":1,"send":0,"wait":83,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"www.75.pexeburay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}