{"report_id":"5138e83f-d944-410e-9a72-d32cbb11dc91","version":6,"status":"done","tags":[],"date":"2025-11-23T03:35:02Z","url":{"schema":"http","addr":"lefados.xyz","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"thesexcloud.com/","fqdn":"thesexcloud.com","domain":"thesexcloud.com","tld":"com"},"title":"The Sex Cloud - multiniche porn videos","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lefados.xyz","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-28T03:35:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"lefados.xyz","ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"domain_registered":"2024-09-20","domain_rank":2043398,"first_seen":"2025-05-19T18:39:16.069206Z","last_seen":"2025-05-19T18:39:16.069206Z","alert_count":0,"request_count":5,"received_data":196653,"sent_data":2214,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn5-thumbs.motherlessmedia.com","ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2008-10-11","domain_rank":905009,"first_seen":"2018-12-23T05:30:23Z","last_seen":"2025-11-17T06:19:02.052615Z","alert_count":0,"request_count":1,"received_data":7155,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lefados.xyz/rect.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"75f131d906149ad52a7ba63da65fe61c","sha1":"8e838214e3b5952c8835d650862d7fb2752f6146","sha256":"680959566a91074eb94fc721d3c906ed6fd5c97c4412c7e3533d89c1d50cd4de","sha512":"8830bc69543828de6b7ce870c44930a7b91c8895c9fcdbb8407127b9af30a110c606827238448ecb61a39e137a032b47aaefb5e3b398d9054137856a3a97bb18","ssdeep":"","tlshash":"b001909d64d56c744da331bc9fff713890362683545b4e12b61d4e812f7131ec589c88","size":781,"data":"","first_seen":"2025-11-23T03:35:04.358058Z","last_seen":"2025-11-25T00:14:21.499895Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rums.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","size":2674,"data":"","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea5f80581d018524e1d3ff8ac9de6a95","sha1":"b5b1d9facf05c02c37a177f0e3968743f7e5c7a5","sha256":"2cac4fb2bf7b930d5f477b72e76b1341ff6c6a57768e04e78921eae5eca230c5","sha512":"4b72fb92f09b2c31db1179f38ec7c63bf34d666b959d9a38b982c726b4cbe6405ecab3b4eb4e455d04f140d237c09885e4d2c4ea33bd2194c12af418a6e3b256","ssdeep":"","tlshash":"74d0220c6cf4847401318122bae70dd430a3b0f9315610c8020b30ca0a828ca2348a72","size":199,"data":"","first_seen":"2025-11-23T03:35:04.36299Z","last_seen":"2025-11-23T03:35:04.36299Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"8d5e957f297893487bd98fa830fa6413","sha1":"b3c0730cf3f50613e40561e67c871fdb92820cf9","sha256":"1d28c120568c10e19b9d8abe8b66d0983fa3d2e11ee7751aca50f83c6f4a43aa","sha512":"276b40244adbc95c3afec34f5b70844987240d46878b702cec73671ae8cdaeab33cb64f3a495504f9f52b04c0fe94d59685188b1ecb3d115a18e750023255c11","ssdeep":"","tlshash":"c72000000c000000000000000000000000000000000000000300000000030000000000","size":3,"data":"","first_seen":"2023-03-10T11:25:03Z","last_seen":"2026-04-01T20:51:28.916299Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"lefados.xyz/images/xxx11.png","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-11-23T03:34:40.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /images/xxx11.png HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 23 Nov 2025 03:34:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 163326\r\nlast-modified: Thu, 13 Nov 2025 04:57:13 GMT\r\netag: \"69156529-27dfe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":163326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 371 x 235, 8-bit/color RGBA, non-interlaced","md5":"a5acab3e62f8f3fb2dd23863ca201bc1","sha1":"dfff93dc0f3201404eab22d4fa6a09a3a488eb55","sha256":"f57959dc42aa54997602893effb63e6d7f85ead116c756027dd8956dced7a9ff","sha512":"41299093478509c94e027b3eb237e163e1ca51e04a3798cbad80e66c98d7a614d5e6f5bfb202ea23c8362188334c94819f3be66e477731cd7b29ac46dd72c29a","ssdeep":"3072:OfC4RPXAUg2IUy0H2Q1kfzdsZ50uAqI/Vt5t94l50XJgCxlNDDsWUl14k:2C4RwUR1qsZauAFVt5t9Ck1fk","tlshash":"ebf3129836c891b272328ab0aaac024d4b839324f57e4d44f9ede92357c57b47c95fdc","first_seen":"2025-11-23T03:35:04.344297Z","last_seen":"2025-11-25T00:14:21.514621Z","times_seen":2,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":431,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn5-thumbs.motherlessmedia.com/thumbs/FE71227.jpg","fqdn":"cdn5-thumbs.motherlessmedia.com","domain":"motherlessmedia.com","tld":"com"},"ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-11-23T03:34:40.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.motherlessmedia.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:9C:A7:64:1D:50:C4:66:FC:B5:AE:9C:CB:DF:AC:1E:1F:4B:A0:83","sha256":"FD:6F:CF:79:47:AA:EF:54:72:2A:60:E2:1B:57:6B:D6:33:60:E2:67:DA:83:68:95:02:34:5B:66:53:45:A1:0E"}}},"request":{"raw":"GET /thumbs/FE71227.jpg HTTP/1.1\r\nHost: cdn5-thumbs.motherlessmedia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Sun, 23 Nov 2025 03:34:40 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6881\r\nvary: x-s-token\r\nlast-modified: Thu, 01 Jul 2021 11:03:43 GMT\r\netag: \"1ae1-5c60dcad0c0d2\"\r\nx-cache: HIT\r\nx-whom: cdn07\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6881,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x240, components 3","md5":"5d105eab9cc59f338d4719fb244d0118","sha1":"5fc3b03f216f36418bcd5834452a41b3effdf5d2","sha256":"761ad0bcaf9dd32d7ffca05fbe189fecfbaf0cceaa92bfdb4048355bc8579abf","sha512":"527ceb0b1d1886cd1566b3540aeb89c2b7055a0b6d41083f6c93cdc563123a4268794e25ba248b8eb566b83626f3adced717a85da6d20c0d3cb18d4adf2fc682","ssdeep":"192:1JnCcRJZZWaE6+knxqhXe0zabSLz7zcyOm:1JNZlx+knE40zv7Wm","tlshash":"a4e1afa3b9d85f9dcd22cabb803a263073446d2cdcb1773eaf87d70705681d5b449a00","first_seen":"2024-10-06T09:19:28.178685Z","last_seen":"2026-01-28T02:11:33.388412Z","times_seen":8,"resource_available":false,"data":null}},"time_used":3671,"timings":{"blocked":107,"dns":6,"connect":18,"send":0,"wait":3444,"receive":1,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/favicon.ico","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-11-23T03:34:41.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: d8051=bm9yZWZ8fHwxfDB8MHxub25lfDA6; d8051b=1763868880\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 23 Nov 2025 03:34:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:31:22 GMT\r\netag: W/\"b52-63a7d1083953d\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-04T01:52:25.0368Z","times_seen":5578,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-23T03:34:40.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 23 Nov 2025 03:34:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 4066\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25559,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"15110fa40b7e0839ef139c2b6becdb52","sha1":"426699003eadb0121d24d9ff72caefecb5687fe5","sha256":"8a9bd6dd7778d0d5fe964c698bea1430c007312ecfaec5a3cc8da8fccdd23d8b","sha512":"507c41630267be03015e1dac408cb093e647515413990a7069e4121efdc2efc972bbd3bb3fa039f78b69178d723a2507f614723348e85e884501b37c88e88e8f","ssdeep":"768:djFjFJXFVMF4FqJC/pH0LNA6E+0CKmSK1euCMHtRdMbqpTJv2g:lxnXoekIAaX6rR5","tlshash":"18b2044395f304155197f2c4ba31177bbd56ae43e027893cb9ac5bd8cfb3e864883a89","first_seen":"2025-11-23T03:35:04.352981Z","last_seen":"2025-11-23T03:35:04.352981Z","times_seen":1,"resource_available":false,"data":null}},"time_used":954,"timings":{"blocked":398,"dns":95,"connect":144,"send":0,"wait":156,"receive":1,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rect.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-11-23T03:34:40.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /rect.js HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 23 Nov 2025 03:34:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 781\r\nlast-modified: Thu, 16 Oct 2025 04:14:19 GMT\r\netag: \"68f0711b-30d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":781,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (370)","md5":"75f131d906149ad52a7ba63da65fe61c","sha1":"8e838214e3b5952c8835d650862d7fb2752f6146","sha256":"680959566a91074eb94fc721d3c906ed6fd5c97c4412c7e3533d89c1d50cd4de","sha512":"8830bc69543828de6b7ce870c44930a7b91c8895c9fcdbb8407127b9af30a110c606827238448ecb61a39e137a032b47aaefb5e3b398d9054137856a3a97bb18","ssdeep":"","tlshash":"b001909d64d56c744da331bc9fff713890362683545b4e12b61d4e812f7131ec589c88","first_seen":"2025-11-23T03:35:04.358058Z","last_seen":"2025-11-25T00:14:21.499895Z","times_seen":2,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rums.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-11-23T03:34:40.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /rums.js HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 23 Nov 2025 03:34:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2674\r\nlast-modified: Tue, 21 Oct 2025 09:54:48 GMT\r\netag: \"68f75868-a72\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (559)","md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}