{"report_id":"71a550dc-239b-45c8-9242-dcdd93a4f373","version":6,"status":"done","tags":[],"date":"2025-10-11T12:50:01Z","url":{"schema":"http","addr":"www.usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"www.usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"216.58.207.225","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"title":"USA NEWS 24/7"},"submit":{"url":{"schema":"http","addr":"www.usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"www.usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"216.58.207.225","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-15T12:50:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":26}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"deadmentionsunday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"pl17791347.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"pl17791347.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"pl17791347.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"inklinkor.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-08T11:21:31.763121Z","alert_count":2,"request_count":1,"received_data":377,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-10-05T22:17:33.15614Z","alert_count":0,"request_count":1,"received_data":98149,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"deadmentionsunday.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-05-10","domain_rank":0,"first_seen":"2022-05-10T05:03:57Z","last_seen":"2025-10-03T07:22:53.144794Z","alert_count":2,"request_count":2,"received_data":0,"sent_data":922,"comment":"","tags":null,"fingerprints":null},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.157.139.67","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-05T22:31:22.752325Z","alert_count":0,"request_count":3,"received_data":1045,"sent_data":1517,"comment":"","tags":null,"fingerprints":null},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-10-06T03:40:54.177944Z","alert_count":15,"request_count":5,"received_data":126277,"sent_data":6486,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-05T22:15:09.164871Z","alert_count":0,"request_count":3,"received_data":207228,"sent_data":1593,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-10-06T00:34:29.689436Z","alert_count":0,"request_count":1,"received_data":845,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.usaxtoday.blogspot.com","ip":{"addr":"142.250.74.161","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2000-07-31","domain_rank":0,"first_seen":"2025-10-11T12:50:04.71706Z","last_seen":"2025-10-11T12:50:04.71706Z","alert_count":0,"request_count":2,"received_data":433929,"sent_data":978,"comment":"","tags":null,"fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}]},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"142.250.74.130","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2025-10-05T22:30:24.656342Z","alert_count":0,"request_count":2,"received_data":18792,"sent_data":2084,"comment":"","tags":null,"fingerprints":null},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-08T01:17:43.238436Z","alert_count":2,"request_count":1,"received_data":530,"sent_data":774,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"usaxtoday.blogspot.com","ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2000-07-31","domain_rank":0,"first_seen":"2025-10-11T12:50:04.694739Z","last_seen":"2025-10-11T12:50:04.694739Z","alert_count":0,"request_count":5,"received_data":505123,"sent_data":3325,"comment":"","tags":null,"fingerprints":[{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]},{"name":"Blogger","description":"Blogger is a blog-publishing service that allows multi-user blogs with time-stamped entries.","website":"https://www.blogger.com","common_platform_enumeration":"","icon":"Blogger.png","categories":["Blogs"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.12.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-10-06T02:36:00.202778Z","alert_count":15,"request_count":5,"received_data":125585,"sent_data":4007,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-10-06T02:42:08.575259Z","alert_count":10,"request_count":5,"received_data":125789,"sent_data":6307,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"blogger.googleusercontent.com","ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":4332,"first_seen":"2012-05-25T17:41:01Z","last_seen":"2025-10-05T23:17:22.743817Z","alert_count":0,"request_count":15,"received_data":175519,"sent_data":10485,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":8,"received_data":179908,"sent_data":4396,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.highperformanceformat.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-10-15","domain_rank":366864,"first_seen":"2024-10-23T18:32:34.138968Z","last_seen":"2025-10-06T09:12:23.212319Z","alert_count":12,"request_count":4,"received_data":156869,"sent_data":1868,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2025-10-05T22:45:09.649371Z","alert_count":0,"request_count":2,"received_data":34547,"sent_data":1002,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-10-05T22:31:22.777678Z","alert_count":0,"request_count":3,"received_data":204032,"sent_data":1386,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pl17791347.revenuecpmgate.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-08-29","domain_rank":0,"first_seen":"2025-10-11T12:50:04.698116Z","last_seen":"2025-10-11T12:50:04.698116Z","alert_count":3,"request_count":1,"received_data":99255,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-05T22:12:07.052692Z","alert_count":0,"request_count":1,"received_data":425744,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pagead2.googlesyndication.com","ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2003-01-21","domain_rank":610,"first_seen":"2012-05-21T07:15:40Z","last_seen":"2025-10-05T22:34:20.930547Z","alert_count":0,"request_count":6,"received_data":691288,"sent_data":4396,"comment":"","tags":null,"fingerprints":null},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-10-06T01:09:45.371726Z","alert_count":15,"request_count":5,"received_data":126274,"sent_data":6487,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"oyo4d.com","ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2019-03-26","domain_rank":201644,"first_seen":"2025-06-02T17:08:26.404235Z","last_seen":"2025-10-06T15:53:55.024008Z","alert_count":0,"request_count":1,"received_data":837,"sent_data":613,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"inklinkor.com","ip":{"addr":"104.21.91.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-04-01","domain_rank":508457,"first_seen":"2022-04-01T11:44:00Z","last_seen":"2025-10-10T23:13:31.128758Z","alert_count":1,"request_count":1,"received_data":111132,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-08T05:41:48.061731Z","alert_count":3,"request_count":1,"received_data":85963,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.blogger.com","ip":{"addr":"142.250.74.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1999-06-22","domain_rank":9514,"first_seen":"2012-05-22T07:35:03Z","last_seen":"2025-10-05T22:33:20.809903Z","alert_count":0,"request_count":1,"received_data":148256,"sent_data":450,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0d70ca9269e291bd28625d1c236881f2","sha1":"563aa51675a8639b18bee0b97bff3550a1c7ced6","sha256":"8ca59fcc9b55f417c928d2e2371dda67cb635aad5d86be53135d3dc3ac64e7bd","sha512":"6fa4d1245e39fd350700721ea31943c7c32d3baa2b87a37a1ff06e1365f8b31a4bca09effd6286fd864bd921dc6190af9ecd6f16b23e11f1c92c4eb4ad13dd83","ssdeep":"","tlshash":"0fd05ee31c0c807e853f63c55ca346ae2693b0aa17c50f0aa9b671b84750c499ac8bc3","size":250,"data":"","first_seen":"2025-10-11T12:50:11.045284Z","last_seen":"2025-10-12T14:47:20.563437Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c664c258d9ac43f7128bf64aa071862f","sha1":"1afd48da16c410033b6203dbcef9e205eb8fc2bf","sha256":"a61b1d207aae1e8e97ef6620419148b0618916ae785c0ec9ac558cf539618a1b","sha512":"f1608ea7d4d95a0878cc84e3a91e4e3f6c49cc7e38d8d1a5ebbf95f32a2fb75259337041606bf2350b15d3212d8cfeed33c29f8b6e809b383b14ba963fa692b8","ssdeep":"","tlshash":"13b092c1e2d1206a814580ea55722628f1e32cc32d05693ee062ad0aa4e0b0a88be4a9","size":118,"data":"","first_seen":"2025-10-11T12:12:30.779939Z","last_seen":"2025-10-12T04:36:02.723441Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"69691c7bdcc3ce6d5d8a1361f22d04ac","sha1":"c63ae6dd4fc9f9dda66970e827d13f7c73fe841c","sha256":"08f271887ce94707da822d5263bae19d5519cb3614e0daedc4c7ce5dab7473f1","sha512":"253405e03b91441a6dd354a9b72e040068b1bfe10e83eb1a64a086c05525d8ccae2bf09130c624af50d55c3522a4fbb7c18cfc8dd843e5f4801d9ad2b5164b12","ssdeep":"","tlshash":"c700000000000000c00000300000c000000000000000000000c0000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:15:12Z","last_seen":"2026-04-04T10:24:10.970313Z","times_seen":44617,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"28da1b249a53a3ee7178e3f1808cb6e9","sha1":"e832658a5db38976e7e7c6f15df4c5ce5177dac7","sha256":"ca68e4089074e50e5e65b9630621c2c4f2b50645405eb1c3c867aa626715d68f","sha512":"2bf60d9a8051e81461036ab6f209f07ce9435f4abdd45c476a1de4ecd13ab955b8b1b1e0f95c268624fdddc1cd5597bd55af1eb2f08494381680fd134ba34e03","ssdeep":"","tlshash":"69d023671488913ac1c1e39046067144cd74401795e4df501314d454da3555e472bd8d","size":209,"data":"","first_seen":"2025-10-11T11:12:36.12975Z","last_seen":"2025-10-12T14:47:20.478464Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"a8a095c5cbf6e45f4f7ea40d1ac5cbca","sha1":"b0e6606f7399abeb932a16dbc3cf155fa6ecfe45","sha256":"3b5a8cc90702e7e4ab27f96f5123e63d3e1b2afc096068ffa923081175b8ff50","sha512":"5746f6161bcc758d50e06914adfd7f77239e0a0e866a1b693de15c5c4b611b883cf3ee5bcf2f51b7b21a43c185482e1bf1f06804d02badc3cdf9b3c7f1e0e1b1","ssdeep":"","tlshash":"8de068a7116a611174e14ce698a7aa4c071811a86dc1e41ea75a33d4853acb603ea806","size":359,"data":"","first_seen":"2025-10-11T11:12:36.183166Z","last_seen":"2025-10-12T14:47:20.578626Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"419af6d362a14b7a789ba1c7e772bbae","sha1":"85dde59bec27686708dc612f174dee372e89513b","sha256":"5b486fe5dbf39aea33037cf94e46b280dadf3718f67583b2c54b4b0233a85c69","sha512":"9d7fcedf3ae6c54b018a34ea0468ed3e76c49831cb684042ee5284650a9f6b8bf49d2398484b2e850985766f587539d5dcdc5bc4c3ec9b3f5973d0a10f1e2310","ssdeep":"","tlshash":"c710000003003000000000000000000000000000000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-08T15:49:28Z","last_seen":"2026-02-15T08:00:17.24358Z","times_seen":3885,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d2a460df08a4fb7a558f635b540d90cb","sha1":"81dbcb9162b442af34ff38018b4b77c063015832","sha256":"6152d43caa491abea69c0001c468166366618867baf85f1f5fc9b26e00966a24","sha512":"4607d683da2d51c9276e1b2a72ac1ab64ac7748e7ff72de6a56933da7557c7bc7c9f7a1d43eaaf6c29595edf0e049796c7f3fbacca4e1f898075096f4ecfb254","ssdeep":"","tlshash":"c71000000000000000000000000000000000000300000000000000000000c000000003","size":2,"data":"","first_seen":"2023-03-11T14:03:08Z","last_seen":"2025-12-09T02:44:09.521458Z","times_seen":312,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inklinkor.com/tag.min.js","fqdn":"inklinkor.com","domain":"inklinkor.com","tld":"com"},"ip":{"addr":"104.21.91.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4602ba01583c2514a9abd08435c3035c","sha1":"e766d257a08fad64c002c4732f30f25f700f8be1","sha256":"4e16eb978a977773df526423e558ff04ea7d5e435a171ee8beb856800be027a4","sha512":"b3ce476794e8747ca8034d5935f40713094a6e9dcb237fe3c1b54b209b3a3980bbf7a5ac1736412a217d1952c78bf4162fc838965541e63f891d413beb17cfde","ssdeep":"1536:I8zmHlk4JQ9aO4kD97aZ06GUqo54Az0SBYQ4+DIVV3BWw:jzsJkaO44K06GUb0S6z3xWw","tlshash":"a2b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","size":109924,"data":"","first_seen":"2025-10-08T11:40:34.402808Z","last_seen":"2025-10-13T11:53:28.853954Z","times_seen":101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"b26a6fc5c5f3adcded302e97ec68b8ad","sha1":"5f7d3e51e5468c80097a13905e63035f71d5f92c","sha256":"c98f50e1059f684f72cdd9eddda29940e5110c02f4d567a193f5c272f1ddec70","sha512":"3557330f7add47a98b688f6927c87542ec5544c0fa76562a98d27f33d1c5b0b68a4ab1671207828ce45e18c4797ded7624e18600902ed91da070492ef12a3275","ssdeep":"","tlshash":"e8d02e286ac781ed416cd0090417ae8823a9fb60bc504c08e2e652a17662ca18a22c2f","size":266,"data":"","first_seen":"2025-10-11T12:12:30.900473Z","last_seen":"2025-10-12T14:47:20.624513Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d23d8e5049c7e7d492ba88611ef1e082","sha1":"b51e51ade45f9507dc1f58fd996adabc6ce41a49","sha256":"cb1c776ab6c555d45c19c2fa84103ed41ef279b48c784d7458e4fbdc6747dc2c","sha512":"80f91334519efbf5f6f3b243b216e1e1fffe66c42a5ce33ad2ec1f926fca347a1673c8ce5d930e6e26b11b8d13723092a8dd9dfd04c6a59f9d44fc398293f76f","ssdeep":"","tlshash":"e2c08c8c211a0cb059e626408bafa904b042321494d01922484923044e60e07db04868","size":157,"data":"","first_seen":"2025-10-11T12:50:11.052587Z","last_seen":"2025-10-11T12:50:11.052587Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"88f52707459b096f15155bd6aaf12249","sha1":"2ab0da1497d2c01e062adcf635482915e83f6c64","sha256":"56a4869e33c4da92682fce9c0c33b53ad04d2139fde5086c12bf55cfcdd72662","sha512":"4ef850610f8861a80dde92b8aedd332233f1d6153a1b451b84b64a49f6854f4b68d298be60fc6ab948a406ab4e455dee06761f0ec638f2fa7ecc4733b621e237","ssdeep":"1536:K0Jj12qD39Uvbdl4ABYg88pXeIs5RUL92HymOFSiS4LpBf2cM1WG40HvfKackuLj:BJR2qDtUvbT4ABYg8gXe/5Ro2HIrSetN","tlshash":"1163c3c4aa96e16766cc1d73abce79bb9469a81790817303d3fcbb4d109a317c1d84ec","size":69805,"data":"","first_seen":"2025-10-11T12:50:11.054204Z","last_seen":"2025-12-30T20:42:19.369422Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d5621598c314b02f83dbec4592ab054c","sha1":"2ff839c5f0de2ccbe9562abee0c641424038abd7","sha256":"89e8d009fe3ca280e775ae29354c42a155365208c7c4bcaa7cae11363a1c5937","sha512":"12414d8a1c141355174e066fcf309d7ef125f6c284aeb5253989ae8cc7c6fbce42150455f5bc6b7f3041e6b724ff6d5d53fb00b6e65e13478eaba6fd099dadfc","ssdeep":"","tlshash":"86c022a96c530411c03da6000ebb5a06861ff0acace41b09680070080d541018c12c83","size":185,"data":"","first_seen":"2025-10-11T11:12:36.256066Z","last_seen":"2025-10-12T14:47:21.236981Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f252523d4af0b478c810c2547a63e19","sha1":"5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb","sha256":"668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404","sha512":"8c6b0c1fcde829ef5ab02a643959019d4ac30d3a7cc25f9a7640760fefff26d9713b84ab2e825d85b3b2b08150265a10143f82e05975accb10645efa26357479","ssdeep":"1536:GYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOaS9TwD6b7/Jp9i:t4J+R3jL5TCOauTwD6FdnCVQNea98HrV","tlshash":"8893d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","size":97163,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:45:55.557802Z","times_seen":67237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"moz-extension","addr":"moz-extension://42d9eb4d-3788-46ba-80f9-b61886afc0e8/lib/shim_messaging_helper.js","fqdn":"moz-extension","domain":"moz-extension","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"865f01cbb34eb505834e826380d7dc2e","sha1":"c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e","sha256":"30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17","sha512":"9e37cd2e9fb9e4e926e2d1e1232c4c4ba3531d89b1d165293708849e0f88df6a40711d87c2b267ced9b6c4a27ac13079b5cb907334e2e297b588318df629b9ee","ssdeep":"","tlshash":"9e31ba1959fa0d1c0063b4a977673403722a90271149fe92bedcc3536f9652bc6f2bc8","size":1684,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-04-04T11:47:34.707599Z","times_seen":152032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"62205faf12cb4b6271d148938be40e17","sha1":"d4f2ed1bcbc698e2ee833e835be32b009aec39de","sha256":"c935f57d5f50115828c398ab148762f60e76810856334100f296de2e9abefd58","sha512":"c81e789b11518e145a2903a9a64f1dce57b33d6e390c995212abb9c42172d94221a5c07ffe93b43627a87a1fb21c844253c2cbc2bd9071112c4ebb0982aae1bb","ssdeep":"","tlshash":"31c08cec3b013632bd33b8cf1b873381cdc04a02f03124465418c4d0e8ea83344a2401","size":145,"data":"","first_seen":"2025-10-11T12:50:11.056589Z","last_seen":"2025-10-11T12:50:11.056589Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7cf5d6ba7168c18d0252aff18178f35c","sha1":"6a830a3230b1b3df155cef6950a4fe8a4864690c","sha256":"03faead711bf37c17c4902d011e0cbbdd7c8bb9efe37d8d06a531f91b8e5b512","sha512":"1639fe79fe12167f05b2a89cef2675e5da69087be3e4f73b7d9191e3ffb6892432c56a12d86afbd98b1b910a2c9f09d84236e2aa2940557cc2648dd96be078d7","ssdeep":"","tlshash":"57b0122d5719b07cc0f0320e1da3005dfff0b6411d041821c20032c04230fe6048cd28","size":106,"data":"","first_seen":"2025-10-11T11:12:36.194251Z","last_seen":"2025-10-12T14:47:20.687342Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"18fcd73eae8f118b0bf5f4cf5d1d766e","sha1":"ba04e10d190e8498c65ddd2e62a551defa394d1f","sha256":"330d2610f8423bb549e6a709fa747ed958f3eae7ebc2e6d26bcce5f93074981b","sha512":"6445749cfa42c3f96fa6004bd967fb2339cf954fc32695bf7066519d0aa0cd59a2e2287da3d656fc30726f173565800befd7676605291441843dff76991aef28","ssdeep":"","tlshash":"c71000000000000000000c000000000000000000000000c00000000300000000000000","size":2,"data":"","first_seen":"2023-03-07T12:23:15Z","last_seen":"2026-03-25T06:05:44.585077Z","times_seen":175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7c7df65cefe30f994bd221211685e519","sha1":"dda026caffce345e7129d251c6def23f81fdef32","sha256":"ffbe98af644d87a279a8a822ce62ea57da410aa0b0f8805c9e1e4456fab85413","sha512":"34707e5f9af555f692b140571d910b2a81df60ad03bc9ca7be7443f50390c11b53873776b1ea7ed27e7f8d3d232b98da0b951e9cc776cbae982063328066b75d","ssdeep":"","tlshash":"02f041e4d4936959bfc1325295c7032ca27cbd22553c1e0e804425ebc0732f7a43ab1a","size":560,"data":"","first_seen":"2025-10-11T11:12:36.076773Z","last_seen":"2025-10-12T04:36:02.713134Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/html/r20251009/r20190131/zrt_lookup_fy2021.html","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"cafc5df19aa4eef2027cf42bfa9d4d0a","sha1":"7a7d5e4191a47dbb53bf71e8772eecbbcd7bfd1a","sha256":"d71ca9c189beafb0dea412644e2cb2e25f7afac8299640e520071a58e0306294","sha512":"d2f503e53fb0cf3bf73ffb3d84bff1d4f79c0d98cd90e4077f59e65a4819ecde85d84244dd449b5aeeb3322ee9bc934da2d262383727d06dd0e87516caff22c8","ssdeep":"192:AWA36uZ8g3WsczaBMcnRQmO3cSuTX8/fTdb/roK2lzoU4f:AWA36uZ8qkzaBMcns3ITM3NEK2NoU4f","tlshash":"f402f9e9b771646753f394a6003f2a02e163a612f808c49ab65cdcd7295475a03faffc","size":8521,"data":"","first_seen":"2025-09-29T19:52:09.81162Z","last_seen":"2025-11-12T21:03:41.073455Z","times_seen":1545,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"419af6d362a14b7a789ba1c7e772bbae","sha1":"85dde59bec27686708dc612f174dee372e89513b","sha256":"5b486fe5dbf39aea33037cf94e46b280dadf3718f67583b2c54b4b0233a85c69","sha512":"9d7fcedf3ae6c54b018a34ea0468ed3e76c49831cb684042ee5284650a9f6b8bf49d2398484b2e850985766f587539d5dcdc5bc4c3ec9b3f5973d0a10f1e2310","ssdeep":"","tlshash":"c710000003003000000000000000000000000000000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-08T15:49:28Z","last_seen":"2026-02-15T08:00:17.24358Z","times_seen":3885,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"8825b9eec2db9f210f8adeb4755d4f07","sha1":"7ba878b9bbb2309914574233252a4234e9c781eb","sha256":"a08c925fed8ffd1710d3a4606109fcc3cf10d05a59c0ec9b52a6f81da4ed6d3b","sha512":"a331ebb0e82a9d56532024d66cbbec7855d932587d0b7b5db6c1a5042674d80c852e737b97b1da7e25ff72765eb48aaf7b020b1e7bbd66fa6d2fe3ab186fdd42","ssdeep":"","tlshash":"c7100000003003000000000000000000000c0000000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-13T10:55:38Z","last_seen":"2026-02-08T08:59:41.237975Z","times_seen":2196,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"52b2988b8864fca11170b8db19696fdc","sha1":"35ed0c826531f9d608f445aec082cd56516300c8","sha256":"343e73d86aa2876a5ed0a66527a00909bf51927b87dc14acd777de5e2f391970","sha512":"4ca8450400eae263c678bb9065dc87c7be21962b3fab5a5d41e6473235f7906c9ef51759dcf8634e019befb903a310d8d233a1d1b74e6c314fbe68a11336151d","ssdeep":"","tlshash":"7fc012bd2424a6351cb914b97033d768bdb330283a537914815dc8588a78ee74c52c95","size":193,"data":"","first_seen":"2025-10-11T12:50:11.06317Z","last_seen":"2025-10-11T12:50:11.06317Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"dd36d77a68c7e580cd121ea4c2eb49dc","sha1":"99c6ddf9f2365d5a47d210becd257cccee4cdb3c","sha256":"6726af4114dc20d275b016f1b9f1edcc7ccf5f82462ddfab8d1117952ddc70d5","sha512":"5959a4cd5195c9048158c7635aa59e2671086c1e96b3615a7bf8bdd2a4c46d45b7685cc5900fb842215d5d907284507f5d603f2f3bfbae4056459358ee9f95d1","ssdeep":"","tlshash":"b7d0a7e31c0c807e853f63c55ce346ae26d3b0aa17c50f0aa9b671b84750c499accbc3","size":248,"data":"","first_seen":"2025-10-11T11:12:36.174801Z","last_seen":"2025-10-12T14:47:20.390188Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c88f1c9ce8f1c5125fc5659f48d25ecf","sha1":"ead6259a56b937534398b1b264180d7cc7fb0196","sha256":"d973e79efcce7324b1b4c56447a1f88dcf13f93cdd06ea9dd33bc9f0e8822027","sha512":"78894c322bfe6237cab24952fe0591bdf930cd477d47badbcfceda79b49b048d9f24710e3ae4f12dc32f19923aee477b8ef0b62fc1a0cf540be61d4eeca61006","ssdeep":"","tlshash":"181104b2f85854641fe7469a412feb29c2b5124ae4023a02b25171c105bff45653ef05","size":983,"data":"","first_seen":"2025-10-11T12:50:11.065229Z","last_seen":"2025-10-12T14:47:20.462434Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1cffcb07d8055f5fed825548f3618be","sha1":"5a9fe40497bd859841f299cfc0c20d7e0a7c72b5","sha256":"49e93a886b3e7f5eb05a08c973437c994bf50ee1b504fb594a3d28cd9488f069","sha512":"ad8445791b9d2c9bae78018063d0922cdb65cb6af76e438bf525d30dca2288678063bc601f24684687c4e523351c2e5ca3eafe3b07b14b473d95818b998153a2","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkYKbU1FL8Kkms+F:Sp2PagUxT8xYqzkY1LN","tlshash":"78a3c5487b91f4af1286603b323f901fe1e50e905088e558d147f9f81ebd747ba3aea4","size":103809,"data":"","first_seen":"2025-10-11T12:50:11.017307Z","last_seen":"2025-10-11T12:50:11.017307Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"202e701f04a4cd9190764381725a7e3c","sha1":"1f0cadd97219506a6264a613d08f9665a8c82519","sha256":"61c40d87fa8391426a95563654a5f00468b52422cf56dd927528b7be284d29ad","sha512":"678f96484aeb9b23c1cea9e27c8a7a947fd130050d0ae60caca72d145dd88c400a0fde4634eb43d23cc513a292d3c6f8641d4e9e6e5bcfe321b83b4cd3b913f7","ssdeep":"96:OEozCqrV/Kx6pqp2ZnYQr9x/Kx6pqp2ZnYMd1/DP7CCfMEDaH:WzzysZYQrPysZYMnb+CkCaH","tlshash":"c4a109393fd376f55cb2e4ba66be6618ac50c0099150cd817c9cea860f6dfb409b4998","size":4805,"data":"","first_seen":"2025-10-11T12:50:11.066536Z","last_seen":"2025-10-11T12:50:11.066536Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"63b48721c040848ff22586a0ae2efac4","sha1":"8dcf6608d63edc344ffdd6ef0d80c579b15b7182","sha256":"6da7af9d30d01daad06126b90e565faf957f76498168ed9bdc118b0c70028f14","sha512":"c13886a3d7e3afd98ed02e4fb7e777bc011c1cfe1d4460b5af24ed826baf4dea4b1e949c1735fbab40eef0ad16e6a12d63ac19058c39c97d510b86f738f818d0","ssdeep":"","tlshash":"2af0966a3132a0437404500e8c4a420abd29c38a8718610fea245a4f668cecebabf210","size":568,"data":"","first_seen":"2025-10-11T12:50:11.071131Z","last_seen":"2025-10-11T12:50:11.071131Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0707ba092e91260b305c326e6a353593","sha1":"8e425ff79c7c294266f1a4093c553d06af472609","sha256":"57c0c455d8387d98c1c911b2508f888b869fa54df4c06e1c2207db65924b5546","sha512":"4a43c282c8c1d104c84033a05b68928ae27309c5e516bc1dd28c323ff33c75a36d7bd7d82dafd707c60afafb4d337d57b67d26b6d368c44eba5cc22d96ed208c","ssdeep":"","tlshash":"c710000000000000000030000000300000c00000000000000000000c00000c00000000","size":2,"data":"","first_seen":"2023-03-07T12:07:29Z","last_seen":"2026-02-06T08:00:01.780037Z","times_seen":1741,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"440c5c247c708c6e46783e47e3986889","sha1":"793423a97cf6880fa56bb9f56fb0cf146a1857b5","sha256":"be2138c5ecd4e39482dc174755a2a184ffbd4ef624001e8f24295fd60e9aa08a","sha512":"d11b29a00df91584d04658e9fab61a5dd91393c1c15404d31b9d16375ed7e292c14e7f9259b61573b4dbeb90c6ffd935eaf2409f809b2a27a59ded8a716277a3","ssdeep":"","tlshash":"c710000000000000000000000300000000000000000000000000000000000000030000","size":2,"data":"","first_seen":"2023-03-10T09:28:47Z","last_seen":"2026-02-13T04:30:22.033261Z","times_seen":4975,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"47200b662ad12694a65c55cb986e8c72","sha1":"f6e51f9235a1cd77404ba261f3fac6c378d345ad","sha256":"e4618d7490c6488af59db36decdee12fc10d69e25b03a6a3b727269ced0b9474","sha512":"99ea238fc2d23b8827387063cb936d193909db57764f4e46ced184813b74dc50f3c7069a0d424c41b62ac7b16a5d38aa3897392d771f757884dc6550b1640a25","ssdeep":"","tlshash":"b2c022a96c530411c03de6000efb5a06861ff0acace41b09680070084d541018c12c83","size":187,"data":"","first_seen":"2025-10-11T11:12:36.4198Z","last_seen":"2025-10-12T14:47:20.503185Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"5d86faa14bcb9cb21151cfa62e906b82","sha1":"41af082c25007d2a99b1ff3dd8a77d3ebb9a1d19","sha256":"72bdd366f65562770501984a809d50419bc0547e9dc1a2b81b11615e08791a08","sha512":"7d6c5f6f1e70afcd02572f2ff34296594c77fc96c38c1d98a1d1c84f6b3550315f338d5cfe41e1a533354deeadae394342b4caea46fb16fb6efe30ec47fa7e7c","ssdeep":"","tlshash":"107000083c0820000222b8a0028b08080022802003008802288002808c3200e003280e","size":22,"data":"","first_seen":"2025-10-11T11:12:36.109733Z","last_seen":"2025-10-12T14:47:20.540596Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"38ee2f6ddbe8a478e5795030e72ba35d","sha1":"d332319b04b273e3b9a93ffa22ba9036d59b8e99","sha256":"97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319","sha512":"15610a3ce0ff69817776e355c350aebc006a7744a941c1258fe16a2e73445d964fd94885bd4b50bb2e9ea773a5f95bf1aa124fd90a3252ab2769d2870e5fbb95","ssdeep":"","tlshash":"20d02ef7f4d5ac218809a3200865e9083032e6feb3a08de094c0063a488a8ba9306fa0","size":275,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-04T11:01:34.904799Z","times_seen":96697,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f3bd0c73c1891145a34a62a9bf604617","sha1":"42e75c504135ac7cee9239a7262bc6cb1319b71c","sha256":"d332add97050724975d6d0b0b32dfe4a17927343f3011a1d3c7d12310c4106b5","sha512":"091de2eed582cc08ab3c2fb6a5ab8b529834b251bb21802c5e32f2a1e26cb1d60774ec33713f990ae087ef9c7f4ade15f100183673adde05c0e652a29b530937","ssdeep":"96:OEoz+qraanpwQkvYOZuv+oYQ9NnTSzdJ2tNW1t1/DP7CCfMEDaH:Wz/ps/24QH4mNW13b+CkCaH","tlshash":"cba11aa52cb6a5741d3bf0ab51b6775cbe21810fb5009d4ab89cda425f207f04fa8dd8","size":4807,"data":"","first_seen":"2025-10-11T12:50:11.076665Z","last_seen":"2025-10-11T12:50:11.076665Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"bae3f90cb000352645e35fad60da411c","sha1":"00023f94c170125b979cb1914925d06ab1abfbce","sha256":"1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12","sha512":"d83d07979674822b4c966ddcb3bd4feb84830834e1f9fb255774ae237056cc357599e3aab9c6f47242aada2148a65c9ea11c859b1e8f550004535cc363fa02db","ssdeep":"","tlshash":"03800000203008388088000f3032cb8afaa0a22ae2322800c8a88c2cb0e8f80ba28838","size":35,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:47:18.416016Z","times_seen":137551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c846ddc53010e619376191550f377b4c","sha1":"3c8680ed47452aa25eb761a29ea14fb60e3092c5","sha256":"16526cb47ffb588073530340a49b2e8d839d701e0cbfb9184edd157b5b5394a6","sha512":"50abb504153e82e1a5be05071e11179802822b531acb68dca1f6018d92fd7477892bd88eddf826c84b2417fcb6db21dee99b115202dd6adba040bd05ea5431b5","ssdeep":"","tlshash":"a980000f3e0ca20a020330e0080b000a02228000a000880002c8008c0f3238a008280a","size":27,"data":"","first_seen":"2025-10-11T11:12:36.097172Z","last_seen":"2025-10-12T14:47:20.660979Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"89484b14b36a8d5329426a3d944d2983","sha1":"67b8b1c4fedb2e38e2eb26f403b9c2b2642b0a2c","sha256":"ed5ad332c106043712705210b4f3d1179e49c5cf426520c74cb8ec48b22b1961","sha512":"559c6951bce747dbd6c213602beb0f97b96ab5cfcf7aab0eb1925e14f811e4e92ed58c3d34fe0019312ff61008e9cc81dc5d28155de24cd398a7bf7a3ffe938e","ssdeep":"","tlshash":"c710000000000000000000000000000000000003000000000000000000000003000000","size":2,"data":"","first_seen":"2023-03-11T15:36:04Z","last_seen":"2026-02-09T07:58:59.126805Z","times_seen":1294,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7ef510e9829a7ced8d3d9d78ca5dc33f","sha1":"12f6f00dfedeab554b5b97648be08dbefa7b6034","sha256":"c0dfb4424e9a8e389384e9fb33e1683edc05a0e46b23900720f34bfb27e665ca","sha512":"13967f6f3660e3be459935a0afc48a796455192fa368a1fcd7aaaf28e7c9eba3d88d4f83a4e7b373a035c3805b0989c86c2eac2f59ce939971a3af561bbd9722","ssdeep":"","tlshash":"6af041e4d4936959bfc1325295c7032ca27cbd22553c1d0e804425ebc0732f7a43ab1a","size":558,"data":"","first_seen":"2025-10-11T11:12:36.120111Z","last_seen":"2025-10-12T14:47:20.496544Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"8cff5423006469332e8ae5e3a8c8559c","sha1":"45ed871fb007374f36dcbbfef703b2bb539ee75f","sha256":"79df3742da86cfd49d39e6cd1d7bff35bfdc7ad2898852552dc336f8b9663ae2","sha512":"e5a744d81e4237ee4c8ae71e87c62f651045022ab3f180213d025bb229c804b7566dfe7aa539e1c1def586e8936ed9c876b298d5a4ee37afe5d9e49631757724","ssdeep":"","tlshash":"c71000000000000c0000000000000000000c0000000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-08T05:59:06Z","last_seen":"2025-10-12T14:47:21.793348Z","times_seen":236,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"61822e915b95c80bf436269edb781555","sha1":"9523bdafa3490a682c6b7e5f5d8199d477b1e03c","sha256":"9d841347045b88e5e100f28c53bbe0e029452fad803510f0cb0c8af5e98f8edc","sha512":"54fbbf65acb3de2bf03e57e36511f89526c8ae8c6a4862d5e991a858b50b7500d22a6703fbd88b6867809c30bc39dca5dcb18980f81b0afe3c49ba676284da44","ssdeep":"","tlshash":"2c21634b20a71b6b74e243ca40cf17ad455a1d17a86a080cf683767d09b0a231035530","size":1154,"data":"","first_seen":"2025-10-11T11:12:36.084729Z","last_seen":"2025-10-12T14:47:21.901054Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"3af9302012f3d264a8111867012d3efb","sha1":"14c9cc25da356cab2f254b3573639e84a2d2ae98","sha256":"283c9b6a04b742be5b72f76b268ca36f61a0dac60df354fc1adfba08b76faa93","sha512":"e1fcad8d512340c112221469e88fe26ff1af3d309a4909e78e592c134e3462f84d5fc2a4b0c23eb073f898647260b2411a9527db78c6db8ab221cab1ea70c6c3","ssdeep":"","tlshash":"d1f041d083c6cef8c70071e22cd27710b9726c54354cb8068b07f8d28628b6ea0d9c1c","size":591,"data":"","first_seen":"2025-10-11T11:12:36.155933Z","last_seen":"2025-10-12T14:47:21.313432Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"2930e6d8ba9d3fa17005d1b52eb1b9f8","sha1":"1251ec84398e53c2b704c807cfdb0e868b0e2263","sha256":"21aa2c1ab2104c55542b2ff6d3eb83dcff0cda7e1d721c0f625494e1d69f8d19","sha512":"bf1cae61884774cdf4ec7264e6d26412be57dd90ddec36071a82e645215e02a45b528b91e34428e1ea92fc05f7a1a8c85f6d678b959d2b97bcd0550dde190af8","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MBgHS:8qt0O248I6ngWCIj2XMBR","tlshash":"9703c88d3f61b85d0796a033723f840ae6ee4e0458dcd8e8e4076ca0fe68755d4b7ea5","size":38394,"data":"","first_seen":"2025-10-11T12:50:11.029769Z","last_seen":"2025-10-11T12:50:11.029769Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f074703594b8892c0ba2ac2ee2f4874b","sha1":"9b4cd1b0e09620c3a7b1c7b1c499ae88ee2df5d8","sha256":"25d2cd928d9a6f99a794f1e8b08dfc5ca23dc92c5768516114f753f95be9f9e8","sha512":"d8e627abd3365b5b009a3fff66315cb1687bd02d821cf21fb0335d6e776d1a4efdc99c376e64abbd376a39113d10703dff83c3cb0a78ce0d09e9814a6859c25c","ssdeep":"96:OEozEqrEtBP/MClRL9hntrnJ4ib0fJL9mqk1/DP7CCfMEDaH:WzYrMW7tTCx9ncb+CkCaH","tlshash":"48a10a6e2e5b703a7863f56e02bf7f147d12900b6905ee13b86cde411b20f9109b9da5","size":4731,"data":"","first_seen":"2025-10-11T12:50:11.084027Z","last_seen":"2025-10-11T12:50:11.084027Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"98269e1b224af1ac1ac0d7acff6071d8","sha1":"7e1f4be5b3f769133d9cee134522c2ffcec4f856","sha256":"284449ffc3252fdc40019f77a9c013c0acb8fc91c06c07de9e54fbd2cd709c2a","sha512":"8453a5c690edf74c4531c62c260331bf9c411e0dd6f6f81c2c5de3e8b0817235f7e46705f4a9c280fff6d783772a7c36c1346e764af1c9ec072fb963bcdd91ba","ssdeep":"1536:v0fQ73qUoUjDqq91gMO11A8D3k1P0di4mDLm6mzED0zP:vGUoUjDqq91gMO11A8o1P0di4mDLm6m3","tlshash":"8833d563679cca22841729a4dc36f79de0728967026edbb19c7f4c3bc1a510e239677c","size":50999,"data":"","first_seen":"2025-10-11T12:50:10.992932Z","last_seen":"2025-10-11T12:50:10.992932Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"440c5c247c708c6e46783e47e3986889","sha1":"793423a97cf6880fa56bb9f56fb0cf146a1857b5","sha256":"be2138c5ecd4e39482dc174755a2a184ffbd4ef624001e8f24295fd60e9aa08a","sha512":"d11b29a00df91584d04658e9fab61a5dd91393c1c15404d31b9d16375ed7e292c14e7f9259b61573b4dbeb90c6ffd935eaf2409f809b2a27a59ded8a716277a3","ssdeep":"","tlshash":"c710000000000000000000000300000000000000000000000000000000000000030000","size":2,"data":"","first_seen":"2023-03-10T09:28:47Z","last_seen":"2026-02-13T04:30:22.033261Z","times_seen":4975,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"87a54fc83cddda1830c36628ab2c5ae6","sha1":"f55978fccba453b6269822853a89d24984d21b25","sha256":"94f43cf75323d0a96d54ea6abd61c33ecd4e7febff02275ab7430ea7481f9b2f","sha512":"a69bfa8f044dc20fdd27985329260aae56728c79bd440a927a0fa6080955d0949081ac1249d9c9feb00570a7e40f9c1ef0dc5f96fcf4b640440a44759b7a5086","ssdeep":"","tlshash":"c710000000000000000000000000300000c30c00000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-07T12:07:29Z","last_seen":"2025-11-18T21:04:20.026216Z","times_seen":397,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"281319f65c14e700a2b50721b2d61a89","sha1":"face8b00f611439ac07317971bd897e8a962299d","sha256":"2b7b601f6624871e56bb1fb9686fc033460d94d35ea57eec576bc56466b631b5","sha512":"377153899b938bcd274b09306ddf052894931cb9188c22fe5d563cc1bffdf13eec93201c9d42bb4d563ea0e812bdb77342e10b9558be7d669acafeddebaf08e1","ssdeep":"","tlshash":"06a024043c4435cc11110c440c470c3514d70314f0dd010c44cfc54507340d70135007","size":79,"data":"","first_seen":"2025-10-11T12:12:30.912163Z","last_seen":"2025-10-12T04:36:02.733547Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"449fcd8ab52216b5843bb3aa706b1feb","sha1":"df3fbaa84a2f81821ab77c5d966badfc0ed1d8d2","sha256":"f328e67a398e52e29e1e2ebe7ca9f98649f2bc4c325bf25c01ec630e6320433b","sha512":"62305357427729826e76dbc0f2442defb0ec13ce1c1a5a19c7b73e01a9cb94e518c13176d18188506ba295a81595060c4036f5c017569b7788c2a155b6a892ef","ssdeep":"","tlshash":"6341f73a33973bb28df3eaf366bd66286c99c008829045e13c5c5bc6076ddb80275849","size":2027,"data":"","first_seen":"2025-10-11T12:50:11.087456Z","last_seen":"2025-10-11T12:50:11.087456Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"429e5f32a961550c2099e8d327c05f03","sha1":"3b7b2ba583db3c879b09d0416a09e4a616f27422","sha256":"a185c549141ac7f5f925d85e097e6b37084397e1cfd1adf0eb1803c3eb80fabd","sha512":"b9b97521ce0e8fd55d5f36ef09446fc686735f8aacecdd6d79b0d738b2f0fa909a2ce090fb0e1f3f2df646a2b172a92c6f9db504ac7c803051ecd4aab4c5900a","ssdeep":"","tlshash":"3b7000083c082008022238a0028b0808002202200200880028a002808c32a0a020288e","size":22,"data":"","first_seen":"2025-10-11T11:12:36.452053Z","last_seen":"2025-10-12T14:47:21.398198Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"e1e1d3d40573127e9ee0480caf1283d6","sha1":"06576556d1ad802f247cad11ae748be47b70cd9c","sha256":"8c2574892063f995fdf756bce07f46c1a5193e54cd52837ed91e32008ccf41ac","sha512":"e32af21345e7a932da186a47adb173dd1c6998767b25f8397f3740e87e591c2370be6f2b11c836ea6b4978034fff239309f721e7bf2491b6ba099c347fddc26f","ssdeep":"","tlshash":"c700000000000000c0000030000000000000000000000000030000000000000c000000","size":1,"data":"","first_seen":"2023-03-07T01:15:06Z","last_seen":"2026-04-04T06:59:43.038131Z","times_seen":58954,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0f3526400dc9d9fd89be71e0074ee009","sha1":"9f68aa400b1d73aafe1f9e7a16caa67f2ba04298","sha256":"57ccbee8f064710f97c9123a7a4279b3369e6eab1b900fa2a2404f9631044293","sha512":"06f760832bf17a993f895b363b192ea7f23713daab7162d19822853e26e28653e48d05aeb3028d31a0ae06f7814eca493e6c7d1364b76fc1f549d4a44125dbe5","ssdeep":"","tlshash":"c710000000000000000000000000000000000000000000000000000000000000000000","size":2,"data":"","first_seen":"2024-09-28T07:41:44.70621Z","last_seen":"2025-11-05T14:50:00.407053Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"279c04315d7092e14b5ade6519f18a8f","sha1":"76f027b4c2c072931db410e6136df64f68f77ec8","sha256":"e51a2105711fd3207ea793b91122055b42fe24d7fc38c4ef7fda08481325d405","sha512":"262d9cce7a841ec61bade98b4bea8d4e80a904b7b4d5be06068a12c2ba3a630d8522561e8c840a95bd0e92ebe76da49e7d207ddb5476d7774fe800a4c839747c","ssdeep":"","tlshash":"5ea011082e00a8c80a300cb80a2b0a88002a2200f0282b0ae0ae82880b200a3023280b","size":78,"data":"","first_seen":"2025-10-11T11:12:36.51125Z","last_seen":"2025-10-12T14:47:20.974596Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbf3947cf8f979a933b2ac9b20598e70","sha1":"8c7d99fb0b0a475a6bed2d8d1b77f4dbcecea293","sha256":"78f154da76b2b14c38caa5a6708fdd64b677b7d15afe48983b7d991f6bf6f29f","sha512":"f7276ac9d954d8665a47cc1bb15e2de1d9200646a0f1288472965671415727f796520dc6e54f712ff4374062bdc0a6cf412b9abd0ab7bee4602f3c025118af69","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MDgHl:8qt0O248I6ngWCIj2XMD+","tlshash":"5d03c88d3f61b85d0796a033723f840ae6ee4e0458dcd8e8e4076ca0fe68755d4b7ea5","size":38400,"data":"","first_seen":"2025-10-11T12:50:11.025098Z","last_seen":"2025-10-11T12:50:11.025098Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl17791347.revenuecpmgate.com/e7/bb/f9/e7bbf9053e97b1beec7b178829197d71.js","fqdn":"pl17791347.revenuecpmgate.com","domain":"revenuecpmgate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3dfe50e0a083c7f7d9f094c99e0e641","sha1":"3a428a560202a68c417a1dafe9e46cea8ca8e91e","sha256":"dcb90ff15d7a3adafc583390e61fbe2408c6506f62f44233a340bbdd00e70374","sha512":"366ca2c25802b6bf2b71f3e46c2b5eff712c17b2898e5c70b14f252eb11bd0036434a0b469533afdc0cdc813ea30b411b330d58986c02fe600b090dd395eb8f0","ssdeep":"1536:cY+Z/qOJv+PThsgBLPkpzNluQTFDeBsbZum+iQ1G5SmqA01FHXgG3DFHavgX4:cY+3gBL2lj5qBsbZuQEG5SbA07XgG3De","tlshash":"a7a3b7887f80f05f42b7607a623fb10bf19a4d41d59ce95ce163eca12e7831bd53aa64","size":98400,"data":"","first_seen":"2025-10-11T12:50:10.987235Z","last_seen":"2025-10-11T12:50:10.987235Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb58b889ebacd8be68ff4c553f378338","sha1":"da789006a0cd4feb3f3c9bbac88824c03deac981","sha256":"364eee4f1bfe5a6cf1d6ebee6e785b473b35940143065d525e227f67d00d2e3d","sha512":"9d7bdbb1c78301f6959441e4c3cf7e1a6c3cb9b1537557548a23b68eac6e6e22054ed7ef48f98000a7e5425ecc4cf1c87a2fd568d2951e990144a28fb3b525cb","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MfgHe:8qt0O248I6ngWCIj2XMfv","tlshash":"dd03c88d3f61b85d0796a033723f840ae6ee4e0454dcd8e8e4076ca0fe68755d4b7ea5","size":38397,"data":"","first_seen":"2025-10-11T12:50:11.033082Z","last_seen":"2025-10-11T12:50:11.033082Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"76691d6c490242887e52e65aeb8e9512","sha1":"4150bdbfaf0d329db2f9728950bcf7f6fbf2b850","sha256":"d2405c9dc2c5390a96ac362541444e1ece42aa3ef65cf795fd95be3ced21cf32","sha512":"51dfddf210a369ebf26e936821153d5acb3b00ce5cd931e23f6ba56becd2c64b1c877b82862c9a8cf8d5151d9f24e636d52295be2c4fa06dce7d865056a37ede","ssdeep":"","tlshash":"c7100000030000000000000000000000c0030c00000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-08T21:28:20Z","last_seen":"2026-02-24T05:20:41.548491Z","times_seen":3085,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"ec384ac18f2d58007db9da2c0bb8555d","sha1":"9f5b4add8c6c5fd789bb5679c817e087d25cbccb","sha256":"632ab3950926f4654b067fc5a816daced450918fb834cde150ad92c674ae58ae","sha512":"b95c46d49f9e9e82dce4f0854227186af92b6d9cf76478d96b1efde35fc7781328f361bfe88c84a7e81810b0d37b581d55cf1731ea0470273a4533f4066cf1f3","ssdeep":"","tlshash":"aca02230bc30bccc02300ea00a2ea80c20b320f8bc200e0ec03ec20f03280f3023280b","size":75,"data":"","first_seen":"2025-10-11T11:12:36.033455Z","last_seen":"2025-10-12T14:47:21.972932Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"61a6f2652a0b6db05139abddb9b96ab7","sha1":"05548eab56f32db3c8c42fd2487a3f3b3ccf0ee1","sha256":"cc6e0d6af3dc4f620458aa79c4f4c0631ebc1bd55a148f5e9a06ea8874885831","sha512":"f2f89b1252cfe849de0cb4e8e8b7ee29cf99c563c5113ede3c45d470d5d14c45e0a3e30e560a79d14bfd4c46943c24a8444a1e81e4a0e93addf71ebdeaccaef4","ssdeep":"","tlshash":"4780047cdd4c5c350f157415001740441177700d50150005170004c44f311c5140fddc","size":38,"data":"","first_seen":"2023-03-11T13:53:37Z","last_seen":"2026-04-04T11:47:19.137828Z","times_seen":201412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"49cf87376c1491b9733f032718b7551c","sha1":"10c8fb0af824bee655f666dc38555b62e9cb759c","sha256":"9779fe38fe7be4a00008e75c6f3f7d24a8051a3616227bb0e30694f481283699","sha512":"6ad201ed16f0fe8d4cd16872c7bbdb71deafffda0c6814e7ff7259cf25bd5d7eb0ed55bf79650c7505d92522c1364b814a6f4d86c57bde510e3bbae722931596","ssdeep":"","tlshash":"42c080ecfc57f5b9c1032a2045077d051b7f2416d1d4eb10d07500d56a34957453745c","size":162,"data":"","first_seen":"2025-10-11T11:12:36.213884Z","last_seen":"2025-10-12T14:47:20.664385Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea09b451d33c376e656ee5f6ffc49fdf","sha1":"ca687d890ac32a82e0c97a1ac6b081ba7f146014","sha256":"21e581d9ec4a1f55f80a54e754d5078168f9d3da284e3317ed69f69b05f4bb25","sha512":"38ebe453415afdea51fd2f2cf4648412d40dfb98fbf9edfb0f3c10464c7d4841615cf8c2b2721ac3e6999c31e5bd5d79c4e28e573e19db2bf8b393dc80794180","ssdeep":"","tlshash":"53e0c90c8eab7194b84920b547ed62528ce484178710dc4a385df305af483028e5e6d8","size":339,"data":"","first_seen":"2023-03-07T12:04:06Z","last_seen":"2026-04-02T02:26:04.006026Z","times_seen":220,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"f68d8c5080ce7162ae7f3a9d55a78369","sha1":"c0a0b651ff82bf9e198c6bf5d71e8e0b62929192","sha256":"e4daf678708ee8c07dd8f19d6fc85859b8489a67a947806f5e2ff953fd43bd35","sha512":"a64d78c55ffefcba63a7b31805bf2195f31b6a4943410751a83f8dee5bfb63c9a6c2278e6417dbc93f891a540f57e8a2f9c2d501b8eec4a8851e9907c5990011","ssdeep":"768:AwEkEiHwPv+vxDSAHHcugB9qzpJZzut1Af5qCq0yAVwpFwQnVWe0y7ENJy:bZ/HHZaMx8+y","tlshash":"ba53e2fd532690e414368f6caa9fc61fb7c4dea852a8121affa72b030203514a5d7df5","size":61410,"data":"","first_seen":"2025-10-11T12:50:11.09536Z","last_seen":"2025-12-30T20:42:19.425002Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/3878540743-widgets.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.74.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"21eece0b7a222dbb78c925531a656c27","sha1":"48d0cc9691ba9b6229b5e4ec20e8a88c43f5af6d","sha256":"7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106","sha512":"197338ee2203a3e54e007d8b5fb5ee330667d86536e7d8f5bf9d150e3f7d1fa0f42fa033abf6f64e20fdbd68c8e7b6aec738fdb046420cbbc1b9608f28878f7a","ssdeep":"1536:ZJVLTvRqRF9UwngQc6MYse/412eRAMwPlH2NrAtSKUnvGYgMBSBWV66dSDXsZAas:oF9USb412eqXsNrPK+gYV8sGJeNNyN","tlshash":"6ee30ad8b79270628373b4b5003f010ff13a74aae84889acb188d9e57e749695677f7c","size":147538,"data":"","first_seen":"2025-09-29T03:21:26.936869Z","last_seen":"2025-10-17T21:16:23.593664Z","times_seen":4190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"3cc844481f3c6201c1a95643d809d46f","sha1":"93121bda18854b1158b43cc9c7a169391e3a17a5","sha256":"4e236638e59a420dabf669f3d5e9153ee250d1048393205ca788a987a9d93eac","sha512":"780ed855a7553659be80ce49239a4d68ba29c5f3eb709fed222440cda9f9e3ed9a97b03e5aaa78b905cb7440ffcd9e0594d9f442e846e2d0c8c8699c035c6276","ssdeep":"","tlshash":"8c80000c3c0ca280023b30e0000b080802228008a000880002cc00ac8f3baca0022c0b","size":27,"data":"","first_seen":"2025-10-11T11:12:36.35005Z","last_seen":"2025-10-12T14:47:21.711691Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3da6e83669772dccbfc79e363ddd4c71","sha1":"ffee782a93f063a09ffd6ea34e366e56923de952","sha256":"8516f2209abcc9bc49102beab9e29445495ca8aa72443dd769ecc059d669fcc0","sha512":"25a17d051377965f7d4f2d84570629cef191f880fff513d6c61135596b546288fcbbaf73fefe8c7a5685986bffcdaff336a6fa8e380ec722c60e4d9df529c21a","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkoKbU1FL8Kk+s+F:Sp2PagUxT8xYqzko1LV","tlshash":"9ca3c5487b91f4af1286603b323f911fe1e50f905088e558d147f9e81ebd747ba3aea4","size":103805,"data":"","first_seen":"2025-10-11T12:50:10.990286Z","last_seen":"2025-10-11T12:50:10.990286Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/bg/JC95ub0RqwIqGkOag_UBKJ1rVEFfMsHldUmzjWKWEz4.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2e6ac41680eeb112ba416c21249d9bd","sha1":"f3ef0407254c5756d266f8f1de346c5c3495003e","sha256":"242f79b9bd11ab022a1a439a83f501289d6b54415f32c1e57549b38d6296133e","sha512":"a34df523fbf5f2a4c54738132828b8d0af9be26023c25e7e91263d6d65fb8f0e9e8183c26ee5468b8bda966090b14773cfd867f4a4332eeb6013bebfa17cb27d","ssdeep":"1536:jZ/VhUVQrpP/mO89ZyohcZHoZVKs7UFphEGe:Z8VeuOqAo6Zha","tlshash":"153308cfb1e2a73699e2a0d2045b120da37e78556cc8181ef945b3f45a70d8b513af3b","size":54973,"data":"","first_seen":"2025-10-11T11:12:36.208454Z","last_seen":"2025-10-12T14:47:21.950933Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"969190785e3afb57966a3358559d0307","sha1":"26ba246378dd6e226f233803664d532abdb20deb","sha256":"2bd31c9760e639c214fdaaad76757f2c0fbac8aa0b6c55f59beabd35bcce97d3","sha512":"2913fe2b5772d20740b78aefb1acda9592418db703d9b1749d1353b745a08b952387aac568eac96104d343c22e1df058d547dd4b2187c36597ef3f1c425a6093","ssdeep":"","tlshash":"8cc02b4a37001386c36e40c14c470c5dc2a064c66c105338c7e01043e30028105fce16","size":132,"data":"","first_seen":"2025-10-11T12:50:11.098624Z","last_seen":"2025-10-12T14:47:22.059252Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"6a184d4737318afaa82d8f22803bab50","sha1":"0a4f625f8cec4c7d1a2524a0770d7abde28fb335","sha256":"ba8e73001fd95c1feacc8fa866572cc84fcdbb12e92eff0aa66419d0a047480b","sha512":"5a4093593ec65424f1f2aa7c30ab66adaec498f54202cb132faa84d15ab47bc7d9e00c2c7fdc3db093e03457be5118b907b91995b07c7e70cefdb418e74ddbea","ssdeep":"","tlshash":"0b31f9e08866984c2f6cf1e150ba73b9f73b5b68f9c4c4c841f895692722350df588e8","size":1548,"data":"","first_seen":"2025-10-11T12:50:11.099633Z","last_seen":"2025-10-11T12:50:11.099633Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"685a94eb815eba4f50620c8c7798d8b9","sha1":"fd93f3e52506f2d5489d04384632d470fae0cb12","sha256":"1ef2de77a608a9dfe5d258393b20d923eb00a5afc675f1f45392fb74bf990228","sha512":"013932722c12f04b09139288bc6bae34cd1894e50ffb35fa38e9a72f231e35b2ad467300ca95aec08aaaf4cc2a286f0cc0c8a2176dfa9c43fffaca1ea451e5d8","ssdeep":"","tlshash":"61e026177b5331bb85b3799660073f8c88797eb6e52a384dd26174a0852cec3485d987","size":322,"data":"","first_seen":"2025-10-11T11:12:36.338833Z","last_seen":"2025-10-12T14:47:20.994836Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d3f1e12f5fda51de98e6f5caed86a77b","sha1":"243212904765d8a33acebf405ae47335ca9a8bb5","sha256":"6ad2ff2ab1da48b42f5f0b35393bd06655c013eb2d7fb197579479c1d5a197aa","sha512":"aa8dcec1f98bbe86c157a37f8123e2f44065cdcca95a3173c2efbbca8bec5a6fed7f570864c2621ce8288479ec4346510d1b780e8fe37c844f3d8028dea8f7c6","ssdeep":"","tlshash":"40a00299bd4539834b251dd2cd27c59830e72015b41105044195928c0bb04bad622947","size":59,"data":"","first_seen":"2025-10-11T12:50:11.102083Z","last_seen":"2025-10-12T14:47:21.839569Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0ee0e9b638a6c76175a6f21dec69a2af","sha1":"5f1050066b9304704abba769a59b0582f34de338","sha256":"7605b57a019a45a4819ed506ab7ad92a66e6066ce1a0802f4b0340728217cb23","sha512":"b2acc2420bce42da5337d5fde354e4a32d8ce1dcca982b32c1159fac5f7fa2bee8e6b7b7a493753de3a52aee2ced8e3f10b9e3f753f73aa2c721e52b6b6aaa40","ssdeep":"","tlshash":"e6c02bf89100f3582473cc451cece201c300cd007418001735e0887341a0d5680e236c","size":140,"data":"","first_seen":"2025-10-11T12:50:11.103037Z","last_seen":"2025-10-11T12:50:11.103037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-8P38QL64J8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c38731f1dd32471d47a3254d03798aff","sha1":"ef57b1656501bee20e305a1b23bae78d5a02096e","sha256":"4cba91b7bd9aa88e8519b1c19f61950c7b8875edfdaeafc332b481f86565184a","sha512":"99dcd7c72df5f94bbf5abb0b91cfa41f16688ee609b9e6f66834c587639a081a79980d80d8dc66a038d2f25f61f825fa147e3543e541df4d7049cdde6a08814b","ssdeep":"6144:jBh/yp2a4tk0uwbWZJT+Nju5204O0NsYXdXAQY:V4YJm0KZJu0O8","tlshash":"ee9419de73d674225396f078503f018ba57b28a2b44cc89af189cde42e74a9a4177f7c","size":425140,"data":"","first_seen":"2025-10-11T12:50:10.994625Z","last_seen":"2025-10-11T12:50:10.994625Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c60aa01f836297a3407db9f4eea00ebd","sha1":"55a40510a28a67b7d22e0f5bed630a7e35d4e1c0","sha256":"3e7e9af5edb3d0beea2e326915a8078625c961b099e4b9b42b772732f97b1c63","sha512":"04c68b2928fe8db6ef017dd6d69770883212eff17888296d5bb76a3edd58e006c7e11ccc00b812f29639cf9ced614b7eef656bb32b01b0dbdf340b2e344c64b5","ssdeep":"","tlshash":"a8b002144c682884590b11726014681064a6845b1448993176cc55014f19f0c1944f98","size":107,"data":"","first_seen":"2023-03-07T01:14:47Z","last_seen":"2026-04-02T00:14:36.003443Z","times_seen":253,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"cbf205a3326c3545fa4495d8249c3e58","sha1":"57eef20e4479fb29adc97a75089cb88387e8e908","sha256":"59b3604e62f0366a2b4a832875f87d6b26e4c8d53e53d130a9b16e7ebc47c624","sha512":"9922e722236089742c6709bdfa86dfcf2488c4627daffea2121146ce7b3e8774a90fbe12f0cda53677de59c9f5e758ed5766a7499ebe35d018b6b846a1250bf7","ssdeep":"","tlshash":"cf31073a23876afd8fe0c9b66a7d092c98d6801ce1e044f00a6c669a421eda00440075","size":1545,"data":"","first_seen":"2025-10-11T12:50:11.104709Z","last_seen":"2025-10-11T12:50:11.104709Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"bc94fd1da14a3f9db26b633f64d1ccd5","sha1":"b119cad67de2914cda9772cb20bbd0dd47edbee3","sha256":"e3207fac4e79d2389312487ba4c5a1cb5c09dc7034dec99a3052119d5eb59a06","sha512":"19e714a4cea9fb09d5369e6b1d9f27f0acd1c7241e7736fc899a11c4385b8f30a0acfffa7680154bf68306cb11a4a1f54274ba02f9f90ba0dc8f23c754e2f0ba","ssdeep":"","tlshash":"2da024043c4435cc11100c440c470c3510574314f0dd010c44cfc5c507340d71135007","size":79,"data":"","first_seen":"2025-10-11T11:12:36.107009Z","last_seen":"2025-10-12T14:47:20.430675Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"91e5a46526cbc0f10dc480da3ca9f3ac","sha1":"5b888127dc012d1216a84af80771f34fd6e2f40f","sha256":"513b6b814e300d1cc0f4f1f60e2e608468b86cb90105aa563d06e8f008f5b66a","sha512":"9d8039d5a197127f8dcba7b1ee6baad19fe730db4efcfbc829785b498e1cd3417f7d2148fdca877c0041774cf89a9289b2ae47a3b4138b40cda4c17cf2da6e9f","ssdeep":"","tlshash":"a9a0240c3c4435cc11100c440c470c7714570314f0dd010cc4cfc545073c0d70135007","size":79,"data":"","first_seen":"2025-10-11T11:12:36.087453Z","last_seen":"2025-10-12T14:47:20.42205Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"5206560a306a2e085a437fd258eb57ce","sha1":"c9ee5681d3c59f7541c27a38b67edf46259e187b","sha256":"de5a6f78116eca62d7fc5ce159d23ae6b889b365a1739ad2cf36f925a140d0cc","sha512":"40422e2733a73dec2f9aac48e2ab48d3b2fdcdc1e3a88bc7ea855227e62c029246da1dd49dd057bb8a8b796b3b2a6f60d9d8a85de53df597e422b2f68c54cfb6","ssdeep":"","tlshash":"c70000000000000cc00000300000000000000000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T12:04:13Z","last_seen":"2026-04-03T11:46:13.091001Z","times_seen":56142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"282be4897423d1feadef75ed0f57480e","sha1":"22f634adbf7701e15ab36634ae0b61a8c518a7eb","sha256":"61ce4f2b076a88a4cf0e5f1afd5f0fc95ad7704b3e1b6cf6c11ed7f1f762d8f9","sha512":"a9c63605cffb84fa34753f985ea07a2204f4d48f8b4c0a1b49700843eebca929b6c9e6bc4bfb1876b6a2025c05ae4a295ceba110a87b0d38359e680b2a9aad27","ssdeep":"","tlshash":"c7100000000000000c00000300000000000000000000000000000000c0000000000000","size":2,"data":"","first_seen":"2023-03-07T22:29:05Z","last_seen":"2026-04-04T05:55:23.539505Z","times_seen":946,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0ee0e9b638a6c76175a6f21dec69a2af","sha1":"5f1050066b9304704abba769a59b0582f34de338","sha256":"7605b57a019a45a4819ed506ab7ad92a66e6066ce1a0802f4b0340728217cb23","sha512":"b2acc2420bce42da5337d5fde354e4a32d8ce1dcca982b32c1159fac5f7fa2bee8e6b7b7a493753de3a52aee2ced8e3f10b9e3f753f73aa2c721e52b6b6aaa40","ssdeep":"","tlshash":"e6c02bf89100f3582473cc451cece201c300cd007418001735e0887341a0d5680e236c","size":140,"data":"","first_seen":"2025-10-11T12:50:11.103037Z","last_seen":"2025-10-11T12:50:11.103037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"61e9c06ea9a85a5088a499df6458d276","sha1":"e2415cb7f63df0c9de23362326ad3c37a9adfc96","sha256":"fcb5f40df9be6bae66c1d77a6c15968866a9e6cbd7314ca432b019d17392f6f4","sha512":"61037724a2fb00a12fa8a53ada233f54ff7fc6ee02048e579b83a127ce79fc03906c35b5307beb18a3cf5021fe031ae6587448d4d60a082d73252fe2e2f4ae7f","ssdeep":"","tlshash":"c700000000000000c00000300000000000c00000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-04-04T05:59:29.04243Z","times_seen":61291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7555b4f0c30ff860f6d579c79e3fa8e1","sha1":"650caed8cd9509bf714ea6aee66933e793e8df81","sha256":"8d4970b9740282b959e5cf29f0ea8016cc93acb82fdf4846833fc37bf4fca1f8","sha512":"3e90de355341dec2319946a59eead3242d6463bd1ea4a0ebef3f5f723d6055190cbb7cfdde7906860742cc0525c5311224839da46f7e2b4a7fac339f93cddcaa","ssdeep":"","tlshash":"c7100000000000000000000300000000000000000003000000000030c0000000000000","size":2,"data":"","first_seen":"2023-03-11T15:24:05Z","last_seen":"2026-03-21T06:35:36.710817Z","times_seen":2670,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"9f1ac00d215b99ceca7d30e4288528fa","sha1":"7325f4eeaca68ddbbc9d407eb918dbfd2e86cfd9","sha256":"3741dc9226056194aa866d1c4bd43607a01ff879682d4fa836b0923608dfa0d1","sha512":"3e25381c486aeeee22939c4306b495106f2c46d29290d0f64c713ec7662e0775268b509d5e9dd74ae37ed2fd1b6453d26dbcdd6514779dee41d12f3450fef417","ssdeep":"","tlshash":"c71000000000000000000000000000000000000000000000000000000000000c000c00","size":2,"data":"","first_seen":"2023-09-06T10:27:18Z","last_seen":"2026-04-03T11:46:13.11407Z","times_seen":713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"2e20c5ddfeb04f7c2949cb4442b4483a","sha1":"ed918a71e7415c1c547496b3325197dad03d1a16","sha256":"aa870ac38e32f49681d224d2edf6f7c6eae585722c65a9ed1c85340c304c133d","sha512":"210f636cc979574dcf08cc12860467b8db13882937c5c45a7b8fdfc81aca72422eedcf2c83e4671a3e671bd142eef44e44f2b3ad506819a37a23acbdc7f7ba01","ssdeep":"","tlshash":"c710000000003000000000000000000300000030000000000000000000000000030300","size":2,"data":"","first_seen":"2023-03-08T14:21:45Z","last_seen":"2026-03-10T13:36:59.966123Z","times_seen":447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"9e35ae5770c9579700ad434391237595","sha1":"08306c79a6da42db9b3b1bba8e34d8f84cbd26e5","sha256":"7a2bef5127bf70357287ea84eb26b55ed7620cccbda7611284eeb2eff7fec8a3","sha512":"84e88db9f4346b2a09eecdd35deb3a9aef942f7ff7e35b45ad6818d81e5671c34a6df8957c769fddd504d14239698918923a8f59c06c683db18af22e90b22c96","ssdeep":"","tlshash":"12c080453456144ed4647533dd87b34940ad58e4d6cf441dc555e0540390cb63e611cf","size":170,"data":"","first_seen":"2025-10-11T11:12:36.200973Z","last_seen":"2025-10-12T14:47:21.84761Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"569fd17b7fd5654f7d6514b0ecbc7a2b","sha1":"1d96b924839f777d0ac14e8631b0a621cb07b487","sha256":"36d848db908aba6d8e0f827b6a2d96596f62b4b0daa940773d7a632a08c8cb65","sha512":"ec7077c31f66bb958de43d36b01982e6d123d5eef60068d5f82f6c3d37d28bd7e94963d6b5c63566cd7643f4d847ff6f660d369514cc7133df5007affae24ff6","ssdeep":"","tlshash":"5ed02b955c41d481db3d4d9249a7496c01fba10796790971c23a8040801fd37412eda4","size":263,"data":"","first_seen":"2025-10-11T12:12:30.862524Z","last_seen":"2025-10-12T04:36:02.712561Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"666fbdc20b37bc4a6de714c3586c41f9","sha1":"70270dd481dbe8eaed6f3e19264df112b2632335","sha256":"7b7d408ec26bd1d394c6a2316087784dc7d0b9d9e38836e9921cb3e3ca2fb47e","sha512":"e7d71112164dfc098ff2b44fb7c4f9081f0df68095dfa52de3d8fe1fc6a21cc4b46236d6eb9052559e7158dd2383f6f0e587fb854f52c7889d5e7a68741353e3","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MzgHt:8qt0O248I6ngWCIj2XMzW","tlshash":"7903c88d3f61b85d0796a033723f840ae6ee4e0458dcd8e8e4076ca0fe64745d4b7ea5","size":38394,"data":"","first_seen":"2025-10-11T12:50:10.963544Z","last_seen":"2025-10-11T12:50:10.963544Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"7ba3575f17a6bd73957b9503950a7c11","sha1":"cbccca29652f50eb35fe364c15f13be74aec5dad","sha256":"11b55f37e8af264942472ca89bc42966434945ab99e0ccc5c789d0512f8b8484","sha512":"5d96b0089026020032bbf0f06b50b1df842fe15410763ca54a865f5cd6d0a8e5e08ec9d92933466416a843511e8d3f362453c6bd416191aa42bb394031c206ff","ssdeep":"","tlshash":"3941d77a303b36b18c7fb063565a3b8cbe65849e5600160ab80cce825b245f00aa9d58","size":2026,"data":"","first_seen":"2025-10-11T12:50:11.112338Z","last_seen":"2025-10-11T12:50:11.112338Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0d80d99d7f209071a284c9ab6d14accf","sha1":"c91e7389c28a7b35eeb114484808a20cddb8c20e","sha256":"0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a","sha512":"59df0ea3f533182f0884e52768ba3b5b1dea918c81a430aed117aa60584df1bfc3569ba05dc9c95426cd97513318e2bc4272ec2771e3528117cefce002576740","ssdeep":"","tlshash":"0aa012b01c1dd3d81271c03118250410d6cc2205f8260d086219825248a81067f02014","size":83,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:47:19.120167Z","times_seen":265757,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"172befbe6f57526678bdd616b34aa2c3","sha1":"17081008e55c17888a6a1695f8f71d5bd9546557","sha256":"c1084b5865d0b5ac17a37b858a1d96a8cc29b152ff7111b5f830b7476e496428","sha512":"6eca797b80e3770d3fef372fa368cf565b17ef4f0f30a2b9e26f46982a057b3fe15195308bd502b69a4a2489a773e8064dcc8b92c3a5038479ff1c490abef1e4","ssdeep":"","tlshash":"c71000000000000000000c0000000000000c000000c000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-13T10:55:38Z","last_seen":"2026-01-30T07:32:17.823536Z","times_seen":763,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c313d7def40a9b0c3e6124cb831e6c8f","sha1":"9b314eb1884336fbdabaeedeeb6824af53f18cbf","sha256":"28a2302321511f6be07492af2c2446e55b1e87f00becef14aafc33de1821fb02","sha512":"30295338d055d5d5b9e7202030d365c4ff79a4c063bf51c589c5b792ce0b84a431fc4a2164a056c869a75db4ae400775128db5a43ce368b471f9d75446fd8cf7","ssdeep":"","tlshash":"23d0a7c594c5fe1de9316022b013b38ca83be00deaeb4e82a19636449775178d634d3b","size":233,"data":"","first_seen":"2025-10-11T11:12:36.125676Z","last_seen":"2025-10-12T14:47:20.384194Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0105a71d283bf4c7fd129b0ec5ff48ce","sha1":"64a68fccb8d21a57507af21780d49b4a0271060c","sha256":"77894e743fe60351d0941c5cbfb27adf224bdc66c526a26842b2b106e0cb5149","sha512":"e86524836ff2477f402becda3be8a996b0a6bed459ff4e5b3d9805dbb6ebec61c89465b82be7cae7d3397bec24d6e304122b56bdf8a1e2ca3b21748fd03f0d6d","ssdeep":"","tlshash":"17d02b12555d07776c403872821da56d43e4918cd44ab505c15404cdcce4917f13a880","size":266,"data":"","first_seen":"2025-10-11T12:50:11.115571Z","last_seen":"2025-10-12T14:47:21.231496Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"f6508f60f9070dd321948e2e29d54f69","sha1":"91954275ed34dad59df5c8a350fb768225cead78","sha256":"d30e6d8dc8413f1d07c553a459979272c355aececdf8144f054f7e448d2f0ff6","sha512":"70d4a5ff7b4087c41414e71bd1ff2abe5f49c380c158acdcc76254279b17601818ac8ddf37583d7c21f6625f5f4b6563296085ddebb7bc30ea19443ec1161518","ssdeep":"","tlshash":"c71000000000000000000000000000000000000000000000c000000000000000000000","size":2,"data":"","first_seen":"2023-03-07T12:02:01Z","last_seen":"2025-11-20T08:00:05.317719Z","times_seen":1701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fb517349838b5c1e5b340e63bd2e5eb8","sha1":"030add231422e53843e8dfda3201b7953ccb8be3","sha256":"1d8f25bc69fab286500dd6886865470ca5e60ab180a644db8f75402dbfae424b","sha512":"30175c47fab19eb28cbb6af59c36d5f7de56621a736e4315a33043da0d0b289266bdaa3140aa6d2256af478160be0a880ad69a814be7997882399a10d206d4f7","ssdeep":"","tlshash":"e6b012cc3c90768ca1110c0441431c0614f60028f068000cc52f828043388de8237043","size":94,"data":"","first_seen":"2025-10-11T11:12:36.058738Z","last_seen":"2025-10-12T14:47:20.575403Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4f6df734136529940ae2af9fcfc9bf8","sha1":"6bc939e9eb37b2220dd2cf5fd6b8d56814b22e0d","sha256":"ca6271f946f08c8d55c0042702758871a25a09c75aa957a26219b71ec24b9c3b","sha512":"0329f6bcb95c7ae74528669ca7da166d03c9f8e0764da80a3b6347a9d3e78948a522007f17acc250eee2b6e69895df07e06d7c4f206217fede0fbfd8ab6226b2","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfknKbU1FL8Kkms+F:Sp2PagUxT8xYqzkn1LN","tlshash":"d5a3c5487b91f4af1286603b323f911fe1e50e905088e558d147f9e81ebd747ba3aea4","size":103807,"data":"","first_seen":"2025-10-11T12:50:10.959934Z","last_seen":"2025-10-11T12:50:10.959934Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0ee0e9b638a6c76175a6f21dec69a2af","sha1":"5f1050066b9304704abba769a59b0582f34de338","sha256":"7605b57a019a45a4819ed506ab7ad92a66e6066ce1a0802f4b0340728217cb23","sha512":"b2acc2420bce42da5337d5fde354e4a32d8ce1dcca982b32c1159fac5f7fa2bee8e6b7b7a493753de3a52aee2ced8e3f10b9e3f753f73aa2c721e52b6b6aaa40","ssdeep":"","tlshash":"e6c02bf89100f3582473cc451cece201c300cd007418001735e0887341a0d5680e236c","size":140,"data":"","first_seen":"2025-10-11T12:50:11.103037Z","last_seen":"2025-10-11T12:50:11.103037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"cabd942e0a2c7777851de6ef0e7b8eec","sha1":"07d0498b8250dc735b8172f75623bd08b039e2d8","sha256":"cb0079e5b7e6a0a07e8b606a06d4a6c40aa669e0bdf381f13f6199eeb1c40662","sha512":"c9bf4de4434e1b15a4cc63eb36f4fb7fd067456a8d131dd3874fea52eeddef5580811436d393c44aca8de99bd2fea1bedcbe60da5fb30391c86200d38ee21ba6","ssdeep":"1536:rhVhUVQPpP/m489ZyohcZXoZVKs7UFHhEGu:t8VGu4qAo6nh6","tlshash":"dd33f7cef1e2a73699e2a0f2045b120d927e7855ecc8181eb945b3f45a70d8b513af37","size":54408,"data":"","first_seen":"2025-10-11T12:50:11.120743Z","last_seen":"2025-10-11T12:50:11.120743Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"3995cdec0860b2de0389f452b3a1a002","sha1":"5cb4c44b5d9208c71c6881d3773cfc1210152f24","sha256":"8207787100beff3ec0caf5f8ea726c994b961f84ff2a18478b8c30998cc76a34","sha512":"beacf3d8c268869794a9d9fbeb4ef63694383762764e621d66d261e3826230ab19f60964362a424683c91404e2b9c5ce6dc1cc2d45f93533ebfabdcd311288e5","ssdeep":"","tlshash":"157000083c882200022238a2828b08080022002802008802288000808c3300a300a80e","size":22,"data":"","first_seen":"2025-10-11T11:12:36.062822Z","last_seen":"2025-10-12T14:47:21.20766Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"98f7108ed4390cdde92189a65fa7bf6c","sha1":"444969c706257a2bf8d05d51a832d4cd4276dbe8","sha256":"33abe804f44c979c65364567d56bb59d7ebee0531288998218cea65a893cda96","sha512":"e3a6badd1017cf2af18aa0c8815a7778ce8fdf5e3de314daa598715be8337e444daa5e1ba57c7be747588651e6a8a0e42444208c25dc6a921a73dde3620b4e30","ssdeep":"","tlshash":"c710000000000000000030000000000000000000000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-07T23:41:37Z","last_seen":"2026-03-18T00:48:09.254135Z","times_seen":966,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"87a54fc83cddda1830c36628ab2c5ae6","sha1":"f55978fccba453b6269822853a89d24984d21b25","sha256":"94f43cf75323d0a96d54ea6abd61c33ecd4e7febff02275ab7430ea7481f9b2f","sha512":"a69bfa8f044dc20fdd27985329260aae56728c79bd440a927a0fa6080955d0949081ac1249d9c9feb00570a7e40f9c1ef0dc5f96fcf4b640440a44759b7a5086","ssdeep":"","tlshash":"c710000000000000000000000000300000c30c00000000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-07T12:07:29Z","last_seen":"2025-11-18T21:04:20.026216Z","times_seen":397,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"08e1b170404cd41196865b988b74771c","sha1":"eeca890afa5d0f6723f05fd21461d067438fcc0b","sha256":"1987afa724e99da4ef53f8c3cf1c66085d5494807a278c14b9b8f6a5bdeecff3","sha512":"184913af05ebae370cb88c01a70221dde74eff6bef1ff5b65155b1bff9703e140ea6a1ed980e0cf87d88f9025070c18f1d038f04bb4103da543e07b0b6b558b4","ssdeep":"","tlshash":"48a024cc1c4df441f105dcc0c4410c0310c41c55d304050cc13cc3001f145744037c03","size":75,"data":"","first_seen":"2025-10-11T12:50:11.123893Z","last_seen":"2025-10-12T04:36:02.616838Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0ee0e9b638a6c76175a6f21dec69a2af","sha1":"5f1050066b9304704abba769a59b0582f34de338","sha256":"7605b57a019a45a4819ed506ab7ad92a66e6066ce1a0802f4b0340728217cb23","sha512":"b2acc2420bce42da5337d5fde354e4a32d8ce1dcca982b32c1159fac5f7fa2bee8e6b7b7a493753de3a52aee2ced8e3f10b9e3f753f73aa2c721e52b6b6aaa40","ssdeep":"","tlshash":"e6c02bf89100f3582473cc451cece201c300cd007418001735e0887341a0d5680e236c","size":140,"data":"","first_seen":"2025-10-11T12:50:11.103037Z","last_seen":"2025-10-11T12:50:11.103037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9404990661735184\u0026host=ca-host-pub-1556223355139109","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e3b2f82b912f0d962283dcfb913a65d","sha1":"7d7fae59014f055644b714d00bde1f95ce3d8cea","sha256":"f1825128131baa21a77dc2f00dd4c62b987231279e1cf68658f86b97205b990b","sha512":"9a76a1e5dae8403bb59aa9285fd4d1b90eefdeb188d2a72f7e6d30ae302f99f964873a3bece376148428cf0bf4ba73cb3be81bf3c8bd9dc45d4301ced1e86eea","ssdeep":"3072:hy2jYHhrJKWaxCdLUHBpN8zpt6j0OX2px4Bg8aKiNH6QaLS8B8E6y95MQ227lY+g:hy2jshtKTEdLUHDqzpt6LmpxmgvdNTag","tlshash":"6bf3e89971a2bcb3876389e5006f4107b52d9863f00cc8b0f2d8ded97a2497552b7fad","size":160101,"data":"","first_seen":"2025-10-11T12:50:10.958106Z","last_seen":"2025-10-11T12:50:10.958106Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"272466c70cd349488be57c54cbee8780","sha1":"e6c0ea4cad3e9ea3b46c6e3e7b0499ea2778c080","sha256":"276aee96616e8a46d6bde046936d4d29f66418e4e89f3e028fa6ea45a633bf37","sha512":"97f6a8c862fcc903f114206429a8c1bb2fe3992f18be20b1c13638f18943bba7019f7527d68345471d6142f16ae3863ffea35ede37685628b061118e34d369f5","ssdeep":"","tlshash":"dd311c5d0e8f700e7511d75d413f3e34bf869c3fe5966f26552d9958e120d01a243d72","size":1508,"data":"","first_seen":"2025-10-11T12:50:11.125158Z","last_seen":"2025-10-11T12:50:11.125158Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"28da1b249a53a3ee7178e3f1808cb6e9","sha1":"e832658a5db38976e7e7c6f15df4c5ce5177dac7","sha256":"ca68e4089074e50e5e65b9630621c2c4f2b50645405eb1c3c867aa626715d68f","sha512":"2bf60d9a8051e81461036ab6f209f07ce9435f4abdd45c476a1de4ecd13ab955b8b1b1e0f95c268624fdddc1cd5597bd55af1eb2f08494381680fd134ba34e03","ssdeep":"","tlshash":"69d023671488913ac1c1e39046067144cd74401795e4df501314d454da3555e472bd8d","size":209,"data":"","first_seen":"2025-10-11T11:12:36.12975Z","last_seen":"2025-10-12T14:47:20.478464Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"1db930052867457acfde0ae416c8b1f9","sha1":"d8eac251871814f07ff37b068433127990289629","sha256":"a5411edf929a4b91171dcd49699386f3be77036560b3af2a57f5bbc99ca6f8f1","sha512":"73cb361fe9a8b1b5129742a043b6759bc8cb393b0e81c956f9b277f368ed1c7124763ee34a8165af2b513450e4a4d37ea4941d0524b728d0779ea0ce28cb0b47","ssdeep":"","tlshash":"c710000000003000000000000000003000000000000000000003000000000000000300","size":2,"data":"","first_seen":"2023-03-07T14:13:32Z","last_seen":"2026-01-22T07:37:33.61509Z","times_seen":999,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"91040f7aa839ead8447ae96f044c47f1","sha1":"1e7b4c48a2a2a296150825abf4558979e3b43136","sha256":"67254045336a6d88f602963d9e735bfaf49c0d6e61c90396ec66ffd06183c957","sha512":"f9d420890eba301b2142b4e82d366dc6b51488593dadce5c566eef795ae7c6204a88edc8014d03ca5f44ff14b4e155bde670bdd14054551a6744e066ef1b5af9","ssdeep":"","tlshash":"e5d095bc5d182354c2037840080751cfa6b0fdf7f474fde60195504085645448d3fc04","size":244,"data":"","first_seen":"2025-10-11T11:12:36.143776Z","last_seen":"2025-10-12T14:47:21.575051Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"f7bc4fc4bd769142ab466b1ac56dc796","sha1":"f38f39d443c2addf31eddb2bcaafffa5ab1ead3d","sha256":"c46ea96bface3aff8635d7b5778388839dae1d5ba3af85ef8f4bd178bf58f9ab","sha512":"a97816b99d26e0cced455de4b3b30153a942ef98e7973469ca605be4f19eb1e1264fd3fb8eeaa6ceb85e8a9949447b1b68a3638a2c1833ad415e8fe7b657a31c","ssdeep":"","tlshash":"eb80003cbc0ce2208b0330f0000b200803220000a020e80022c8008c0f32aca000280e","size":27,"data":"","first_seen":"2025-10-11T12:12:30.843956Z","last_seen":"2025-10-12T14:47:21.98065Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"5113368f18ebce06cf3e69bac8f34f9a","sha1":"bdc1e29a2890610bcf0587c690e7f9e18e991908","sha256":"fd17b83ede1bbbd6684164105f5e698f5b24f26ddee37ca6ccb8a1318f8ec350","sha512":"3dc6be2cd843aa09b181ec9070a4963d376956cb549d4f2e33c3b9c52ed6c5c4c2c27b39f3fe57027e26ce87b834e3ac6398ab0f09b8cc46d93913d17013cf80","ssdeep":"","tlshash":"f141e72f731738739997f9b70a9e67682c2359066e0ad622383e4d812350dc6027cda3","size":1990,"data":"","first_seen":"2025-10-11T12:50:11.130102Z","last_seen":"2025-10-11T12:50:11.130102Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"49cf87376c1491b9733f032718b7551c","sha1":"10c8fb0af824bee655f666dc38555b62e9cb759c","sha256":"9779fe38fe7be4a00008e75c6f3f7d24a8051a3616227bb0e30694f481283699","sha512":"6ad201ed16f0fe8d4cd16872c7bbdb71deafffda0c6814e7ff7259cf25bd5d7eb0ed55bf79650c7505d92522c1364b814a6f4d86c57bde510e3bbae722931596","ssdeep":"","tlshash":"42c080ecfc57f5b9c1032a2045077d051b7f2416d1d4eb10d07500d56a34957453745c","size":162,"data":"","first_seen":"2025-10-11T11:12:36.213884Z","last_seen":"2025-10-12T14:47:20.664385Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"ad927d8f5f5b42fc90fd1cec5ae1e478","sha1":"45ad2187cc311cfc92e1eaef54f84bf317f9fb4e","sha256":"0adf968ca042673121766bdba0c4824e02a72c9f9f66a6f59acbf8c71ba32dad","sha512":"dfd6aa128e5d82de714b69b4a218e09a115d2fa39d9ed6761a871be65d367a203f9358246e13682c2f561171b8cac3ca9ca335c2b4a8ef2dbbdd4e619dffc14a","ssdeep":"","tlshash":"8c8004553c4430140011155c04d71c0f40510014f014055cc0ffc141477454fc0314c5","size":38,"data":"","first_seen":"2025-10-11T12:50:11.135214Z","last_seen":"2025-10-12T14:47:21.960441Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7dbecdabe7f2e87d43603b913f10ee9f","sha1":"f35b2227f8d2e165eab3923e70f78d6c68e9fe09","sha256":"64cd3eed18395ba15757f159a98f1ce8cc9a0c619fcd9bcdb6aa24e36e3dc301","sha512":"0bf72aac13bf77f49a90505639e99b03931a11f15b5e67ea7cd3e12492a6008ee7ef8c165aab2cf5bc8a7f67364e3dd08e610b94af9eec11a517749d56d596ca","ssdeep":"","tlshash":"c070002a3c08a8000a223ca0028b08080022002002088800288000808c3200a000280e","size":22,"data":"","first_seen":"2025-10-11T11:12:36.022938Z","last_seen":"2025-10-12T04:36:02.645643Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2a9dd267a66b28ecd5b4439d7d462aa3","sha1":"be7ae41bc5842c67d42ed0bb46b2eebab1887515","sha256":"6d498e13f4d77e6dca58c787be342ed08bb5d1a292d5e7fe3971ff48dc4a54b4","sha512":"1861638cd8b9ae6f07378798977108957bb7dc768814e38ae21998dd50fe989b8e48b97abd2a90b473f2a5f160b90c6da04aff6912a4614f5107885d4ed41b6f","ssdeep":"768:aCcZ1I6+gyfJ78tKOGOrnepjMzZG+uluJe+KSzVc7mThcGJOUuwXt:bcZelJ78m2c5GO8","tlshash":"c923d746b320292a868ba1e5927f020bb13b291de445907d797c9add6c79d4c207fffc","size":49106,"data":"","first_seen":"2023-03-08T02:31:26Z","last_seen":"2026-04-04T07:07:00.315967Z","times_seen":239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"8283ba25029f5759462ef40b110a19be","sha1":"60599ee5b6ed0167a48c63086c7b91cd6bc41fa7","sha256":"543de4fdb790d0256494cb15f673e14db1440da9665e1ce22b8c1b14dd12ee6a","sha512":"dcafa576054c1043b482eaeabf53b0e96dbf534ed1b93d634b262b7929f867727dd6d2796668607df91d7420e1fe0e045593c3d1f564670ddc1a41a40a0999a7","ssdeep":"","tlshash":"97d02b8b3910584720ca0b89d087034f27f433435b9d5dc8ed7274c32a54891cd77d0c","size":285,"data":"","first_seen":"2025-10-11T11:12:36.073767Z","last_seen":"2025-10-12T14:47:20.452876Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0688a81c8a06609e6febb28dd5708f69","sha1":"a1a18368d3ee4e5287f6177b4400c85936c14dc1","sha256":"aafc3625f5b26a6afa40caaa3fa845505abf9421da8d90b6459f76dc8f3bbde4","sha512":"47d3b54d98dc4f6fb11500bc89f1239b3ff14048088573f9804e89352576842e74af59d6358af21fec987e5ff26209323388bfa160dc0bbef22524b8bdc67ffe","ssdeep":"","tlshash":"13c09b5a77501386d35e51c14c474d5dd6a164c66d505738c7e05147e31069105ece56","size":130,"data":"","first_seen":"2025-10-11T11:12:36.057458Z","last_seen":"2025-10-12T14:47:20.716194Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"634c75b35d6804427fc5b055c0d2b131","sha1":"be4619f0f0ade96ddb22943fae7b659ab233bbf0","sha256":"4cda6ef6a54a5f6ded2e0d147224322b13b71fc315bedc022dfbb5e0ecd88309","sha512":"829b866659352633fde502835eeead53dbcc89f1b1eceff5c12fdfad23dd249395b1b539ac5637200f7ec2685342fa66720812e2dda280be2c6c303904f30996","ssdeep":"","tlshash":"0aa022082c08bcc0c8a02cf3cffb0e0020822208f02f0b0cc22ec28c03e00e30032e0a","size":72,"data":"","first_seen":"2025-10-11T11:12:36.369698Z","last_seen":"2025-10-12T14:47:20.473077Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"383851f935ed11242585dbd42235ebf0","sha1":"040be78046205a0f91a2b0914033eb1e327acfdd","sha256":"d36f9115de7b6d915551581996d4df2088bf2adb56b811c3023ae34611c568b4","sha512":"86ead3de4d0943a5c7c6fbd9acb43ac8c651151e6958c82f9e8a7bc13cd5d5ab47a9925285af95b52e3aec4b3a8aac90a4225084f692974b917d87626c9357b4","ssdeep":"","tlshash":"6ba011082e2028c80a300cb00a2b2a80002a2200f0082b0ae0ae82880a200a2023280a","size":77,"data":"","first_seen":"2025-10-11T11:12:36.05226Z","last_seen":"2025-10-12T14:47:21.804587Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0b75ae72faed91f436296bd33db860f5","sha1":"18531bf3224b54ef1dba0c59ed79079ac05ec9c8","sha256":"4c1ec91281d667716f32cf562039c19281568f9ce9ce219e608ec85bd98f3395","sha512":"d8979775cb2346ff853a6ecb37e619a77b3cbd5c79c2c33dc51a531f7c20775cf6a7acd8e8514ec2d08a44053f8eaaf00189513a58e96d1b25aebb17746df8e8","ssdeep":"","tlshash":"44d0c28b2910584720ca0a89d087028e27f433425b9d59c9ed7264c32a548918d77d08","size":287,"data":"","first_seen":"2025-10-11T11:12:36.038766Z","last_seen":"2025-10-12T04:36:02.6403Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"54e7bb254973bcb3e142aeeaeb4e91b4","sha1":"ef3aa83516dc32a15728fb10cc32b3d9be58c3b6","sha256":"92b8d079049cab09fe469fd09c8c6a1cef0382f81c0d9da5e672b5f241bb623d","sha512":"fa647adb4f97f91a6cff6eb6dca8286ae92d9149eaa4bcfbf8928036b674eb70da3f6700e4a62dd79e5296b034352c4536fa36e55a8a2f844c9a775441dbc715","ssdeep":"","tlshash":"6d8004051c4c1011717570f1105741cd0113115c71500d14145c01d10d713c55151c3c","size":34,"data":"","first_seen":"2025-10-11T11:12:36.186674Z","last_seen":"2025-10-12T04:36:02.685541Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"bf6fd14e7b0ec79911c73317eb687988","sha1":"df57cae2a32506cf2dae0c187407f4d79e8cfabe","sha256":"14d555ea1c98a90f3b3791cdb41903eeae5d8e91ff42496ed79c2233ceb30782","sha512":"16848e4b37216aae7591b25bf98d76175d0406160296c26642b4614c689a7db29952041fb0cdd22370f39a2e2f46b68e86d9e50bb293b11ae16765b9cd20b57a","ssdeep":"768:wMHimNw0/JB6RVpGWPhF0aJozrCGtvU8l13mm5Xa/DeIIb5Rr8czzppqDCDyV:wTntLz","tlshash":"ce4438c24666e40396891c43bf687ba6461db7e2b1946362be7cfb4805b78c740fcce5","size":253937,"data":"","first_seen":"2025-10-11T12:50:11.146009Z","last_seen":"2025-12-30T20:42:19.488187Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9404990661735184\u0026plah=usaxtoday.blogspot.com","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16b4c8d925cb3e1945bade901f32f2b4","sha1":"805215561c985cf42be680cea7542849d10f395f","sha256":"9827c2bed7b73c2df47232c97cfdcdf8fc92c96d7323849eaf4ba23cc587fd6f","sha512":"f7ab5e2befd6ba2c99cabae25220fcffb1a6e4eaa21f85cc232b5b88d9d3cb0e64a785ec0ca03fe05fa16923150c48065f88d8991674b564d412fcf812a4b451","ssdeep":"12288:TiEURjekUsEEc98Xl8qDQQjYAvC2qInChiB+dcoQ0+RiH6ExaDnOC9i/CRR7nQ1i:TiEURjekUsEEc98Xl8qDQQkAvBqInCh0","tlshash":"5bb41ad972a274a783a394ea507f0147b125ac92f00cc8b8b66cddd97d2086553b7fbc","size":518506,"data":"","first_seen":"2025-10-10T07:46:59.204203Z","last_seen":"2025-10-13T18:16:11.908927Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"ddb1b51e0b204822c232381331cad8bb","sha1":"6118af4209ab4102d5575be2ea3eb8ae6feb419d","sha256":"e28d9934599d97a6e5fd88c9a2024950996457ab432418fefef03f83a14e60b4","sha512":"8455b698db4c6516d00ee68739b0804fe6b4d666ca6e3b7c00cdd203c60f365b27f8e2cc656116b519a610caa2af10ce190fdeb4af11d4246c929d97f0100ed8","ssdeep":"","tlshash":"68a02288ab80300ca8028022a88f000a00ab0008b32e0c088028e38a3332c38800203a","size":64,"data":"","first_seen":"2025-10-11T11:12:36.223915Z","last_seen":"2025-10-12T04:36:02.699711Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/js/cookienotice.js","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","size":6513,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-04T11:01:34.870906Z","times_seen":109165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"91040f7aa839ead8447ae96f044c47f1","sha1":"1e7b4c48a2a2a296150825abf4558979e3b43136","sha256":"67254045336a6d88f602963d9e735bfaf49c0d6e61c90396ec66ffd06183c957","sha512":"f9d420890eba301b2142b4e82d366dc6b51488593dadce5c566eef795ae7c6204a88edc8014d03ca5f44ff14b4e155bde670bdd14054551a6744e066ef1b5af9","ssdeep":"","tlshash":"e5d095bc5d182354c2037840080751cfa6b0fdf7f474fde60195504085645448d3fc04","size":244,"data":"","first_seen":"2025-10-11T11:12:36.143776Z","last_seen":"2025-10-12T14:47:21.575051Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"b1922ea695aec4fb52a92c0d7cca054e","sha1":"39cb356fbab3eb63fc98f0c4b1cdcfccaaceadc3","sha256":"ed5b7c54d9e2be26ff85cc8ba72aa0cb8c787040ef986aa5317f6fe390d9a296","sha512":"00b9f71d2772eb2669b37d084e8648fbec5fbc8df5ac9b419e3e3deaf55c56e4ec9ac8026488be5902eda6b44e5d84c188658ace5b3e114f43d7852f35118fdd","ssdeep":"","tlshash":"019002c82091f07e4185a121065f360dd9e5348564148c1a60c462782dd56265e95e49","size":55,"data":"","first_seen":"2025-10-11T11:12:36.212245Z","last_seen":"2025-10-12T14:47:21.21682Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c5d2c66964df6a098324936bc2a9ccc7","sha1":"614e9ff9b2298cef839b2588856ce4552c9cd49f","sha256":"4ef25f8f7682640ce4d1813564ba3c7f5004af822405142309d8846c03f75997","sha512":"f0e6764aa742ab0ae31dda0c222b85bdab2bf9091455e73e38897aa897f70392d98835e215b2a7ce3a25388c01d10907de4f953a81903c8eb34599e638bc3e64","ssdeep":"","tlshash":"e27000883c0820800ae2b0a8000b020ac0a2002200200028008282800cb282a0022c0a","size":22,"data":"","first_seen":"2025-10-11T11:12:36.04749Z","last_seen":"2025-10-12T14:47:21.038671Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"78a689af8946e990db4a6eaf81e5bae0","sha1":"e77eca1051d85c3d71cbd9abd18fd833670a116a","sha256":"c9c845d088b9eb9efebe43af7e38521c976b8155675cce36bc6e3057aa435fe4","sha512":"f2c74feaeeb75bc7d821608661148c3dd2808f4831741ddd3f2afaeb4139c5064bdfef1de44b7fa4d91551fba4e44560f1270770f1f555ddb72649df864c32d4","ssdeep":"","tlshash":"9b7000083c0820a00ae230a8000b020ac0e2002200200038008282800cb200a000280a","size":22,"data":"","first_seen":"2025-10-11T12:12:30.77126Z","last_seen":"2025-10-12T04:36:02.633162Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd5802de973128ed223bfb1025438156","sha1":"066879a7071cde2913c4a2f5ced004c4702933a3","sha256":"52c3a4f78b20c9c842c9378f16f2169cfde5e3f0eb10ad40eb9ac6b0805f3bcc","sha512":"b9388e4b066abdd6f44548762211e36acb4b68b58b1e7f3f7153488d082667e56dd703927812b55b0c24d5b401552fdd5708b89bb2f3b935efef1c0b503c8e75","ssdeep":"","tlshash":"8fe07d4f2c9070282ff411771a1549ec329d1a0c0e408c898d8dc07c7b20fe00aacadc","size":321,"data":"","first_seen":"2023-03-07T01:14:42Z","last_seen":"2026-04-04T07:07:00.420647Z","times_seen":1128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f488687f23b8b2ad6f1d05c2d07b2735","sha1":"9fc276898b78f841cb27d76da4f17dbe8c77aefe","sha256":"9153ade8a8e5db45d8092225fe85f04f6af83889149e2f735d1815268a1003c9","sha512":"de641622763436813ae87369ae73c0f2d7123835e07e67005a30b4bc76dccf76f07be9c35b78614275144015af1f491458cf292e060df5ef74cefbeb267e7ce2","ssdeep":"","tlshash":"690189137108e71422a314347b8bba18fd2ac2520895453b391cf5324f07b63ce96be3","size":798,"data":"","first_seen":"2024-02-05T14:31:36Z","last_seen":"2026-04-04T11:01:34.924316Z","times_seen":65736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d51d74796d2cb071cbc482fd156235b4","sha1":"8a6fce30a2358dd35b9f443ca65c1e826286303e","sha256":"3040582e2855551619a2407cfd27ef214cf7dce67887c0a96c62190f8e8951b7","sha512":"8bbb3f677b6e68d7c998cf57e0fb37aa1029a703b5b481bf8e07778531354f9a75f4cc48fc762b9ab2be05d9c7544e9210ab28bb1c3033bcc984d8f995a26f6d","ssdeep":"","tlshash":"14b02bc47980a04cc3c0e81352719200816d248cd00c0440c0c4b4892a6131d0c3cb04","size":129,"data":"","first_seen":"2025-10-11T11:12:36.091151Z","last_seen":"2025-10-12T14:47:20.386527Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c4d221d8dd6a7fa083a0d09219334057","sha1":"96d0fc4c9d864751e2cf5d8a7a363f20ded0d2eb","sha256":"b0520b25a8cf59aff6b319ebc27e74614282e1030ac682972d4d4e71c0b623f7","sha512":"42529384adf1b3973b5c8c2a1fb0a1145d0fccc51985a35adc17520b94781621a61b91a69b2c1e5d1688dfd2f3504c0927998b1a2b03199f43fcca7001bd0e7f","ssdeep":"","tlshash":"41e068a7116a611174e14ce698a7aa4c071811a86dc1e41ea75a33d4853acb603ea806","size":357,"data":"","first_seen":"2025-10-11T11:12:36.180885Z","last_seen":"2025-10-12T14:47:20.459725Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4389eeefd8fae8ff4854b72c5b7e71bd","sha1":"cee4bc95a73b3588fc32a4c2c7bde07bd662932f","sha256":"7864b4f92a777d1f42c4e43ab9ae16fa57e96f12d8a4d6738626b509baa77d59","sha512":"5f2f60da0efac17cfa46d64d53398193b77133ddfdfa7422e4ff9c1e944657dd3f5805b53815dfdf855c165df12af1dd8423fc461654e33fc7333c5ecc3bce8c","ssdeep":"","tlshash":"64e0cd657d54ee752294aea0d54abf14857511bfd0740d50b63c40544d35cb65079811","size":302,"data":"","first_seen":"2025-10-11T11:12:36.036223Z","last_seen":"2025-10-12T14:47:20.619222Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js#xfbml=1\u0026version=v3.0","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b938e0b835c600209bdaae9d8ccda6d7","sha1":"d5ee79d277057e05f002a18381722b5eb75d3883","sha256":"d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b","sha512":"f519d10ba250add8cdb46a82b3cddc68e01735c6c80b24d4af37aa0ca108340b59a21bd2cc19bcd4753f66ff5a5dc17f6e3500e91be6436fdd90c954a6ed3800","ssdeep":"384:Ps5FfMCDA9SQM/Psw1A9uW1HVMJDXMlS3RpU9JCo4wiLF:kU9SVjoHqXMA3CJCodiLF","tlshash":"1672b51e46f31232456370766b4b72047235d0473a0afe993f9c87542f8aa6e86f27ec","size":16896,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-04-04T11:46:05.513914Z","times_seen":147022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"62205faf12cb4b6271d148938be40e17","sha1":"d4f2ed1bcbc698e2ee833e835be32b009aec39de","sha256":"c935f57d5f50115828c398ab148762f60e76810856334100f296de2e9abefd58","sha512":"c81e789b11518e145a2903a9a64f1dce57b33d6e390c995212abb9c42172d94221a5c07ffe93b43627a87a1fb21c844253c2cbc2bd9071112c4ebb0982aae1bb","ssdeep":"","tlshash":"31c08cec3b013632bd33b8cf1b873381cdc04a02f03124465418c4d0e8ea83344a2401","size":145,"data":"","first_seen":"2025-10-11T12:50:11.056589Z","last_seen":"2025-10-11T12:50:11.056589Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cdb6583ad052bc9d66eb6a1c4a5bc4c","sha1":"63bba2cbbf2a2aae312fcd8b10a3ca5b6c0d84d9","sha256":"6177db49231039cb86fdb081843e8bada301c0ac03aac7afadb9508fd104d3ef","sha512":"8fa66cacf252b4eb00bf9420e0dd95f770a721bb499e394fdf401cc8048d569fe786c7ba7e014a754e2b501f231fcc6da920f956e468cab024c90bfc14e902f7","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkpKbU1FL8KkTs+F:Sp2PagUxT8xYqzkp1Lk","tlshash":"1aa3c5487b91f4af1286603b323f911fe1e50e905088e558d147f9e81ebd747ba3aea4","size":103807,"data":"","first_seen":"2025-10-11T12:50:10.979785Z","last_seen":"2025-10-11T12:50:10.979785Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"00923ffaff018f400bfbc44db7d3a3cd","sha1":"fbf646d88a5b9254762da3e951a70559cafb4321","sha256":"f7e7fc57c8ca2218d904f719fe07607a955c7ccf9ba56c857688ca9bb1e76123","sha512":"c7de939d9d4c3aa5e559a2c1647e982e445c68af15d476962ce019e0827496959fa14654c2bb11a3d2e69944c9ee1470e7d922d5500897a50f4fd47a3fabcf0f","ssdeep":"192:+l/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mH:Wz2NQJIVsTiMH3qzfcOIr1mH","tlshash":"b542a7ccbad2b0210353b4f1a13f000ff13ea8aae44c9955b185e8e17cb56a94667f7d","size":13105,"data":"","first_seen":"2025-05-19T23:59:48.536394Z","last_seen":"2026-02-26T16:39:13.367665Z","times_seen":12596,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"1d8cd6a64bc9d77283264ce08ad9983f","sha1":"4db033dd588623611df8a24875a8db482b92e53d","sha256":"51f2d5f61ea459dd5b9fdb0b56e0f5e512338528b0d608cd8206dc390f294660","sha512":"654c63968f1e785389c81d283207a0bb65550a882c0c61586be5b2382b17228f4a1e099effe37e77efadb345e04ced2d9f712ce8afdc8977a4222cd214eef22b","ssdeep":"","tlshash":"80a024043c4435cc11100c540c470c3510570314f0dd010c44dfc54507340d7013500f","size":79,"data":"","first_seen":"2025-10-11T11:12:36.02963Z","last_seen":"2025-10-12T14:47:21.829464Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4b43b0aee35624cd95b910189b3dc231","sha1":"4dc7c9ec434ed06502767136789763ec11d2c4b7","sha256":"454349e422f05297191ead13e21d3db520e5abef52055e4964b82fb213f593a1","sha512":"a882f0ac848b0b6b4ca7b42bfa1d266afd0ddeba9204ae57a984a69376d59816b1ef3f4d442ea8a70396067ff5b70e0ae8eab3935b617b8e366d8e35c3bfe14c","ssdeep":"","tlshash":"c700000000000000c00000300000000000000c00000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:42:46Z","last_seen":"2026-04-04T05:59:29.004752Z","times_seen":39700,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f70bd598aab1ca66e7be560f7e281755","sha1":"fce8a6f830fcea136db9290aa0c695b3c02d4b96","sha256":"a71f8bb468ed119117b114babfc1ddb434def0912b46f117fe9d25e3463a9d0a","sha512":"0cafc3cafdb9f1a38f6308841a36aa99e41efbf86714d96fa89113faa76bce24d0fa418af493d7d18ddd48ec76c00f396080c6886c2b8190c2523c7c21b1e63a","ssdeep":"384:7uuHLJHj6R2qdllTRaGaq3yLsrLCAIoYTNPTU+TE9krUuM+V0MQAJaZC2Oakt68U:V9W2q3aGaq3yLsrLCcYpP8","tlshash":"8b420dc3b1f8b8f94beda86e7478af7231924819c9837d558c6c29b527167c3c4a4b34","size":13050,"data":"","first_seen":"2025-10-11T12:50:11.157577Z","last_seen":"2025-10-11T12:50:11.157577Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"62205faf12cb4b6271d148938be40e17","sha1":"d4f2ed1bcbc698e2ee833e835be32b009aec39de","sha256":"c935f57d5f50115828c398ab148762f60e76810856334100f296de2e9abefd58","sha512":"c81e789b11518e145a2903a9a64f1dce57b33d6e390c995212abb9c42172d94221a5c07ffe93b43627a87a1fb21c844253c2cbc2bd9071112c4ebb0982aae1bb","ssdeep":"","tlshash":"31c08cec3b013632bd33b8cf1b873381cdc04a02f03124465418c4d0e8ea83344a2401","size":145,"data":"","first_seen":"2025-10-11T12:50:11.056589Z","last_seen":"2025-10-11T12:50:11.056589Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/responsive/sprite_v1_6.css.svg","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:32 GMT","end":"Mon, 15 Dec 2025 08:41:31 GMT"},"fingerprint":{"sha1":"BD:F0:9F:5E:97:20:4C:C4:AE:B1:30:B8:13:B5:E8:63:2A:41:0D:CF","sha256":"0B:09:22:C9:3B:15:4C:3F:E6:7C:0E:A1:49:9B:8E:25:C6:48:A5:9C:E8:43:0A:ED:64:30:39:CC:96:86:5E:F8"}}},"request":{"raw":"GET /responsive/sprite_v1_6.css.svg HTTP/1.1\r\nHost: usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html\r\nCookie: _ga_8P38QL64J8=GS2.1.s1760186984$o1$g0$t1760186984$j60$l0$h0; _ga=GA1.1.1951808189.1760186985\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 2244\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\nexpires: Sat, 18 Oct 2025 12:49:45 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 10 Oct 2025 18:54:44 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7658,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d4dcfc8144f556815c7a1d84ed4e959e","sha1":"22088bd6cdf970dcf7bfab9a74a4768548ca8890","sha256":"73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c","sha512":"bbf542916c5e6a7fff6742e1aff185d3129b24c2d4669e387fe257c2f1ee938871e2a825e4e7fb347b6e739190168c7ca347d4a7989ad334f15992cb83bad28e","ssdeep":"192:S0S54QQw+4C4qV7DnovzS/KuO7/Jk4UZgf+q:S0S54HP4C4g7DovzCKuO7/Jk4UZoJ","tlshash":"bdf1f266c7382b4818059778efaeb2b110edb4e935cc41d936094768b78a1dff86af41","first_seen":"2023-04-05T15:37:11Z","last_seen":"2026-04-04T10:56:53.653006Z","times_seen":26728,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.230470212888.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187045\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=384a9113086b6693ed3975976de8c388dde1a0e3e18a187e49ccaf86dad2e11dd4fe02808da18019f1cd8e126f7943c69bd7552729d6e017ece740545a64f69bc4418d8478677ba3cb31018cf6cbd0790cbd24f4aad1527206974e\u0026tz=0\u0026uuid=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.230470212888.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187045\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=384a9113086b6693ed3975976de8c388dde1a0e3e18a187e49ccaf86dad2e11dd4fe02808da18019f1cd8e126f7943c69bd7552729d6e017ece740545a64f69bc4418d8478677ba3cb31018cf6cbd0790cbd24f4aad1527206974e\u0026tz=0\u0026uuid= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nReferer: https://usaxtoday.blogspot.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 3313\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://usaxtoday.blogspot.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: pdhtkv=true; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nu_pl16777890=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 884b198331856c0ee3aff056aa0d7d46\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4764,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3888)","md5":"62c7a7d433561ce6d77a31b1586b550a","sha1":"4a0c93b140b18609e28b1d9dde423d6c215a09dc","sha256":"c9d743467707d73af3d3148fc19429bca7db92d566ca16eb10b9be6f27dc7f98","sha512":"d259fb5642a13930a614eb8e06c97621fe40759155c028e67d3d2d7dbe38306751a643b7b8d5f8b5be62c8c9734d7515d4bbe0a61c363efb3155a65a0b510e60","ssdeep":"96:ZEozEqrEtBP/MClRL9hntrnJ4ib0fJL9mqk1/DP7CCfMEDaH:HzYrMW7tTCx9ncb+CkCaH","tlshash":"69a11a6e2f57703e7423e56e02bf3f147d12900b6a05ee13b86cde411b20f9109b9da5","first_seen":"2025-10-11T12:50:10.949048Z","last_seen":"2025-10-11T12:50:10.949048Z","times_seen":1,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXYWrIZZwimSg7UFCy52B-bNzACQp4KaedAkDLnuoRuj-yPeq5IO69lkR1ismdCZjUFeARZ-LidbkLnMX_zqvrUap_I0tJB5A9ZtcMrlnLqK7KO8N3v_Cunq1ASqqP_AGCDDLGCEVGD9G8Cv-1metP2nUMyfUG0tA1D0VuYui_-iHn48M94WwMNxnP5vKZ/s320/Screenshot_20251008_212229.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiXYWrIZZwimSg7UFCy52B-bNzACQp4KaedAkDLnuoRuj-yPeq5IO69lkR1ismdCZjUFeARZ-LidbkLnMX_zqvrUap_I0tJB5A9ZtcMrlnLqK7KO8N3v_Cunq1ASqqP_AGCDDLGCEVGD9G8Cv-1metP2nUMyfUG0tA1D0VuYui_-iHn48M94WwMNxnP5vKZ/s320/Screenshot_20251008_212229.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v34a3\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Screenshot_20251008_212229.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 16862\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16862,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 320x278, components 3","md5":"ab2570f3601003a2e3d31bb1be391ed4","sha1":"5ce9b23e1d8b3d77a32654342743defbdc7abea0","sha256":"b4e87ba32385f5b7d1d3e238512c9b823af9cb08f768bd157401c1c8762c8447","sha512":"c79e7280f737727003e5ccca98d391e18d7e00877421e7c32bffaf56307caa6b16a1440b6f49d4c3ee10e455f8aea34f74bb43d56946ab9d9dc92f7f1ebeb6fd","ssdeep":"384:3RIX5aFHXoY/lpdUfIbjVTatXBDKDbVbd/6Aph6W7+zXrTSjCvkR:3RgaFpuIvyBGvL6nSuPS3R","tlshash":"0d728daeb6290921f7e9ccb2f7c73b2b591fe6bd5b782db5241328d39800e2cd445491","first_seen":"2025-10-11T12:50:10.952249Z","last_seen":"2025-10-11T12:50:10.952249Z","times_seen":1,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/ads?npa=1\u0026client=ca-pub-9404990661735184\u0026output=html\u0026adk=1812271804\u0026adf=3025194257\u0026lmt=1760186985\u0026plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32\u0026format=0x0\u0026url=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026host=ca-host-pub-1556223355139109\u0026pra=5\u0026wgl=1\u0026aihb=0\u0026asro=0\u0026aifxl=29_18~30_19\u0026itsi=-1\u0026aiapm=0.1542\u0026aiapmd=0.1423\u0026aiapmi=0.16\u0026aiapmid=1\u0026aiact=0.5423\u0026aiactd=0.7\u0026aicct=0.7\u0026aicctd=0.5799\u0026ailct=0.5849\u0026ailctd=0.65\u0026aimart=4\u0026aimartd=4\u0026abgtt=7\u0026dt=1760186984531\u0026bpp=7\u0026bdt=400\u0026idt=473\u0026shv=r20251009\u0026mjsv=m202510070101\u0026ptt=9\u0026saldr=aa\u0026abxe=1\u0026eoidce=1\u0026nras=1\u0026correlator=8653020766254\u0026frm=20\u0026pv=2\u0026u_tz=0\u0026u_his=2\u0026u_h=1024\u0026u_w=1280\u0026u_ah=1024\u0026u_aw=1280\u0026u_cd=24\u0026u_sd=1\u0026adx=-12245933\u0026ady=-12245933\u0026biw=1280\u0026bih=1024\u0026scr_x=0\u0026scr_y=0\u0026eid=31095146%2C31095148%2C31095149%2C31095154\u0026oid=2\u0026pvsid=2496581366950195\u0026tmod=196230942\u0026nvt=1\u0026fsapi=1\u0026fc=1920\u0026brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024\u0026vis=1\u0026rsz=%7C%7Cs%7C\u0026abl=NS\u0026fu=32768\u0026bc=31\u0026bz=1\u0026pgls=CAA.\u0026ifi=1\u0026uci=a!1\u0026fsb=1\u0026dtd=531","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"57:4F:37:52:35:3F:6C:48:14:D9:58:C8:25:71:FC:8E:BA:C6:9D:D7","sha256":"12:75:2E:3D:26:85:EA:B7:93:6B:DE:18:A4:AB:5B:9E:10:E7:92:FC:4E:D9:FD:CA:D3:1C:9D:72:D0:73:84:3A"}}},"request":{"raw":"GET /pagead/ads?npa=1\u0026client=ca-pub-9404990661735184\u0026output=html\u0026adk=1812271804\u0026adf=3025194257\u0026lmt=1760186985\u0026plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32\u0026format=0x0\u0026url=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026host=ca-host-pub-1556223355139109\u0026pra=5\u0026wgl=1\u0026aihb=0\u0026asro=0\u0026aifxl=29_18~30_19\u0026itsi=-1\u0026aiapm=0.1542\u0026aiapmd=0.1423\u0026aiapmi=0.16\u0026aiapmid=1\u0026aiact=0.5423\u0026aiactd=0.7\u0026aicct=0.7\u0026aicctd=0.5799\u0026ailct=0.5849\u0026ailctd=0.65\u0026aimart=4\u0026aimartd=4\u0026abgtt=7\u0026dt=1760186984531\u0026bpp=7\u0026bdt=400\u0026idt=473\u0026shv=r20251009\u0026mjsv=m202510070101\u0026ptt=9\u0026saldr=aa\u0026abxe=1\u0026eoidce=1\u0026nras=1\u0026correlator=8653020766254\u0026frm=20\u0026pv=2\u0026u_tz=0\u0026u_his=2\u0026u_h=1024\u0026u_w=1280\u0026u_ah=1024\u0026u_aw=1280\u0026u_cd=24\u0026u_sd=1\u0026adx=-12245933\u0026ady=-12245933\u0026biw=1280\u0026bih=1024\u0026scr_x=0\u0026scr_y=0\u0026eid=31095146%2C31095148%2C31095149%2C31095154\u0026oid=2\u0026pvsid=2496581366950195\u0026tmod=196230942\u0026nvt=1\u0026fsapi=1\u0026fc=1920\u0026brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024\u0026vis=1\u0026rsz=%7C%7Cs%7C\u0026abl=NS\u0026fu=32768\u0026bc=31\u0026bz=1\u0026pgls=CAA.\u0026ifi=1\u0026uci=a!1\u0026fsb=1\u0026dtd=531 HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\nserver: cafe\r\ncontent-length: 46\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":603,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (603), with no line terminators","md5":"2c739853e3edfa26869416e3d4e5d369","sha1":"c263dc1c36c954b252bc7e775e6e82865d9b29b8","sha256":"00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce","sha512":"eae3df357290171698ed241a53688a1907712a53d5ac7b8ca06c618335fe45fc556c9903dcc09283a4dabb6ac896ca67af1aeafa528593db532f2e8586540a86","ssdeep":"","tlshash":"76f022e0e0c2080ef0230be0ccf08288002fc2c08ac20f2032ae20f2230020c0c220ca","first_seen":"2023-03-10T03:41:35Z","last_seen":"2026-04-04T10:56:53.648729Z","times_seen":3496,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:02:34 GMT\r\nexpires: Fri, 09 Oct 2026 10:02:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 182832\r\nlast-modified: Mon, 22 Jul 2019 19:21:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21244, version 1.0","md5":"78773521b0ffe376bc7edd8ec2a591fb","sha1":"298df2fcb48b2e9b51e81a6e12d5529835204e29","sha256":"ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55","sha512":"1aa636e9bf15c9610b2f0f92ee3088ba0a097be1eb284a1e1e360e6d3fa39848e73264eeddb69fda133702d677ed96251075c49cddce999c916a8ad442e9151a","ssdeep":"384:gsUc9ZyNZEQb1tTyoN0PaV6SYNt80xQo9bY6ph6kJpPzvNzr2yX3:g5c9gZtbTyvaoft8twkohBJ1vwM","tlshash":"9692d0e66f7e6c62d1b3363d6111126c314f60d5bb835c7c2f8f8ab8dd1510822c16ea","first_seen":"2023-04-05T19:01:16Z","last_seen":"2026-04-04T12:19:58.193569Z","times_seen":489,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9404990661735184\u0026host=ca-host-pub-1556223355139109","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"57:4F:37:52:35:3F:6C:48:14:D9:58:C8:25:71:FC:8E:BA:C6:9D:D7","sha256":"12:75:2E:3D:26:85:EA:B7:93:6B:DE:18:A4:AB:5B:9E:10:E7:92:FC:4E:D9:FD:CA:D3:1C:9D:72:D0:73:84:3A"}}},"request":{"raw":"GET /pagead/js/adsbygoogle.js?client=ca-pub-9404990661735184\u0026host=ca-host-pub-1556223355139109 HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nlink: \u003chttps://googleads.g.doubleclick.net\u003e; rel=\"preconnect\"; crossorigin\r\nvary: Accept-Encoding\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\nexpires: Sat, 11 Oct 2025 12:49:44 GMT\r\ncache-control: private, max-age=3600, stale-while-revalidate=3600\r\ncontent-type: text/javascript; charset=UTF-8\r\netag: 1132682145211135827\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\nserver: cafe\r\ncontent-length: 54311\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":160101,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4830)","md5":"5e3b2f82b912f0d962283dcfb913a65d","sha1":"7d7fae59014f055644b714d00bde1f95ce3d8cea","sha256":"f1825128131baa21a77dc2f00dd4c62b987231279e1cf68658f86b97205b990b","sha512":"9a76a1e5dae8403bb59aa9285fd4d1b90eefdeb188d2a72f7e6d30ae302f99f964873a3bece376148428cf0bf4ba73cb3be81bf3c8bd9dc45d4301ced1e86eea","ssdeep":"3072:hy2jYHhrJKWaxCdLUHBpN8zpt6j0OX2px4Bg8aKiNH6QaLS8B8E6y95MQ227lY+g:hy2jshtKTEdLUHDqzpt6LmpxmgvdNTag","tlshash":"6bf3e89971a2bcb3876389e5006f4107b52d9863f00cc8b0f2d8ded97a2497552b7fad","first_seen":"2025-10-11T12:50:10.958106Z","last_seen":"2025-10-11T12:50:10.958106Z","times_seen":1,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":114,"dns":0,"connect":10,"send":0,"wait":27,"receive":11,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 37650\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 81435661c14baf121b4fe287174ccaca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c4f6df734136529940ae2af9fcfc9bf8","sha1":"6bc939e9eb37b2220dd2cf5fd6b8d56814b22e0d","sha256":"ca6271f946f08c8d55c0042702758871a25a09c75aa957a26219b71ec24b9c3b","sha512":"0329f6bcb95c7ae74528669ca7da166d03c9f8e0764da80a3b6347a9d3e78948a522007f17acc250eee2b6e69895df07e06d7c4f206217fede0fbfd8ab6226b2","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfknKbU1FL8Kkms+F:Sp2PagUxT8xYqzkn1LN","tlshash":"d5a3c5487b91f4af1286603b323f911fe1e50e905088e558d147f9e81ebd747ba3aea4","first_seen":"2025-10-11T12:50:10.959934Z","last_seen":"2025-10-11T12:50:10.959934Z","times_seen":1,"resource_available":true,"data":null}},"time_used":780,"timings":{"blocked":289,"dns":2,"connect":92,"send":0,"wait":106,"receive":93,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f77ea98ddd7815f2f1591e24ce353f91/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 16312\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d12be0947bdac9429ca8c6c86d11ff0d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38394,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38394), with no line terminators","md5":"666fbdc20b37bc4a6de714c3586c41f9","sha1":"70270dd481dbe8eaed6f3e19264df112b2632335","sha256":"7b7d408ec26bd1d394c6a2316087784dc7d0b9d9e38836e9921cb3e3ca2fb47e","sha512":"e7d71112164dfc098ff2b44fb7c4f9081f0df68095dfa52de3d8fe1fc6a21cc4b46236d6eb9052559e7158dd2383f6f0e587fb854f52c7889d5e7a68741353e3","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MzgHt:8qt0O248I6ngWCIj2XMzW","tlshash":"7903c88d3f61b85d0796a033723f840ae6ee4e0458dcd8e8e4076ca0fe64745d4b7ea5","first_seen":"2025-10-11T12:50:10.963544Z","last_seen":"2025-10-11T12:50:10.963544Z","times_seen":1,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTPWwcRRSedX4kfgSCRCkQxZWA0Hlm_5cUCBOCIkISnKAUiGJ2ZtaeeG9n2dm9tV1ZREKBygUF6dbfObEgAUFDB4rOdJGQfDS4iIVER4eQUqNzTjI8ad_73n6j0ffpvflsqzkgHhq-f-V9s67znM8Hfdp75boupGlt79K1HqN9erZ3XRehf7a3Ok3V8A3m-X36au9dJVbMvEsZpYyy3nldqcyszh-y0OX9hPUT2vfdPgt8rFb_723jwHIHcnhAXoSWk-f_zD6CFmMUg-_PKbtSm_L1dwZNzmtTYSh3PixWCtMWGBzBrHKQFTuz0zB2QshXczDFzswBzHB76gCpnpC5M4-QFjszmUiHd54oTXOoAql8Bu1wDJXvQvMxhLkJLfcIICQuXUYxuHvJVC1fe8LyKTshxx__A91OyPFHp1EMvlvI9WrvqsmbWpvCYjXroFfH0EtjlM0u6vU56HYXov4UWv5K5h9fRDHYvmxzAy27Q_c6G4NbB8300w6azEFTOhjI_Z5PY18w7oVZIkVEfe77UqU0iV1KeSIiNGIqaxN1uQmRb0JUGyirDazoL_eePb0X3JsQ56kzeyf-QNU8gF3e_9GLfZ4w5tE4TMMw8ZT0kihIolCqWHhxLKVinCpPsZizOFJ-IgTP4lBy6SrGpPQzRd2YxpKzmLIkY0LGirlhFiW-J8IklVEQuJGbyFBRFimhIp8GfsBDPwuTVPg-i2XsR3EYRSn3ROoxymKRhSKVNEqoSKXrZz7nkk2voWES-QpWOrD1hDgfbGAoO7SKoLUELSdoNUFbE7TD7o7MrWu7uzK3Tcpm1Z1VrxuZemmL3zH1kioIeLWJSnbbuvzE3oSoj43WMytHZpp4WncjnspuqzwgL0xH75A5YEXt97IoUjyJpZRRzILMzViQMOX6QnmBlyUMVnfQdu5wqut6Ql4Kxyj1hJx87nOkfBc234XQL4M3J8DbkUcp-PLIDSjWi2_1oOJFoVrbF2YAaTqU9XHUa85WfkBOjRavLTw4XMSPf1-DEg_JLCCqDmXV4Yb-hWApvzVaNC3ZXjStJT9cLms90Ot8uqRXa16rk9-8p9ZaU8kL5-zm12-JKTGF968pW1_khdTFkiX3FrSUqjpvKqHITxfsdZVeaezyQlMVTXnxytvnLwzKSlmrTTEG1xPy9N9fQOgJOfXz7cMHGLx2G6LcgC2PdFpDkJYEuSbI1dF_nnaw_-nTI7xlb2GpcsDrmygGHYZVh2HegeebsM2xUV1WD9_8zTsMpLkzSvOKbKd5NeX1fi_zlCsojaOQeXGmmOdLkQWxn8iQU89TqO1k-a_FG_8GAAD__81OHz4eBQAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPWwcRRSedX4kfgSCRCkQxZWA0Hlm_5cUCBOCIkISnKAUiGJ2ZtaeeG9n2dm9tV1ZREKBygUF6dbfObEgAUFDB4rOdJGQfDS4iIVER4eQUqNzTjI8ad_73n6j0ffpvflsqzkgHhq-f-V9s67znM8Hfdp75boupGlt79K1HqN9erZ3XRehf7a3Ok3V8A3m-X36au9dJVbMvEsZpYyy3nldqcyszh-y0OX9hPUT2vfdPgt8rFb_723jwHIHcnhAXoSWk-f_zD6CFmMUg-_PKbtSm_L1dwZNzmtTYSh3PixWCtMWGBzBrHKQFTuz0zB2QshXczDFzswBzHB76gCpnpC5M4-QFjszmUiHd54oTXOoAql8Bu1wDJXvQvMxhLkJLfcIICQuXUYxuHvJVC1fe8LyKTshxx__A91OyPFHp1EMvlvI9WrvqsmbWpvCYjXroFfH0EtjlM0u6vU56HYXov4UWv5K5h9fRDHYvmxzAy27Q_c6G4NbB8300w6azEFTOhjI_Z5PY18w7oVZIkVEfe77UqU0iV1KeSIiNGIqaxN1uQmRb0JUGyirDazoL_eePb0X3JsQ56kzeyf-QNU8gF3e_9GLfZ4w5tE4TMMw8ZT0kihIolCqWHhxLKVinCpPsZizOFJ-IgTP4lBy6SrGpPQzRd2YxpKzmLIkY0LGirlhFiW-J8IklVEQuJGbyFBRFimhIp8GfsBDPwuTVPg-i2XsR3EYRSn3ROoxymKRhSKVNEqoSKXrZz7nkk2voWES-QpWOrD1hDgfbGAoO7SKoLUELSdoNUFbE7TD7o7MrWu7uzK3Tcpm1Z1VrxuZemmL3zH1kioIeLWJSnbbuvzE3oSoj43WMytHZpp4WncjnspuqzwgL0xH75A5YEXt97IoUjyJpZRRzILMzViQMOX6QnmBlyUMVnfQdu5wqut6Ql4Kxyj1hJx87nOkfBc234XQL4M3J8DbkUcp-PLIDSjWi2_1oOJFoVrbF2YAaTqU9XHUa85WfkBOjRavLTw4XMSPf1-DEg_JLCCqDmXV4Yb-hWApvzVaNC3ZXjStJT9cLms90Ot8uqRXa16rk9-8p9ZaU8kL5-zm12-JKTGF968pW1_khdTFkiX3FrSUqjpvKqHITxfsdZVeaezyQlMVTXnxytvnLwzKSlmrTTEG1xPy9N9fQOgJOfXz7cMHGLx2G6LcgC2PdFpDkJYEuSbI1dF_nnaw_-nTI7xlb2GpcsDrmygGHYZVh2HegeebsM2xUV1WD9_8zTsMpLkzSvOKbKd5NeX1fi_zlCsojaOQeXGmmOdLkQWxn8iQU89TqO1k-a_FG_8GAAD__81OHz4eBQAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16777890=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 75e0f4414ba30bdf5b62dcef185db432\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQXEhciaHABkCvlK7UE1ve2qSDz-KrxlJbo1ESPEr9AkfxjaLFkkOJvZcl-lO2AdW9PKKAdSFeh79ew3Vu26GwaZ70RRbSRCDqRRJpanE45woNmUXbSS__waBed-JHGa1cIl9rFyEysTp4G4ILD1bt1MHVjtMbmFyYXL5_Hbbln6VZBAv0mTRTr1-gLmFW/s400/Screenshot_20250724_001211.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgQXEhciaHABkCvlK7UE1ve2qSDz-KrxlJbo1ESPEr9AkfxjaLFkkOJvZcl-lO2AdW9PKKAdSFeh79ew3Vu26GwaZ70RRbSRCDqRRJpanE45woNmUXbSS__waBed-JHGa1cIl9rFyEysTp4G4ILD1bt1MHVjtMbmFyYXL5_Hbbln6VZBAv0mTRTr1-gLmFW/s400/Screenshot_20250724_001211.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3324\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Screenshot_20250724_001211.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 12965\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12965,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 400x210, components 3","md5":"c113fa6f5704fa0cacb22065f1c78118","sha1":"60cfeb615fee81b82dac18a301e7eea073697809","sha256":"c735ac279680218fe97b13289dc90f01b55bedc17755ec4b5876c1119d07d84e","sha512":"5b8261a04e7c258698ad8de49ec6ab50c83925986accece2e832441bd3696e4bb8475c5e71b6aa990fa40a5037e4a32efefbb030a3b6f668b82173fd7e159ecb","ssdeep":"384:3++7D3u+dCdRXyo9/YatRb2Bt02GhklTNVCWURqc:3++W+dCLyE/vf2YahO8c","tlshash":"1f42d047b4c39d97d160ae7281df8b85a51c4bf1ba9709242a2eb730ea451c39a21fe4","first_seen":"2025-10-11T12:50:10.967558Z","last_seen":"2025-10-11T12:50:10.967558Z","times_seen":1,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":299,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:48.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:43:54 GMT","end":"Mon, 15 Dec 2025 08:43:53 GMT"},"fingerprint":{"sha1":"84:8D:B4:50:4D:F1:86:66:2E:19:17:DA:99:09:25:AE:AD:55:FA:07","sha256":"AA:E4:A6:5B:63:F3:EB:19:DF:99:22:64:53:E8:36:B8:83:44:E4:DF:F1:8E:77:2B:E6:81:25:56:70:D2:E1:99"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 11 Oct 2025 12:08:10 GMT\r\nexpires: Sat, 11 Oct 2025 12:58:10 GMT\r\ncache-control: public, max-age=3000\r\nage: 2498\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt\u0026tn=IFRAME\u0026ign=false\u0026pw=1280\u0026ph=1024\u0026x=0\u0026y=0","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"57:4F:37:52:35:3F:6C:48:14:D9:58:C8:25:71:FC:8E:BA:C6:9D:D7","sha256":"12:75:2E:3D:26:85:EA:B7:93:6B:DE:18:A4:AB:5B:9E:10:E7:92:FC:4E:D9:FD:CA:D3:1C:9D:72:D0:73:84:3A"}}},"request":{"raw":"GET /pagead/gen_204?id=ach_evt\u0026tn=IFRAME\u0026ign=false\u0026pw=1280\u0026ph=1024\u0026x=0\u0026y=0 HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/w110-h110-p-k-no-nu/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg=w72-h72-p-k-no-nu","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/w110-h110-p-k-no-nu/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg=w72-h72-p-k-no-nu HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3482\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9 (1).jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 6155\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6155,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 110x110, components 3","md5":"07833e39d97f139ad73de4b88993c14b","sha1":"c912e47f6e003ae762109f07ddda27ea0ac910c0","sha256":"fdce97f65e204b54c7fbf8df047873e8b9c98a7eed376d3361a18fda0ee973d6","sha512":"5217df9d7df69685a62a0bff07514f96033873912df2abf03501579db35d98c2e439f35b3a6f83b77eb43841d1ed50ceb1135ab96cc615ea03accb907682b0cd","ssdeep":"96:rh/063yj5szf6XrZhbJMr+ko0GYhzglNi6679yISuZh4mEZG6H0TkuMH9:rN0cU+f6XtdJa1Vrzgzi6S9yIHMS6HUO","tlshash":"7cc17e929b220642cfe1c03589534305e7e8706cc745effd659896ea80a1cf731a8863","first_seen":"2025-10-11T12:50:10.973172Z","last_seen":"2025-10-11T12:50:10.973172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQXEhciaHABkCvlK7UE1ve2qSDz-KrxlJbo1ESPEr9AkfxjaLFkkOJvZcl-lO2AdW9PKKAdSFeh79ew3Vu26GwaZ70RRbSRCDqRRJpanE45woNmUXbSS__waBed-JHGa1cIl9rFyEysTp4G4ILD1bt1MHVjtMbmFyYXL5_Hbbln6VZBAv0mTRTr1-gLmFW/w110-h110-p-k-no-nu/Screenshot_20250724_001211.jpg=w72-h72-p-k-no-nu","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgQXEhciaHABkCvlK7UE1ve2qSDz-KrxlJbo1ESPEr9AkfxjaLFkkOJvZcl-lO2AdW9PKKAdSFeh79ew3Vu26GwaZ70RRbSRCDqRRJpanE45woNmUXbSS__waBed-JHGa1cIl9rFyEysTp4G4ILD1bt1MHVjtMbmFyYXL5_Hbbln6VZBAv0mTRTr1-gLmFW/w110-h110-p-k-no-nu/Screenshot_20250724_001211.jpg=w72-h72-p-k-no-nu HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3324\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Screenshot_20250724_001211.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 3706\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 110x110, components 3","md5":"c4885e15dad7faa5bef66ceae6a4a8c8","sha1":"5d760b52124861adf89ba108b2fd9a285567be68","sha256":"e1f623137c353b54763dd1815f9b0407ea36cca67307800357d5dfa6ce16c0cf","sha512":"d31f4d05b1f9ed3719a2b3ae48cf413f9e92349ca5adaf5c652703ba16d3dc6ca185063718f5311ae5afd983083e3a89dd199b3c9fae3d0b6d8d94f2ac4225a9","ssdeep":"","tlshash":"0b712a45f0f15830d3fd99328ab6ba18c254fafcaba42ebccbc04b71092e588176515a","first_seen":"2025-10-11T12:50:10.975213Z","last_seen":"2025-10-11T12:50:10.975213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":470,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:02:34 GMT\r\nexpires: Fri, 09 Oct 2026 10:02:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 182833\r\nlast-modified: Mon, 22 Jul 2019 19:21:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21244, version 1.0","md5":"78773521b0ffe376bc7edd8ec2a591fb","sha1":"298df2fcb48b2e9b51e81a6e12d5529835204e29","sha256":"ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55","sha512":"1aa636e9bf15c9610b2f0f92ee3088ba0a097be1eb284a1e1e360e6d3fa39848e73264eeddb69fda133702d677ed96251075c49cddce999c916a8ad442e9151a","ssdeep":"384:gsUc9ZyNZEQb1tTyoN0PaV6SYNt80xQo9bY6ph6kJpPzvNzr2yX3:g5c9gZtbTyvaoft8twkohBJ1vwM","tlshash":"9692d0e66f7e6c62d1b3363d6111126c314f60d5bb835c7c2f8f8ab8dd1510822c16ea","first_seen":"2023-04-05T19:01:16Z","last_seen":"2026-04-04T12:19:58.193569Z","times_seen":489,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deadmentionsunday.com/e1/c4/41/e1c441b287fd68da21ff313dd5d3c055.js","fqdn":"deadmentionsunday.com","domain":"deadmentionsunday.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.219Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /e1/c4/41/e1c441b287fd68da21ff313dd5d3c055.js HTTP/1.1\r\nHost: deadmentionsunday.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":312,"connect":359,"send":0,"wait":0,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"deadmentionsunday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv6PqYCjZcTiSGeUSZ2FBcNaYIDCbKSoCsTZRNzNUyuYobjfJIBLx_iH9hisu9JCtLMGi5O0oOI7UYPPt7dOq4MAmrQqDLvJHofvM9WxXX3ea4DL46dEtUA9dfFtIHxI-YBngdCOKXeo6G/s193/generik_logo.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgv6PqYCjZcTiSGeUSZ2FBcNaYIDCbKSoCsTZRNzNUyuYobjfJIBLx_iH9hisu9JCtLMGi5O0oOI7UYPPt7dOq4MAmrQqDLvJHofvM9WxXX3ea4DL46dEtUA9dfFtIHxI-YBngdCOKXeo6G/s193/generik_logo.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v2ed1\"\r\nexpires: Sun, 12 Oct 2025 12:49:44 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"generik_logo.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\nserver: fife\r\ncontent-length: 2150\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 50, 8-bit colormap, non-interlaced","md5":"a313f29c24fbf50bf678a4620beb9620","sha1":"1c68d96b9feb7e5559ae0d625bc49a5efd782be6","sha256":"bf4b7d97c0070f926e212674d646a0bf2ae5dd27242b002d946c89b972866653","sha512":"785f94ad253dae56690e6d6292234a56272e6b4c5a315ac08ae7bc8ab930287e90fad4e56999aa5be696469e6f9b19eaefb7c4b854d7565073d1874fdecb149c","ssdeep":"","tlshash":"39411ab708494cc9838a1f3e7711637ad8d97f7d750ac88db480b13832f9e605467188","first_seen":"2025-10-11T12:50:10.976907Z","last_seen":"2025-10-11T12:50:10.976907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":783,"timings":{"blocked":22,"dns":2,"connect":29,"send":0,"wait":552,"receive":1,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.157.139.67","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1; expires=Tue, 09 Oct 2035 12:49:44 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"be09b89b7644b9f670e3d765e561cadf","sha1":"15ee60bd98ae3d249383d2bd24e8bf7905250c45","sha256":"0f8e950f573fc30dae428959ea1ef93436c10ee27aa1d9bda66b39964417c37a","sha512":"f847dec22371d094eae0f9b23f01f9fc893543b48a07663eb1629cee83c0fee081c6a9ba23ee8cc59baf9f03df534340b5fd1b34357e58dfbe5bf7b299276bd7","ssdeep":"","tlshash":"869004544f035c747df045044c5cd10dd70dd30d15d0c3745415f17431c3454014701f","first_seen":"2025-10-11T12:50:10.978349Z","last_seen":"2025-10-11T12:50:10.978349Z","times_seen":1,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":120,"dns":1,"connect":22,"send":0,"wait":21,"receive":0,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.671476368505.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.671476368505.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\nlocation: https://rashcolonizeexpand.com/watch.671476368505.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=6bd5cde3ecba8765ecd790f133976fc690d661fb9de30756db2158a0c81888d0cd2008fe3605bd082b6b00b89589fd38c59bbe240caa182c86660a27fac35e60f320cc642f70b099e3d436026c8dfa8d2f79dfe1569a5eb213d439\u0026tz=0\u0026uuid=\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; expires=Sat, 11 Oct 2025 12:50:46 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3daf5cfc1293c4d6ca04bbbccd3e4b3f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4756,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 37657\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 7\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e69c8450c7f3aee65b6625b564699699\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5cdb6583ad052bc9d66eb6a1c4a5bc4c","sha1":"63bba2cbbf2a2aae312fcd8b10a3ca5b6c0d84d9","sha256":"6177db49231039cb86fdb081843e8bada301c0ac03aac7afadb9508fd104d3ef","sha512":"8fa66cacf252b4eb00bf9420e0dd95f770a721bb499e394fdf401cc8048d569fe786c7ba7e014a754e2b501f231fcc6da920f956e468cab024c90bfc14e902f7","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkpKbU1FL8KkTs+F:Sp2PagUxT8xYqzkp1Lk","tlshash":"1aa3c5487b91f4af1286603b323f911fe1e50e905088e558d147f9e81ebd747ba3aea4","first_seen":"2025-10-11T12:50:10.979785Z","last_seen":"2025-10-11T12:50:10.979785Z","times_seen":1,"resource_available":true,"data":null}},"time_used":801,"timings":{"blocked":297,"dns":15,"connect":92,"send":0,"wait":104,"receive":94,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/cd/c9/a9/cdc9a966d6795b3583ac2632f44eb6aa/1756656459.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/cd/c9/a9/cdc9a966d6795b3583ac2632f44eb6aa/1756656459.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67822\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:39 GMT\r\netag: \"68b4734b-108ee\"\r\nexpires: Mon, 13 Oct 2025 12:49:47 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67822,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 13:14:09], progressive, precision 8, 300x250, components 3","md5":"696ba29a63dfe01547803836971e97a9","sha1":"b72606a501bda10fa1672cacf61d81d80dffd5e4","sha256":"b3bc7de0e531e7b83d7dc8afe413f1b9eb1ff93ce14bfda2a9e035bdf987dc7b","sha512":"c8f24c9b752e0f4a6b9d8d66db5ea8177715c5faf35f3e1048177fb59f7ca3bb8e58b39a0e4d61af365d4e12c774c9deb6850dbe87287c07681f0369dacc2805","ssdeep":"1536:LvQZDdDvQZDdTZcUnp1kQEkoa62+Zp0H5D:LoJdDoJdNDplmOHp","tlshash":"7b63d0e96b609c76fbe48530dc35e6b6d2174c46e373294abc2fed0137312e85d6908a","first_seen":"2025-09-02T20:03:30.38824Z","last_seen":"2026-04-04T03:41:03.026715Z","times_seen":918,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=7392\u0026rd=7392\u0026fd=506\u0026bv=25.10.4943\u0026tmpl=136","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=7392\u0026rd=7392\u0026fd=506\u0026bv=25.10.4943\u0026tmpl=136 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/watch.671476368505.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=6bd5cde3ecba8765ecd790f133976fc690d661fb9de30756db2158a0c81888d0cd2008fe3605bd082b6b00b89589fd38c59bbe240caa182c86660a27fac35e60f320cc642f70b099e3d436026c8dfa8d2f79dfe1569a5eb213d439\u0026tz=0\u0026uuid=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /watch.671476368505.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=6bd5cde3ecba8765ecd790f133976fc690d661fb9de30756db2158a0c81888d0cd2008fe3605bd082b6b00b89589fd38c59bbe240caa182c86660a27fac35e60f320cc642f70b099e3d436026c8dfa8d2f79dfe1569a5eb213d439\u0026tz=0\u0026uuid= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nReferer: https://usaxtoday.blogspot.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 3332\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: pdhtkv=true; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nu_pl16777890=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 100\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0b6b2d66913bd4b8161b433bb8c8ed45\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4756,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3880)","md5":"ed3cdc6e4c806fdbb97790f4b257f3d7","sha1":"d3eba35fe9966dd30a2e8282141ee539756ae7e6","sha256":"5886a6315b3dec27954cab0658039466ee28f01070e6a2d3b00e9563ecb4fe8c","sha512":"570c786fb0e1f1114f3ab09ffbc9d3b80b2e1eb778e8929b09aa2a1c740a701a129b2159ea79fa035d4685f9535e387f49e3fa19ead241892f6f11bcd3b96393","ssdeep":"96:ZEozEqroXoKdajPM5971HZMw++QDwj1Ob6CAKtHDWSD1/DP7CCfMEDaH:HzsX5v5fHGwPitJW2b+CkCaH","tlshash":"7da13afa3d9351392823b0ff4ae63704ae20c106a945f186785ddb100f59eb10ebf9e8","first_seen":"2025-10-11T12:50:10.982456Z","last_seen":"2025-10-11T12:50:10.982456Z","times_seen":1,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/3d/d9/64/3dd9642c1a0f0ea8ecb87c4f08ab4e35/1756656449.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57804\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:07:29 GMT\r\netag: \"68b47341-e1cc\"\r\nexpires: Mon, 13 Oct 2025 12:49:46 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 12:01:08], progressive, precision 8, 300x250, components 3","md5":"824db83fb47e0a4aa226db9a9466c8fb","sha1":"7e968550f726c370b806345e6a8b553c16532e62","sha256":"a6d919f12896285dffac6679aa238ff266d0df399bd91d53008571218bdcf6e1","sha512":"1dd3fe4d4ce6f2139f9ef18284437c08b2a360ccd46fc702d1a6802d728e18f8ca0245dd68936a6ceaac02c3cb4628bc21939516b6f9414a54f90b425648aa4e","ssdeep":"768:LA3DDT+b75AiF3DDT+b75K22YyqwsZmXRPpB+8mwvecNaeJKY2YtWImlYwaVJesk:LA3DDCPX3DDCP022p36wv+S5pnJeb","tlshash":"2043d024db51ad33ece4b5b1edd1ebe76311ae547b136d447c6c28a43b703884a6e203","first_seen":"2025-09-02T17:46:38.163709Z","last_seen":"2026-04-03T17:23:29.916273Z","times_seen":961,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":44,"dns":0,"connect":19,"send":0,"wait":38,"receive":23,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXYWrIZZwimSg7UFCy52B-bNzACQp4KaedAkDLnuoRuj-yPeq5IO69lkR1ismdCZjUFeARZ-LidbkLnMX_zqvrUap_I0tJB5A9ZtcMrlnLqK7KO8N3v_Cunq1ASqqP_AGCDDLGCEVGD9G8Cv-1metP2nUMyfUG0tA1D0VuYui_-iHn48M94WwMNxnP5vKZ/w72-h72-p-k-no-nu/Screenshot_20251008_212229.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiXYWrIZZwimSg7UFCy52B-bNzACQp4KaedAkDLnuoRuj-yPeq5IO69lkR1ismdCZjUFeARZ-LidbkLnMX_zqvrUap_I0tJB5A9ZtcMrlnLqK7KO8N3v_Cunq1ASqqP_AGCDDLGCEVGD9G8Cv-1metP2nUMyfUG0tA1D0VuYui_-iHn48M94WwMNxnP5vKZ/w72-h72-p-k-no-nu/Screenshot_20251008_212229.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v34a3\"\r\nexpires: Sun, 12 Oct 2025 12:49:45 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Screenshot_20251008_212229.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\nserver: fife\r\ncontent-length: 2697\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2697,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3","md5":"747da7b11fbf9a93914513ef0edc4222","sha1":"30fadb989725d1eeb506af45d590e8fdc4e2dcf3","sha256":"83b78c286bc35ea248ccbea94ce612d8604f630a33a3728004653a3299082843","sha512":"ac501d5a755d78838573aa30106f893d5bd57154c0623ba15e8e6b75146b7289121da189412055ae7af7ccc52f738c445c5bd990683b6d8311e3f368110badba","ssdeep":"","tlshash":"b1512b9e384869e9f67d84f5032f6b419665485df3434e69888147330da62d2ddf76c0","first_seen":"2025-10-11T12:50:10.985291Z","last_seen":"2025-10-11T12:50:10.985291Z","times_seen":1,"resource_available":false,"data":null}},"time_used":824,"timings":{"blocked":45,"dns":1,"connect":14,"send":0,"wait":597,"receive":0,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl17791347.revenuecpmgate.com/e7/bb/f9/e7bbf9053e97b1beec7b178829197d71.js","fqdn":"pl17791347.revenuecpmgate.com","domain":"revenuecpmgate.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"revenuecpmgate.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 Aug 2025 10:31:51 GMT","end":"Thu, 27 Nov 2025 10:31:50 GMT"},"fingerprint":{"sha1":"9B:93:AB:0D:BE:A3:40:A9:58:BE:A3:A6:F2:18:92:29:E2:1A:7C:32","sha256":"3D:E6:EC:90:1B:27:54:04:90:26:18:BF:8B:27:48:04:F0:C5:14:27:1A:9A:E4:4E:F5:34:6A:12:D9:06:9D:41"}}},"request":{"raw":"GET /e7/bb/f9/e7bbf9053e97b1beec7b178829197d71.js HTTP/1.1\r\nHost: pl17791347.revenuecpmgate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 35249\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 9\r\nHost: pl17791347.revenuecpmgate.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 12ddc30a1b6a1bbfbdce6549e9a12438\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":98400,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d3dfe50e0a083c7f7d9f094c99e0e641","sha1":"3a428a560202a68c417a1dafe9e46cea8ca8e91e","sha256":"dcb90ff15d7a3adafc583390e61fbe2408c6506f62f44233a340bbdd00e70374","sha512":"366ca2c25802b6bf2b71f3e46c2b5eff712c17b2898e5c70b14f252eb11bd0036434a0b469533afdc0cdc813ea30b411b330d58986c02fe600b090dd395eb8f0","ssdeep":"1536:cY+Z/qOJv+PThsgBLPkpzNluQTFDeBsbZum+iQ1G5SmqA01FHXgG3DFHavgX4:cY+3gBL2lj5qBsbZuQEG5SbA07XgG3De","tlshash":"a7a3b7887f80f05f42b7607a623fb10bf19a4d41d59ce95ce163eca12e7831bd53aa64","first_seen":"2025-10-11T12:50:10.987235Z","last_seen":"2025-10-11T12:50:10.987235Z","times_seen":1,"resource_available":true,"data":null}},"time_used":517,"timings":{"blocked":-1,"dns":40,"connect":91,"send":0,"wait":106,"receive":91,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"pl17791347.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"pl17791347.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"pl17791347.revenuecpmgate.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.157.139.67","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nCookie: uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"be09b89b7644b9f670e3d765e561cadf","sha1":"15ee60bd98ae3d249383d2bd24e8bf7905250c45","sha256":"0f8e950f573fc30dae428959ea1ef93436c10ee27aa1d9bda66b39964417c37a","sha512":"f847dec22371d094eae0f9b23f01f9fc893543b48a07663eb1629cee83c0fee081c6a9ba23ee8cc59baf9f03df534340b5fd1b34357e58dfbe5bf7b299276bd7","ssdeep":"","tlshash":"869004544f035c747df045044c5cd10dd70dd30d15d0c3745415f17431c3454014701f","first_seen":"2025-10-11T12:50:10.978349Z","last_seen":"2025-10-11T12:50:10.978349Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22336\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:24:59 GMT\r\nexpires: Fri, 09 Oct 2026 10:24:59 GMT\r\ncache-control: public, max-age=31536000\r\nage: 181487\r\nlast-modified: Mon, 22 Jul 2019 19:22:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22336,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22336, version 1.0","md5":"2ecb426f85ffc1c53b677556210e629f","sha1":"ad9850819763f79ddc8e1edb97609acbb5f1c28d","sha256":"92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219","sha512":"b765331cf9cbc19a7ef32d280b82214d1fe08f95b20952c018e45ff80bcb65f8a316801a7aaf620ce2e03556870f6f1815c62ea0c2e137a5fbec1d7cbd9eab7a","ssdeep":"384:B+6sNaUlJfuAKzwhza0l/rfSmASgrCgu06oZrSOabylQmKS/KAi+1Vyl:B+6CWAKgzacTKo98TpyyXKS/KXeUl","tlshash":"5fa2e1725755c41edc41c3e14db1e6ee10c2b3ed6033f5282dab43985e5eaf2224e99c","first_seen":"2023-04-05T19:01:16Z","last_seen":"2026-04-04T07:07:00.157771Z","times_seen":369,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aa595f99ffd2e3d712eb6dbff18184ae\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":688,"timings":{"blocked":301,"dns":2,"connect":91,"send":0,"wait":96,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 37657\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 8\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 127f9557220078b85ab09970b7fc4a12\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3da6e83669772dccbfc79e363ddd4c71","sha1":"ffee782a93f063a09ffd6ea34e366e56923de952","sha256":"8516f2209abcc9bc49102beab9e29445495ca8aa72443dd769ecc059d669fcc0","sha512":"25a17d051377965f7d4f2d84570629cef191f880fff513d6c61135596b546288fcbbaf73fefe8c7a5685986bffcdaff336a6fa8e380ec722c60e4d9df529c21a","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkoKbU1FL8Kk+s+F:Sp2PagUxT8xYqzko1LV","tlshash":"9ca3c5487b91f4af1286603b323f911fe1e50f905088e558d147f9e81ebd747ba3aea4","first_seen":"2025-10-11T12:50:10.990286Z","last_seen":"2025-10-11T12:50:10.990286Z","times_seen":1,"resource_available":true,"data":null}},"time_used":678,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":103,"receive":94,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/w83-h66-p-k-no-nu/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg=w72-h72-p-k-no-nu","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/w83-h66-p-k-no-nu/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg=w72-h72-p-k-no-nu HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3482\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9 (1).jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 3835\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3835,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 83x66, components 3","md5":"8be65792173935793dc054db2f8b5564","sha1":"3e49d24d10cf61b916e580d9fa90db250d23336a","sha256":"3aac36202b11f9de9a7ec2ff8d918063104c5e2c9a000c549fb8b8caf887f03a","sha512":"369efe2c29b437bf04c6a60a37dc6bdc7ef6b1736077cbf5a02bb78c0eb2dfecbd0b836b7f37d0d3e4ac0d90342498dc11ff942fd62de60c5c86581813223c03","ssdeep":"","tlshash":"88816d48fadfbbc5de678e743eba12e6d81ce24dce39487cb6d4209811c0464144ee40","first_seen":"2025-10-11T12:50:10.99152Z","last_seen":"2025-10-11T12:50:10.99152Z","times_seen":1,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/feeds/posts/default?alt=json-in-script\u0026max-results=6\u0026callback=jQuery112408969847269535052_1760186986563\u0026_=1760186986564","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:32 GMT","end":"Mon, 15 Dec 2025 08:41:31 GMT"},"fingerprint":{"sha1":"BD:F0:9F:5E:97:20:4C:C4:AE:B1:30:B8:13:B5:E8:63:2A:41:0D:CF","sha256":"0B:09:22:C9:3B:15:4C:3F:E6:7C:0E:A1:49:9B:8E:25:C6:48:A5:9C:E8:43:0A:ED:64:30:39:CC:96:86:5E:F8"}}},"request":{"raw":"GET /feeds/posts/default?alt=json-in-script\u0026max-results=6\u0026callback=jQuery112408969847269535052_1760186986563\u0026_=1760186986564 HTTP/1.1\r\nHost: usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html\r\nCookie: _ga_8P38QL64J8=GS2.1.s1760186984$o1$g0$t1760186984$j60$l0$h0; _ga=GA1.1.1951808189.1760186985; pp_main_7c0bda1f073c4e77ad7f857c8dae1f7c=1; pp_idelay_7c0bda1f073c4e77ad7f857c8dae1f7c=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncross-origin-resource-policy: cross-origin\r\netag: W/\"858b2c271d84d034e3c3e87cb2c6146f258f4e9fec357e5528a0134f40819f18\"\r\ndate: Sat, 11 Oct 2025 12:49:46 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nserver: blogger-renderd\r\nexpires: Sat, 11 Oct 2025 12:49:47 GMT\r\ncache-control: public, must-revalidate, proxy-revalidate, max-age=1\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nlast-modified: Sat, 11 Oct 2025 11:46:22 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 10507\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50999,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (50747)","md5":"98269e1b224af1ac1ac0d7acff6071d8","sha1":"7e1f4be5b3f769133d9cee134522c2ffcec4f856","sha256":"284449ffc3252fdc40019f77a9c013c0acb8fc91c06c07de9e54fbd2cd709c2a","sha512":"8453a5c690edf74c4531c62c260331bf9c411e0dd6f6f81c2c5de3e8b0817235f7e46705f4a9c280fff6d783772a7c36c1346e764af1c9ec072fb963bcdd91ba","ssdeep":"1536:v0fQ73qUoUjDqq91gMO11A8D3k1P0di4mDLm6mzED0zP:vGUoUjDqq91gMO11A8o1P0di4mDLm6m3","tlshash":"8833d563679cca22841729a4dc36f79de0728967026edbb19c7f4c3bc1a510e239677c","first_seen":"2025-10-11T12:50:10.992932Z","last_seen":"2025-10-11T12:50:10.992932Z","times_seen":1,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":352,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-8P38QL64J8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"GET /gtag/js?id=G-8P38QL64J8 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\nexpires: Sat, 11 Oct 2025 12:49:44 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141322\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":425140,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"c38731f1dd32471d47a3254d03798aff","sha1":"ef57b1656501bee20e305a1b23bae78d5a02096e","sha256":"4cba91b7bd9aa88e8519b1c19f61950c7b8875edfdaeafc332b481f86565184a","sha512":"99dcd7c72df5f94bbf5abb0b91cfa41f16688ee609b9e6f66834c587639a081a79980d80d8dc66a038d2f25f61f825fa147e3543e541df4d7049cdde6a08814b","ssdeep":"6144:jBh/yp2a4tk0uwbWZJT+Nju5204O0NsYXdXAQY:V4YJm0KZJu0O8","tlshash":"ee9419de73d674225396f078503f018ba57b28a2b44cc89af189cde42e74a9a4177f7c","first_seen":"2025-10-11T12:50:10.994625Z","last_seen":"2025-10-11T12:50:10.994625Z","times_seen":1,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":79,"dns":1,"connect":10,"send":0,"wait":37,"receive":25,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.8.2/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 9802\r\ncf-ray: 98ce7aab5e2056ca-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e60-d78f\"\r\nlast-modified: Mon, 04 May 2020 16:10:08 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1337205\r\nexpires: Thu, 01 Oct 2026 12:49:44 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YK1PpofFHtY9BpFUEuP6t%2F6PO9ecj2qfcBDyiWDE06GXQDwLws8oKRHyoOJ0QZECWGsBsErchXIg5bMqk4ylAY8RluCsKuwV38H7nAusjyxReAct4G5F1OPpsgQUmdvchJTJAKOz\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55183,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (54998)","md5":"77cbad34e5ce95e70847b074e05faeab","sha1":"50ccfd672cc8d4d4cff476204509c2fd51907ffa","sha256":"06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f","sha512":"aea425b5746e1f1b4f5a192da406712c751527712899b9f786f93d3c78d5fcde43314627cca3c2d62dee6f49845e0173b1a64d789728134607ab48ff185b1d1a","ssdeep":"768:nuC31UP18Pq4/vnU6UHJXkQCZ/WMQyjJKX7I9sGsQz5:nu5PWC4/vYH5BCkgc7qsiF","tlshash":"bd430bb8e54c41c9a731c44fbf82b2bc61b6f73ce5914d95f00e691c2ad26a811c9fb9","first_seen":"2023-04-05T05:12:38Z","last_seen":"2026-04-04T10:42:44.773952Z","times_seen":3660,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":17,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9404990661735184\u0026plah=usaxtoday.blogspot.com","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"57:4F:37:52:35:3F:6C:48:14:D9:58:C8:25:71:FC:8E:BA:C6:9D:D7","sha256":"12:75:2E:3D:26:85:EA:B7:93:6B:DE:18:A4:AB:5B:9E:10:E7:92:FC:4E:D9:FD:CA:D3:1C:9D:72:D0:73:84:3A"}}},"request":{"raw":"GET /pagead/managed/js/adsense/m202510070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9404990661735184\u0026plah=usaxtoday.blogspot.com HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\nexpires: Sat, 11 Oct 2025 12:49:44 GMT\r\ncache-control: private, max-age=3600, stale-while-revalidate=3600\r\ncontent-type: text/javascript; charset=UTF-8\r\netag: 8025229360932196147\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\nserver: cafe\r\ncontent-length: 171298\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":518506,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2688)","md5":"16b4c8d925cb3e1945bade901f32f2b4","sha1":"805215561c985cf42be680cea7542849d10f395f","sha256":"9827c2bed7b73c2df47232c97cfdcdf8fc92c96d7323849eaf4ba23cc587fd6f","sha512":"f7ab5e2befd6ba2c99cabae25220fcffb1a6e4eaa21f85cc232b5b88d9d3cb0e64a785ec0ca03fe05fa16923150c48065f88d8991674b564d412fcf812a4b451","ssdeep":"12288:TiEURjekUsEEc98Xl8qDQQjYAvC2qInChiB+dcoQ0+RiH6ExaDnOC9i/CRR7nQ1i:TiEURjekUsEEc98Xl8qDQQkAvBqInCh0","tlshash":"5bb41ad972a274a783a394ea507f0147b125ac92f00cc8b8b66cddd97d2086553b7fbc","first_seen":"2025-10-10T07:46:59.204203Z","last_seen":"2025-10-13T18:16:11.908927Z","times_seen":118,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08025f3060364472e89fc7b94a832e86; expires=Sun, 11 Oct 2026 12:49:44 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 98ce7aaefad5b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"8e364de2864569dc53e5918339bcdd8d","sha1":"79d8f1973b1830afba4fee946882f7e35f73a225","sha256":"16242c3e4e5169c0489287ab9ceb46952621cd56e9ddb04a65b5c277cbd6148a","sha512":"76cc97f360194d64ae55abc6fe15b222bed1fdd650f74858a29cb78fde067cbbb5a400ec88261954d143fc955aab96c029dd5384a09758e1c0e3d44b234036c5","ssdeep":"","tlshash":"45a002998b9839bd8881191b5f9b9b6592430872d908525a8be8c003258e56d5655b4c","first_seen":"2025-10-11T12:50:10.998174Z","last_seen":"2025-10-11T12:50:10.998174Z","times_seen":1,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":66,"dns":21,"connect":1,"send":0,"wait":40,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oyo4d.com/5/5726010/?oo=1\u0026js_build=iclick-v1.1586.2\u0026userId=08025f3060364472e89fc7b94a832e86\u0026dmn=inklinkor.com\u0026tt=2\u0026ix=0","fqdn":"oyo4d.com","domain":"oyo4d.com","tld":"com"},"ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oyo4d.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Aug 2025 05:09:42 GMT","end":"Thu, 30 Oct 2025 05:09:41 GMT"},"fingerprint":{"sha1":"CA:B0:55:2C:92:65:6D:F3:1E:6D:BA:45:88:FD:65:2F:07:36:13:27","sha256":"DA:EB:6B:D8:17:3D:D3:8F:2D:0D:B8:71:CE:2B:40:9E:83:B9:6F:46:25:7F:24:C5:24:83:76:CC:BB:09:4A:7F"}}},"request":{"raw":"POST /5/5726010/?oo=1\u0026js_build=iclick-v1.1586.2\u0026userId=08025f3060364472e89fc7b94a832e86\u0026dmn=inklinkor.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: oyo4d.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2671\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sat, 11 Oct 2025 12:49:46 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":114,"dns":27,"connect":28,"send":0,"wait":29,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21304\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:48:18 GMT\r\nexpires: Fri, 09 Oct 2026 11:48:18 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 22 Jul 2019 19:21:15 GMT\r\ncontent-type: font/woff2\r\nage: 176488\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21304,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21304, version 1.0","md5":"d8bc03a60729f4b05b42e057e21eaed3","sha1":"51d1a6303f98e2426f5b300105fd9c04784f1395","sha256":"0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1","sha512":"530bd07d5119181c5e7de8cf1d6ac924de5ddb9ba7dfc2213c0602f89f3441a792510ddb1b9a71185e426ffb883e3ba08c85986ddf2381b2b7c4dd40c97ef6b9","ssdeep":"384:LnMcFLFanK8siUo10bCsXRsKD+NO5obfcun6i7mUvpsK9QnUY/Z3:TG6e6XGKDbo9nFd79Qn5R","tlshash":"33a2e1a51100c53adf590dfdced23a2dfb0787203b9b44ab5b469b94288f0a56a0cd3a","first_seen":"2023-05-01T19:17:47Z","last_seen":"2026-04-04T07:07:00.159514Z","times_seen":362,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"www.usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-11T12:49:37.869Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /2025/10/balin-miller-fall-vider.html HTTP/1.1\r\nHost: www.usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nLocation: https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Encoding: gzip\r\nDate: Sat, 11 Oct 2025 12:49:38 GMT\r\nExpires: Sat, 11 Oct 2025 12:49:38 GMT\r\nCache-Control: private, max-age=0\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nX-XSS-Protection: 1; mode=block\r\nContent-Length: 229\r\nServer: GSE\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":433462,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":6,"dns":1,"connect":8,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-11T12:49:38.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:32 GMT","end":"Mon, 15 Dec 2025 08:41:31 GMT"},"fingerprint":{"sha1":"BD:F0:9F:5E:97:20:4C:C4:AE:B1:30:B8:13:B5:E8:63:2A:41:0D:CF","sha256":"0B:09:22:C9:3B:15:4C:3F:E6:7C:0E:A1:49:9B:8E:25:C6:48:A5:9C:E8:43:0A:ED:64:30:39:CC:96:86:5E:F8"}}},"request":{"raw":"GET /2025/10/balin-miller-fall-vider.html HTTP/1.1\r\nHost: usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 11 Oct 2025 12:49:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 62950\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]},{"name":"Blogger","description":"Blogger is a blog-publishing service that allows multi-user blogs with time-stamped entries.","website":"https://www.blogger.com","common_platform_enumeration":"","icon":"Blogger.png","categories":["Blogs"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.12.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":433462,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (474)","md5":"7d2c32b982c832c4f5840d8e22cd32c6","sha1":"fa709ceca393cc91aed9b014e35cbd41b79c685b","sha256":"32b272d0eb02603896ecb1f11166f4555d844e0a9207fd25981f0b37c9251645","sha512":"05c0ffa4a513baf94b0ddc1b0b8cfa35c5346c9ff4588c90ee2795cfcce74932ab85a8eb2eb161997ecf338400d413d318031dd993299d209e169ca32faddd11","ssdeep":"3072:e5GZEtpW8KOcQS4C3KlCvXvWLIYWUwzZKr20xpUngRZwloOkTVhQ9X:nQpW8KOcQS4gKlCvXeL4jlWo","tlshash":"379448c24266e40292890843bfa977a6551cb3e3b1856366be7cfb4805fb8c741fdde4","first_seen":"2025-10-11T12:50:11.002549Z","last_seen":"2025-10-11T12:50:11.002549Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6057,"timings":{"blocked":126,"dns":41,"connect":8,"send":0,"wait":5616,"receive":189,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/a/AVvXsEgMlQirZzW3h37IGi-0XXZmSQZxyyi96SHckM77ibacW_rm83Uop31gceiZlBjgsydtAp_ayrsk4FqGgwLsKlGK8EN8xu8dK_HD4p7heShOwBIgupZvfivewc7ECIXkdh1DjxintP_iUmiQOBU_xtOBR3_XvA5wVQzZFmlylpzyYzu8dHPLhpJLNdvcoxpz=s542","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/a/AVvXsEgMlQirZzW3h37IGi-0XXZmSQZxyyi96SHckM77ibacW_rm83Uop31gceiZlBjgsydtAp_ayrsk4FqGgwLsKlGK8EN8xu8dK_HD4p7heShOwBIgupZvfivewc7ECIXkdh1DjxintP_iUmiQOBU_xtOBR3_XvA5wVQzZFmlylpzyYzu8dHPLhpJLNdvcoxpz=s542 HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1417\"\r\nexpires: Sun, 12 Oct 2025 12:49:45 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"coollogo_com-3505791.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\nserver: fife\r\ncontent-length: 38990\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38990,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 542 x 124, 8-bit/color RGBA, non-interlaced","md5":"78368d2bcd2432c347d14864f6f5bfbe","sha1":"6fde9cfaeb84edddbd83d4f6d2effa7018021054","sha256":"731c16a052d73976ced6e9958b78fe264e50f405d782548abec01dc500c5c711","sha512":"60b34ce1d037c3653a42606f8786a968c906c0c964e4e2dc22da78d375580091f58210138b67de5ba14525e428fccf2d7017f203107435e9250f01955e1ffee0","ssdeep":"768:f8WxGiXH4+Jc5hVN8Xr2kfN4mO17wvSMTQ1l7VwBPsf3:f1/3shb8y+vlql7V6PS","tlshash":"9c03e10477ce0d526cec0e0c96e6ee9ec72d2bd32d68c5d36644863e19da9133e85b8d","first_seen":"2025-10-11T12:50:11.00494Z","last_seen":"2025-10-11T12:50:11.00494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1349,"timings":{"blocked":264,"dns":4,"connect":29,"send":0,"wait":796,"receive":18,"ssl":232},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/w72-h72-p-k-no-nu/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/w72-h72-p-k-no-nu/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3482\"\r\nexpires: Sun, 12 Oct 2025 12:49:45 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9 (1).jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\nserver: fife\r\ncontent-length: 3316\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3316,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3","md5":"665e5faec75c828fa12123d57e1f021d","sha1":"4f225cdcf30f031c26aedd2d9dd5d560982bcc1b","sha256":"13aac84c904025e001752d6dc4bb415c4dd1393349bcd504445b6ef3c2c198ad","sha512":"5461ff929558fb4ab18e503c09dbadf0e6c77e1bdae652af6c72b8a23b325b1557a6a4a61283e5a39736c4c8c689efee31c4fcfee1661e2ef6a7bc2a703cae9d","ssdeep":"","tlshash":"36614b8b77a1d925f0e8963545f503a0730833a4f12a7eee94af907e4e4e2946929811","first_seen":"2025-10-11T12:50:11.006635Z","last_seen":"2025-10-11T12:50:11.006635Z","times_seen":1,"resource_available":false,"data":null}},"time_used":883,"timings":{"blocked":108,"dns":0,"connect":0,"send":0,"wait":774,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/html/r20251009/r20190131/zrt_lookup_fy2021.html","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"57:4F:37:52:35:3F:6C:48:14:D9:58:C8:25:71:FC:8E:BA:C6:9D:D7","sha256":"12:75:2E:3D:26:85:EA:B7:93:6B:DE:18:A4:AB:5B:9E:10:E7:92:FC:4E:D9:FD:CA:D3:1C:9D:72:D0:73:84:3A"}}},"request":{"raw":"GET /pagead/html/r20251009/r20190131/zrt_lookup_fy2021.html HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nserver: cafe\r\ncontent-length: 3880\r\nx-xss-protection: 0\r\ndate: Fri, 10 Oct 2025 19:46:33 GMT\r\nexpires: Fri, 24 Oct 2025 19:46:33 GMT\r\ncache-control: public, max-age=1209600\r\nage: 61392\r\netag: 7188602577369524748\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8554,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2577)","md5":"ef993668e87d7aaf57b6a5d6f64f0ccd","sha1":"88ed839c2d6d0ad20fb79da3d18fcb043404703a","sha256":"c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61","sha512":"b07f74307a83d7a3e8e5410da2daf6d327d050f1529477d1f50892194923e064977ae40a739be82bc874629df38fe60a20c645801e8c2367b98d4cac897729cb","ssdeep":"192:HWA36uZ8g3WsczaBMcnRQmO3cSuTX8/fTdb/roK2lzoU45:HWA36uZ8qkzaBMcns3ITM3NEK2NoU45","tlshash":"b2020ae9b771646753e394a6003f2902e063a612f808c49ab55cdcd3295475a03baffc","first_seen":"2025-09-29T19:52:09.709552Z","last_seen":"2025-11-12T14:02:19.874233Z","times_seen":1541,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:48.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:43:54 GMT","end":"Mon, 15 Dec 2025 08:43:53 GMT"},"fingerprint":{"sha1":"84:8D:B4:50:4D:F1:86:66:2E:19:17:DA:99:09:25:AE:AD:55:FA:07","sha256":"AA:E4:A6:5B:63:F3:EB:19:DF:99:22:64:53:E8:36:B8:83:44:E4:DF:F1:8E:77:2B:E6:81:25:56:70:D2:E1:99"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Sat, 11 Oct 2025 12:49:48 GMT\r\nexpires: Sat, 11 Oct 2025 12:49:48 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":32,"dns":0,"connect":8,"send":0,"wait":19,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a6ee7885b512dc3b4d17cedc27b31062\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":542,"timings":{"blocked":167,"dns":1,"connect":91,"send":0,"wait":92,"receive":1,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.157.139.67","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nCookie: uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"be09b89b7644b9f670e3d765e561cadf","sha1":"15ee60bd98ae3d249383d2bd24e8bf7905250c45","sha256":"0f8e950f573fc30dae428959ea1ef93436c10ee27aa1d9bda66b39964417c37a","sha512":"f847dec22371d094eae0f9b23f01f9fc893543b48a07663eb1629cee83c0fee081c6a9ba23ee8cc59baf9f03df534340b5fd1b34357e58dfbe5bf7b299276bd7","ssdeep":"","tlshash":"869004544f035c747df045044c5cd10dd70dd30d15d0c3745415f17431c3454014701f","first_seen":"2025-10-11T12:50:10.978349Z","last_seen":"2025-10-11T12:50:10.978349Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.230470212888.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.230470212888.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://usaxtoday.blogspot.com\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://wayfarerorthodox.com/watch.230470212888.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187045\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=384a9113086b6693ed3975976de8c388dde1a0e3e18a187e49ccaf86dad2e11dd4fe02808da18019f1cd8e126f7943c69bd7552729d6e017ece740545a64f69bc4418d8478677ba3cb31018cf6cbd0790cbd24f4aad1527206974e\u0026tz=0\u0026uuid=\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; expires=Sat, 11 Oct 2025 12:50:45 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7ff6ae003c1f091e8e348a3e8a6fe7e7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4764,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1752788027063.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f647f4ee55e0d6af6c0841ec66b608cc9accc9fe5765612fbbc6a8b37ddd84ef8c1122111fe38675280a13814146dac6726497ab6a6ddc4cbcb961b369d86f322a1cef2c014c934eaf12ba1f708ebecabe29922cb094266698a68b\u0026tz=0\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1752788027063.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f647f4ee55e0d6af6c0841ec66b608cc9accc9fe5765612fbbc6a8b37ddd84ef8c1122111fe38675280a13814146dac6726497ab6a6ddc4cbcb961b369d86f322a1cef2c014c934eaf12ba1f708ebecabe29922cb094266698a68b\u0026tz=0\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nReferer: https://usaxtoday.blogspot.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:47 GMT\r\nContent-Type: text/html\r\nContent-Length: 3257\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1; expires=Sat, 18 Oct 2025 12:49:47 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 12 Oct 2025 12:49:47 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 12 Oct 2025 12:49:47 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 12 Oct 2025 12:49:47 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 12 Oct 2025 12:49:47 GMT; path=/; secure; SameSite=None\nu_pl16777890=1; expires=Sun, 12 Oct 2025 12:49:47 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 27\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5e1283569cc31f61ed03c9227ae35ded\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4840,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3964)","md5":"d27948705d9d51af7a9f41eefb9b8650","sha1":"f8651e7c776ac718e5c7140f01fcebf9ce5d35af","sha256":"58b5b190d6f57c019cf4ddd7297c704957a1219317cae39e7c7529e09b37b9e6","sha512":"a9f43f54fdb411ed3686784533d93566ac630ab59150180b3b8aa0f5ccedf752b855e5ea3b15a109e4f1165493fccd94aa7ec284ce401b2f3bd752528917f896","ssdeep":"96:ZEoz+qraanpwQkvYOZuv+oYQ9NnTSzdJ2tNW1t1/DP7CCfMEDaH:Hz/ps/24QH4mNW13b+CkCaH","tlshash":"f9a12aa52cb6a1741d3bb0ab11b6764cba21810fb500894ab89cda425f207f04eb8cdc","first_seen":"2025-10-11T12:50:11.010593Z","last_seen":"2025-10-11T12:50:11.010593Z","times_seen":1,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/s320/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiGbk6i_L2uveLkGwzXMk1YkT4K_6GXS65YK0lZlbhw1cCAWTSjTSD5F4awakjpQqEuxOQ-uhExkqKpn2idV-GrU362PWcLSRHl5rakoqyXQuomhpWdlIM59bQASzpZ_aiMALgCy0EfJRbH8aQPau-j_l8Dl1MipakfdwHVpHf7UxZ3ii1ZTtBv6ZfQdvqf/s320/74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9%20(1).jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3482\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"74bd0c60-8cd3-11f0-9cf6-cbf3e73ce2b9 (1).jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 22128\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22128,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x180, components 3","md5":"188244ccd64d09340112e724fd15fa32","sha1":"f8ab845f5a8caf543b952ed6dbf97267c22d80a5","sha256":"ca6dfd77311f0d372307cb3f3e235b7cf39c59c35d004eca31442a5b6a66d37f","sha512":"c3b45b6adb75bbff0155972847bb0642c0b443f1d9dc0d874aed109150fb9d1bb88fb616e3bf6efdba31c7df2f10800b977dd5797d27f8fb109055b7f9e5642f","ssdeep":"384:y885v8Mbwgje+U5fHqg1xt9IBMM4z+Ohozdp/U1uSOzY6Gnc:gv8Mbwge5SIPlzrhozdG9OzXGnc","tlshash":"2aa2d0337186a00cf3e7f3649148ae55f02dff5daba962a24350a11646e13d88af3d19","first_seen":"2025-10-11T12:50:11.012736Z","last_seen":"2025-10-11T12:50:11.012736Z","times_seen":1,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":302,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/js/cookienotice.js","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:32 GMT","end":"Mon, 15 Dec 2025 08:41:31 GMT"},"fingerprint":{"sha1":"BD:F0:9F:5E:97:20:4C:C4:AE:B1:30:B8:13:B5:E8:63:2A:41:0D:CF","sha256":"0B:09:22:C9:3B:15:4C:3F:E6:7C:0E:A1:49:9B:8E:25:C6:48:A5:9C:E8:43:0A:ED:64:30:39:CC:96:86:5E:F8"}}},"request":{"raw":"GET /js/cookienotice.js HTTP/1.1\r\nHost: usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 2026\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\nexpires: Sat, 18 Oct 2025 12:49:44 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sat, 11 Oct 2025 10:52:45 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6513,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-04T11:01:34.870906Z","times_seen":109165,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:02:34 GMT\r\nexpires: Fri, 09 Oct 2026 10:02:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 182830\r\nlast-modified: Mon, 22 Jul 2019 19:21:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21244, version 1.0","md5":"78773521b0ffe376bc7edd8ec2a591fb","sha1":"298df2fcb48b2e9b51e81a6e12d5529835204e29","sha256":"ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55","sha512":"1aa636e9bf15c9610b2f0f92ee3088ba0a097be1eb284a1e1e360e6d3fa39848e73264eeddb69fda133702d677ed96251075c49cddce999c916a8ad442e9151a","ssdeep":"384:gsUc9ZyNZEQb1tTyoN0PaV6SYNt80xQo9bY6ph6kJpPzvNzr2yX3:g5c9gZtbTyvaoft8twkohBJ1vwM","tlshash":"9692d0e66f7e6c62d1b3363d6111126c314f60d5bb835c7c2f8f8ab8dd1510822c16ea","first_seen":"2023-04-05T19:01:16Z","last_seen":"2026-04-04T12:19:58.193569Z","times_seen":489,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":218,"dns":5,"connect":8,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 74328\r\ncf-ray: 98ce7aace906c759-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"5eb03e60-12258\"\r\nlast-modified: Mon, 04 May 2020 16:10:08 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 321503\r\nexpires: Thu, 01 Oct 2026 12:49:44 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=drS8f%2FqaXmNHc97F5SZO%2Bdq94HTWTJQbjRdvYxICt4bSTPvZRNagpvm1%2F4T7d5%2BYnxOsjiSOVP%2FVQfuj%2F%2Bqp7WETb1M9cpyYvVrHdXDRDr3jeDoKz%2Flbj8bHkwhojjRmlc9%2FhIKd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74328,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695","md5":"64b3e814a66c2719b15abf8f7998bd73","sha1":"fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6","sha256":"0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640","sha512":"55cfd5a0dd47ff9458243e62cc6cc92bc8c325910bb986a044c783c5c9ff4f9e39e00d58ae71d2fe7f653bdef47102b06ebde153ff78d0ffd505975d2f4cb543","ssdeep":"1536:zYwbikeCEBsqap2mAR1C9VDvMDRUzKafDJgpynKnpqCG1ojp0rmpprcz/7:zLbj3EBsqaRAoD0t8DipVoPqr87","tlshash":"e07312d3da1291cddf722944531735dc91e01ee8a14f9c6fcda8e9a9ac72f43860a263","first_seen":"2023-04-05T16:23:21Z","last_seen":"2026-04-04T10:42:44.771112Z","times_seen":3742,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":137,"dns":2,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /7c/0b/da/7c0bda1f073c4e77ad7f857c8dae1f7c.js HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 37633\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 65fd60e3afadec22749d7cee36bf2ea3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103809,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c1cffcb07d8055f5fed825548f3618be","sha1":"5a9fe40497bd859841f299cfc0c20d7e0a7c72b5","sha256":"49e93a886b3e7f5eb05a08c973437c994bf50ee1b504fb594a3d28cd9488f069","sha512":"ad8445791b9d2c9bae78018063d0922cdb65cb6af76e438bf525d30dca2288678063bc601f24684687c4e523351c2e5ca3eafe3b07b14b473d95818b998153a2","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkYKbU1FL8Kkms+F:Sp2PagUxT8xYqzkY1LN","tlshash":"78a3c5487b91f4af1286603b323f901fe1e50e905088e558d147f9f81ebd747ba3aea4","first_seen":"2025-10-11T12:50:11.017307Z","last_seen":"2025-10-11T12:50:11.017307Z","times_seen":1,"resource_available":true,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":1,"connect":93,"send":0,"wait":100,"receive":94,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1STO2wcRRjHZ52HxEMgSJQCUVxBAQif57GPWVIgTAiKCEnkBKVAFLPzsCfe21l2dm-dqyIioUDlggKo1t85sSABQUMHis50kZB8NLiIhURHh5BSo3MsGb7ie8x_it83-s8nG80eYtCI3UvvuZHNc7EQ9XHv5au2UK71vQtXegT38eneVVvE4ene2ixVw9cJC_v4ld47Wq66BYoJxgST3llbaePWFvZVsOW9lPRT3A9pn0QhrFX_n30TgBcBqOEeeh6smj77p_kArJxAMfj-jPartStfe3vQ5KJ2FQzV1vvFauHaAgaHrakCMMXWwW1wforQF3Pgiq2DDcANN2cbQGanaO7UQ8iKrQNMyIa3H5NmOegCMvUUtMMJ6HwbrJiAdDfBqh0EIBVcuAjF4M4FV7Xi-mNVzNQpOvroH7DtFB19eBKKwXeLuV3rXXZ5U1tXeFgzHdi1CdjlCZTNNtSjObDtNsj6Y7DqV7Tw6DwUg82LPndg1e5LsTCUYm3mueHJfMiFnBdK0nnFYh1LngqeyP0nsmYCwh-BxgfQ2AAaE0BTBjBQu70Q81ASwWKTKpngUISh0hlOOcVYpDKBRs7Y16Eu10Hm6yCrG1BWN2DVfr7z9Mmd6O4UBU-c2jn2B1TNffAruz8mLOGxJnFIeChZmrCIEUkjEarESEUxw5HWBGOpCQkN54xIFUcpFamODKMR46HgYcJjnlCSSE5VpgULieJK6zjESRqHUZQpKmlkmIkUkxkhSUooZZqqiBKOJVEm5pQQHYUswjqjKaeRNMZoFiohQ6xZxOKU6SQ2qTFYg1cB-BrBUHXQagStR9AKBK1F0NYI2mF3W-We-u6Oyn2TkYNKDyrrxq5e3hC3Xb2sCwSiWodKdZu2_MjfBFkfGY-MV2M3SyKru7HIVLdR7qHnZt4I0BzAqt7tmSTRIuVKqYSTyFBDopRoGsoZsEkJeNuB9XMgfAAjO0UvxBMo7RQdf-ZTyMQ2-HwbpH0RRHMMRDtmGINYGdMIw6j41g4qURS69X3pBqBcB2V9FOrrwUa-h06Ml64s3t936oe_j0DLB-ggQFYdlFUH1-wvCJbzW-Ml16LNJdd69MPFsrYDOxIzF1-uRa2Pf_Ouvt66Sp0749e_flPOhFl774r29XlRKFsse3R30Sqlq7Oukhr9dM5f1dmlxq8sNlXRlOcvvXX23KCstPfWFRMQdoqe_PszkHaKTvz85f4PjV79CmR5A3x5yOkdgqxEkFsEuT48F1kH_j9zdthv-FuwXAUg6ptQDDoYVh0M8w5Evg6-OTKuy-rBG7-x_YAsD8ZZXqHNLK9mut3tGaapxJgnMWHcaMJCJU3Ew1TFAjOmofbTlb-Wrv0bAAD__yMmL-4_BQAA","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STO2wcRRjHZ52HxEMgSJQCUVxBAQif57GPWVIgTAiKCEnkBKVAFLPzsCfe21l2dm-dqyIioUDlggKo1t85sSABQUMHis50kZB8NLiIhURHh5BSo3MsGb7ie8x_it83-s8nG80eYtCI3UvvuZHNc7EQ9XHv5au2UK71vQtXegT38eneVVvE4ene2ixVw9cJC_v4ld47Wq66BYoJxgST3llbaePWFvZVsOW9lPRT3A9pn0QhrFX_n30TgBcBqOEeeh6smj77p_kArJxAMfj-jPartStfe3vQ5KJ2FQzV1vvFauHaAgaHrakCMMXWwW1wforQF3Pgiq2DDcANN2cbQGanaO7UQ8iKrQNMyIa3H5NmOegCMvUUtMMJ6HwbrJiAdDfBqh0EIBVcuAjF4M4FV7Xi-mNVzNQpOvroH7DtFB19eBKKwXeLuV3rXXZ5U1tXeFgzHdi1CdjlCZTNNtSjObDtNsj6Y7DqV7Tw6DwUg82LPndg1e5LsTCUYm3mueHJfMiFnBdK0nnFYh1LngqeyP0nsmYCwh-BxgfQ2AAaE0BTBjBQu70Q81ASwWKTKpngUISh0hlOOcVYpDKBRs7Y16Eu10Hm6yCrG1BWN2DVfr7z9Mmd6O4UBU-c2jn2B1TNffAruz8mLOGxJnFIeChZmrCIEUkjEarESEUxw5HWBGOpCQkN54xIFUcpFamODKMR46HgYcJjnlCSSE5VpgULieJK6zjESRqHUZQpKmlkmIkUkxkhSUooZZqqiBKOJVEm5pQQHYUswjqjKaeRNMZoFiohQ6xZxOKU6SQ2qTFYg1cB-BrBUHXQagStR9AKBK1F0NYI2mF3W-We-u6Oyn2TkYNKDyrrxq5e3hC3Xb2sCwSiWodKdZu2_MjfBFkfGY-MV2M3SyKru7HIVLdR7qHnZt4I0BzAqt7tmSTRIuVKqYSTyFBDopRoGsoZsEkJeNuB9XMgfAAjO0UvxBMo7RQdf-ZTyMQ2-HwbpH0RRHMMRDtmGINYGdMIw6j41g4qURS69X3pBqBcB2V9FOrrwUa-h06Ml64s3t936oe_j0DLB-ggQFYdlFUH1-wvCJbzW-Ml16LNJdd69MPFsrYDOxIzF1-uRa2Pf_Ouvt66Sp0749e_flPOhFl774r29XlRKFsse3R30Sqlq7Oukhr9dM5f1dmlxq8sNlXRlOcvvXX23KCstPfWFRMQdoqe_PszkHaKTvz85f4PjV79CmR5A3x5yOkdgqxEkFsEuT48F1kH_j9zdthv-FuwXAUg6ptQDDoYVh0M8w5Evg6-OTKuy-rBG7-x_YAsD8ZZXqHNLK9mut3tGaapxJgnMWHcaMJCJU3Ew1TFAjOmofbTlb-Wrv0bAAD__yMmL-4_BQAA HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16777890=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:47 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4924d774109261453531326cac800f5d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21304\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:48:18 GMT\r\nexpires: Fri, 09 Oct 2026 11:48:18 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 22 Jul 2019 19:21:15 GMT\r\ncontent-type: font/woff2\r\nage: 176489\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21304,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21304, version 1.0","md5":"d8bc03a60729f4b05b42e057e21eaed3","sha1":"51d1a6303f98e2426f5b300105fd9c04784f1395","sha256":"0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1","sha512":"530bd07d5119181c5e7de8cf1d6ac924de5ddb9ba7dfc2213c0602f89f3441a792510ddb1b9a71185e426ffb883e3ba08c85986ddf2381b2b7c4dd40c97ef6b9","ssdeep":"384:LnMcFLFanK8siUo10bCsXRsKD+NO5obfcun6i7mUvpsK9QnUY/Z3:TG6e6XGKDbo9nFd79Qn5R","tlshash":"33a2e1a51100c53adf590dfdced23a2dfb0787203b9b44ab5b469b94288f0a56a0cd3a","first_seen":"2023-05-01T19:17:47Z","last_seen":"2026-04-04T07:07:00.159514Z","times_seen":362,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/impr.gif?sid=H4sIAAAAAAAC_1STPWwcRRvHZ50P6X1BIEiUAlFcQQEIn2dmd2d3SYEwISgiJJETlAJRzKc9eG9n2dm9dVxFREKBygVC0K2fs2NBAoKGDhSd6SIh-WhwEQuJjg4hpUbnnGR4iudjflP8n9F_Pt5sDlAIDd-_8o5bt3nOF-I-7r143RbKtb536VqP4D4-27tuCxad7a1NUzV8lYRRH7_Ue0vLVbdAMcGYYNI7bytt3NrCIQVb3stIP8P9iPZJHMFa9d_ZNwF4HoAaHqBnwarJ03-Y98DKMRSD785pv1q78pU3B03Oa1fBUO28W6wWri1gcNSaKgBT7Mxug_MThL6YA1fszDYAN9yabgDCTtDcmYcgip2ZTBDD7cdKRQ66AKGegHY4Bp3vguVjkO4WWLWHAKSCS5ehGNy55KqW33hM-ZRO0PFHf4NtJ-j4w9NQDL5dzO1a76rLm9q6wsOa6cCujcEuj6FsdqFenwPb7oKsPwKrfkELjy5CMdi67HMHVu2_wLihFGszn5o0mY9SLue5knRehUwzmWY8TeThE1kzBu6PQeMDaGwAjQmgKQMYqP1ehNNIEh4ykymZ4IhHkdICZynFmGcygUZOtW9AXW6AzDdAVjehrG7Cqv1s78nTe_HdCQr-d2bvxO9QNffBr-z_YFiUmEjrONZYMW6YxGlEtGRMMJxKmXEpZWZ0nLCYEWqEkIynIkyUUmmkTSoJoZQQYnSYsiSmKeYkTElEIqa4ZAllUZZwwThTSkZSSJExIkKWqZSZkFJOpDZUYhLJLIw0N4QKTkyCUy205ELTLKNUCpxFlDGWpZylArwKwNcIhqqDViNoPYKWI2gtgrZG0A67bZV76rs7KveNILNKZzXsRq5e3uTbrl7WBQJebUClui1bfuhvgayPjdaNVyM3TVzU3YgL1W2WB-iZqTcCNAewqvd7Jkk0z1KlVJKS2FBD4oxoGkkdxqHJCHjbgfVzwH0A63aCnmNjKO0EnXzqExB8F3y-C9I-D7w5AbwdhRgDXxnRGMN68Y0dVLwodOv70g1AuQ7K-jjUN4LN_ACdGi1dW7x_6NT3fxuClg_QLEBWHZRVBx_YnxEs57dHS65FW0uu9ej7y2VtB3adT118tea1Pvn12_pG6yp14Zzf-Op1OQXT9t417euLvFC2WPbo7qJVSlfnXSU1-vGCv67FlcavLDZV0ZQXr7xx_sKgrLT31hVj4HaC_v_XpyDtBJ366cvDHxq__DnI8ib48kindwhEiSC3CHJ9dM5FB_5fszjqN_1tWK4C4PUtKAYdDKsOhnkHPN8A3xwb1WX14LVfw8MAkQcjkVdoS-TVlNv9ngk1lRinCSNhajQJIyVNnEaZYhyHoYbaT1b-XFr9JwAA__951XbuPwUAAA==","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STPWwcRRvHZ50P6X1BIEiUAlFcQQEIn2dmd2d3SYEwISgiJJETlAJRzKc9eG9n2dm9dVxFREKBygVC0K2fs2NBAoKGDhSd6SIh-WhwEQuJjg4hpUbnnGR4iudjflP8n9F_Pt5sDlAIDd-_8o5bt3nOF-I-7r143RbKtb536VqP4D4-27tuCxad7a1NUzV8lYRRH7_Ue0vLVbdAMcGYYNI7bytt3NrCIQVb3stIP8P9iPZJHMFa9d_ZNwF4HoAaHqBnwarJ03-Y98DKMRSD785pv1q78pU3B03Oa1fBUO28W6wWri1gcNSaKgBT7Mxug_MThL6YA1fszDYAN9yabgDCTtDcmYcgip2ZTBDD7cdKRQ66AKGegHY4Bp3vguVjkO4WWLWHAKSCS5ehGNy55KqW33hM-ZRO0PFHf4NtJ-j4w9NQDL5dzO1a76rLm9q6wsOa6cCujcEuj6FsdqFenwPb7oKsPwKrfkELjy5CMdi67HMHVu2_wLihFGszn5o0mY9SLue5knRehUwzmWY8TeThE1kzBu6PQeMDaGwAjQmgKQMYqP1ehNNIEh4ykymZ4IhHkdICZynFmGcygUZOtW9AXW6AzDdAVjehrG7Cqv1s78nTe_HdCQr-d2bvxO9QNffBr-z_YFiUmEjrONZYMW6YxGlEtGRMMJxKmXEpZWZ0nLCYEWqEkIynIkyUUmmkTSoJoZQQYnSYsiSmKeYkTElEIqa4ZAllUZZwwThTSkZSSJExIkKWqZSZkFJOpDZUYhLJLIw0N4QKTkyCUy205ELTLKNUCpxFlDGWpZylArwKwNcIhqqDViNoPYKWI2gtgrZG0A67bZV76rs7KveNILNKZzXsRq5e3uTbrl7WBQJebUClui1bfuhvgayPjdaNVyM3TVzU3YgL1W2WB-iZqTcCNAewqvd7Jkk0z1KlVJKS2FBD4oxoGkkdxqHJCHjbgfVzwH0A63aCnmNjKO0EnXzqExB8F3y-C9I-D7w5AbwdhRgDXxnRGMN68Y0dVLwodOv70g1AuQ7K-jjUN4LN_ACdGi1dW7x_6NT3fxuClg_QLEBWHZRVBx_YnxEs57dHS65FW0uu9ej7y2VtB3adT118tea1Pvn12_pG6yp14Zzf-Op1OQXT9t417euLvFC2WPbo7qJVSlfnXSU1-vGCv67FlcavLDZV0ZQXr7xx_sKgrLT31hVj4HaC_v_XpyDtBJ366cvDHxq__DnI8ib48kindwhEiSC3CHJ9dM5FB_5fszjqN_1tWK4C4PUtKAYdDKsOhnkHPN8A3xwb1WX14LVfw8MAkQcjkVdoS-TVlNv9ngk1lRinCSNhajQJIyVNnEaZYhyHoYbaT1b-XFr9JwAA__951XbuPwUAAA== HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16777890=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:47 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 81f51a6942506e1d819798540981dfc6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicZKryG3eKBXdRIFofWyp66OuRpfOHCRkhn9FtgZ_oqd5DStw5bTZ3cNHhPxAYU2C3m0WpkKtBAuKN7qOZKycKm1tII_AeUzmOVva3koggM93uCrUMJ8WMfP4ePaxCnAd1e2Pz87rkKeWWc5GeQDqvxoGOPn9zrvVeZV7E8_JDF6wLMQ3fzbKky6FAvtA4/s320/20241110_000803.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEicZKryG3eKBXdRIFofWyp66OuRpfOHCRkhn9FtgZ_oqd5DStw5bTZ3cNHhPxAYU2C3m0WpkKtBAuKN7qOZKycKm1tII_AeUzmOVva3koggM93uCrUMJ8WMfP4ePaxCnAd1e2Pz87rkKeWWc5GeQDqvxoGOPn9zrvVeZV7E8_JDF6wLMQ3fzbKky6FAvtA4/s320/20241110_000803.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v31a5\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"20241110_000803.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 18652\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18652,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x189, components 3","md5":"1ebf4bebdb31b32063654516cb1759a9","sha1":"93de73fe7b6aa046a8ecde7de5594139491c9058","sha256":"4a8623795a59f397b4e9f02fdaecd9a258a47aacac1fd4ea47624d078e694bca","sha512":"679d42f7fb7b2cdede4d9698949e078b530f6034ef2d12cc9afb44ecbd0d4cb7a9f341a6c713dbd7b60af73150bdd7eb4b7c82fb732d09748e2aa46057c1eb54","ssdeep":"384:FfYlvP6se7sQdEUXdsHKeD8GX7QKboTr1MdCm1SRwi:FfYFD6/dEwIlboTxMd4yi","tlshash":"c682d09e3848d730ff71f0b0004b9709499838fdcb260dbadde6c61a5dfe1a88606d69","first_seen":"2025-10-11T12:50:11.019551Z","last_seen":"2025-10-11T12:50:11.019551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":630,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usaxtoday.blogspot.com/favicon.ico","fqdn":"usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"142.250.74.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:32 GMT","end":"Mon, 15 Dec 2025 08:41:31 GMT"},"fingerprint":{"sha1":"BD:F0:9F:5E:97:20:4C:C4:AE:B1:30:B8:13:B5:E8:63:2A:41:0D:CF","sha256":"0B:09:22:C9:3B:15:4C:3F:E6:7C:0E:A1:49:9B:8E:25:C6:48:A5:9C:E8:43:0A:ED:64:30:39:CC:96:86:5E:F8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html\r\nCookie: _ga_8P38QL64J8=GS2.1.s1760186984$o1$g0$t1760186984$j60$l0$h0; _ga=GA1.1.1951808189.1760186985; pp_main_7c0bda1f073c4e77ad7f857c8dae1f7c=1; pp_idelay_7c0bda1f073c4e77ad7f857c8dae1f7c=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/x-icon; charset=UTF-8\r\nexpires: Sat, 11 Oct 2025 12:49:48 GMT\r\ndate: Sat, 11 Oct 2025 12:49:48 GMT\r\ncache-control: private, max-age=86400\r\nlast-modified: Sat, 11 Oct 2025 11:46:22 GMT\r\netag: W/\"79c512b1d2a0624cd03ee54308f5ea33599864b0afcadfb5224970b9557f8814\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 412\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":3638,"size_decoded":0,"mime_type":"image/x-icon; charset=UTF-8","magic":"MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel","md5":"59a0c7b6e4848ccdabcea0636efda02b","sha1":"30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340","sha256":"a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f","sha512":"bcfebb2ca5af53031c636d5485125a1405ca8414d0bc8a5d34dd3b3feb4c7425be02cf4848867d91cf6d021d08630294f47bdc69d6cd04a1051972735b0f04d4","ssdeep":"","tlshash":"5671c80736c29f79c4d082fa159ec674136766eb281b061b3e85f65a3d88135f911ac0","first_seen":"2023-04-05T07:39:22Z","last_seen":"2026-04-04T11:01:34.868303Z","times_seen":90747,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":143,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQXEhciaHABkCvlK7UE1ve2qSDz-KrxlJbo1ESPEr9AkfxjaLFkkOJvZcl-lO2AdW9PKKAdSFeh79ew3Vu26GwaZ70RRbSRCDqRRJpanE45woNmUXbSS__waBed-JHGa1cIl9rFyEysTp4G4ILD1bt1MHVjtMbmFyYXL5_Hbbln6VZBAv0mTRTr1-gLmFW/w72-h72-p-k-no-nu/Screenshot_20250724_001211.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgQXEhciaHABkCvlK7UE1ve2qSDz-KrxlJbo1ESPEr9AkfxjaLFkkOJvZcl-lO2AdW9PKKAdSFeh79ew3Vu26GwaZ70RRbSRCDqRRJpanE45woNmUXbSS__waBed-JHGa1cIl9rFyEysTp4G4ILD1bt1MHVjtMbmFyYXL5_Hbbln6VZBAv0mTRTr1-gLmFW/w72-h72-p-k-no-nu/Screenshot_20250724_001211.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3324\"\r\nexpires: Sun, 12 Oct 2025 12:49:45 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Screenshot_20250724_001211.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\nserver: fife\r\ncontent-length: 2298\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2298,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3","md5":"40d8eca90f54c4a49a18374436dddf51","sha1":"dd1280b1c5f75f7371d8682379122435cd83228b","sha256":"2c78b6a17b647a8a2cd661f6a2bb0d6e03e4e493b87ccc283d82ea5292a42e80","sha512":"51d9166bb35b71a11da4934e93a32b1894ca7811bd1b2495a74f3559fdbaad16b8c618bcec2884dadb8a13a7b04ea03a6f11fa4e14ab74a4c02c533fec75716a","ssdeep":"","tlshash":"7b41e667bd419e36d3be49b6d5a07e396628bcfe871a0337a98600685270ac59838370","first_seen":"2025-10-11T12:50:11.023238Z","last_seen":"2025-10-11T12:50:11.023238Z","times_seen":1,"resource_available":false,"data":null}},"time_used":942,"timings":{"blocked":106,"dns":1,"connect":16,"send":0,"wait":712,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 85186879e9a26d86508770da0f8970af\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":719,"timings":{"blocked":308,"dns":14,"connect":96,"send":0,"wait":99,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f77ea98ddd7815f2f1591e24ce353f91/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 16302\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a6abc757b5bb1468eeddcb8f623c8eeb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38400,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38400), with no line terminators","md5":"bbf3947cf8f979a933b2ac9b20598e70","sha1":"8c7d99fb0b0a475a6bed2d8d1b77f4dbcecea293","sha256":"78f154da76b2b14c38caa5a6708fdd64b677b7d15afe48983b7d991f6bf6f29f","sha512":"f7276ac9d954d8665a47cc1bb15e2de1d9200646a0f1288472965671415727f796520dc6e54f712ff4374062bdc0a6cf412b9abd0ab7bee4602f3c025118af69","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MDgHl:8qt0O248I6ngWCIj2XMD+","tlshash":"5d03c88d3f61b85d0796a033723f840ae6ee4e0458dcd8e8e4076ca0fe68755d4b7ea5","first_seen":"2025-10-11T12:50:11.025098Z","last_seen":"2025-10-11T12:50:11.025098Z","times_seen":1,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/watch.1752788027063.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /watch.1752788027063.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\nlocation: https://torchfriendlypay.com/watch.1752788027063.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=f647f4ee55e0d6af6c0841ec66b608cc9accc9fe5765612fbbc6a8b37ddd84ef8c1122111fe38675280a13814146dac6726497ab6a6ddc4cbcb961b369d86f322a1cef2c014c934eaf12ba1f708ebecabe29922cb094266698a68b\u0026tz=0\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; expires=Sat, 11 Oct 2025 12:50:46 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 878d6f4e4eee9b38b4ea0ddacfc0aa65\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4840,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":691,"timings":{"blocked":291,"dns":1,"connect":92,"send":0,"wait":109,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXYWrIZZwimSg7UFCy52B-bNzACQp4KaedAkDLnuoRuj-yPeq5IO69lkR1ismdCZjUFeARZ-LidbkLnMX_zqvrUap_I0tJB5A9ZtcMrlnLqK7KO8N3v_Cunq1ASqqP_AGCDDLGCEVGD9G8Cv-1metP2nUMyfUG0tA1D0VuYui_-iHn48M94WwMNxnP5vKZ/w110-h110-p-k-no-nu/Screenshot_20251008_212229.jpg=w72-h72-p-k-no-nu","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiXYWrIZZwimSg7UFCy52B-bNzACQp4KaedAkDLnuoRuj-yPeq5IO69lkR1ismdCZjUFeARZ-LidbkLnMX_zqvrUap_I0tJB5A9ZtcMrlnLqK7KO8N3v_Cunq1ASqqP_AGCDDLGCEVGD9G8Cv-1metP2nUMyfUG0tA1D0VuYui_-iHn48M94WwMNxnP5vKZ/w110-h110-p-k-no-nu/Screenshot_20251008_212229.jpg=w72-h72-p-k-no-nu HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v34a3\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"Screenshot_20251008_212229.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 4772\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4772,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 110x110, components 3","md5":"07f07985bf154e77f32775c388817720","sha1":"3edb16d6b11d3dcbc5738fb5f4dcf4277d60885f","sha256":"2c8a8091ba4e3fede96ce59620b590d992141c38a90f19676e0e9f3222f26f61","sha512":"0868a03294ec4d66a0b312c001ecd56aac3edd0838345802ab195beefceaba6ba0c8a50ed1904b1cb97078e9d244b060341ba7e5cbb8e1fdbe570d342a0c0aef","ssdeep":"96:DzEtYXqIcetMI1ApFTamACrR46RCpHX4qrMMXDOJJR4dU:/KHMW2kF/A4RbYHBMHD4dU","tlshash":"65a18e0da74c958667a458b13bb83754d1b7b3ffc70abaf2804456206a5731268e7724","first_seen":"2025-10-11T12:50:11.026953Z","last_seen":"2025-10-11T12:50:11.026953Z","times_seen":1,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Mon, 13 Oct 2025 12:49:47 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-04-04T09:06:35.652387Z","times_seen":980,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/pagead/sodar?id=sodar2\u0026v=237\u0026t=2\u0026li=gda_r20251009\u0026jk=2496581366950195\u0026bg=!hoWlhcrNAAacuYVIvLk7ADQBe5WfOPCuoXBjfNPFduxF2tVjFlbKcmpYH62j_eVXo9kWZ3FUWl0uuHPMxBcIAxgt17GtAgAAAQtSAAAACGgBB34ANmNF9GF9Lg56BPsm9P3OzZgkl_8eYbnUb2ygsUu6jxEn_1u7Yl9v1dru653vG1vXdynT7LahLQoAc-Pv6ezwfHQLqjapNsa71r2CmR9fL7AR8tbEy1V6w9g5pfxHnwsgCVdzo_O0MiLklsZ-VGoRLF5Y6_Wb-4n608oZScvHt_fksXbT-_AHdZi-DA--bWq-BKL79yMKMScUXPTzNOnQ2c-DUXvEtad-gOAjqjiZAgUgph-UBiXyIBYzt2-gbC4gtbkCV5umqC_xhXW60bYafuy3JxeIFrTlXWsW0P6v0JRK7ZJvJYHscCN37Ywke7yRqG9grSqqkb3eXPSPJ5K3RiTbHvKeqhvaLbyRJKzBT7xEYm7tq--ympAYSgTLDXFxqrOvEoBDzcFaBkzii14_pcWHwAWTTWOGPAEMeAbUjKSsv5wsvIOmNKKQYVUR59tKMkiQpcsKCIrpVVOeJ4YGkTs4DPK-zg7hTyAwZ_9-SCqts5gjIAjMDxqnbOK_YV6ZgSHhbmVRlvDPVOmQAjhH4vSVSCtRRRD8bYtsvMZZ6le37VxgwkwUHI1VU4DrNGsX5agw216lXi7Vl-8VY7Oab_AQuAN-Cz2W1dMGtBWj2LkeWa1woF2PkJfd8XzSlQ0rkF6JaNygs3rOkZpvi7BPZEUWzDFbaplO3P23R4juJaxXpZajUvbt-eKDQD18yS3J8Bc6kPXof7yypNs3VBbk-9vc_lnfpopz6HqNY3usjCrgL1-KuhlpQxcsBoAIhUvxK6oLDesUiC1_F6fy-MsBCPwTyTL95v7PPrEWsQyGouf2zy3JXBBV7SeZVemlU_LdBGcXzoEQB_GuvdYnaMIuJ1GK9mtD-0fNE1_n85XwUtrxULOZ2oj4hmObcb5NRLf2qJ8gobw-gcyqKa6rbdGFGdVyZq0l","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.130","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:49.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:43:54 GMT","end":"Mon, 15 Dec 2025 08:43:53 GMT"},"fingerprint":{"sha1":"84:8D:B4:50:4D:F1:86:66:2E:19:17:DA:99:09:25:AE:AD:55:FA:07","sha256":"AA:E4:A6:5B:63:F3:EB:19:DF:99:22:64:53:E8:36:B8:83:44:E4:DF:F1:8E:77:2B:E6:81:25:56:70:D2:E1:99"}}},"request":{"raw":"GET /pagead/sodar?id=sodar2\u0026v=237\u0026t=2\u0026li=gda_r20251009\u0026jk=2496581366950195\u0026bg=!hoWlhcrNAAacuYVIvLk7ADQBe5WfOPCuoXBjfNPFduxF2tVjFlbKcmpYH62j_eVXo9kWZ3FUWl0uuHPMxBcIAxgt17GtAgAAAQtSAAAACGgBB34ANmNF9GF9Lg56BPsm9P3OzZgkl_8eYbnUb2ygsUu6jxEn_1u7Yl9v1dru653vG1vXdynT7LahLQoAc-Pv6ezwfHQLqjapNsa71r2CmR9fL7AR8tbEy1V6w9g5pfxHnwsgCVdzo_O0MiLklsZ-VGoRLF5Y6_Wb-4n608oZScvHt_fksXbT-_AHdZi-DA--bWq-BKL79yMKMScUXPTzNOnQ2c-DUXvEtad-gOAjqjiZAgUgph-UBiXyIBYzt2-gbC4gtbkCV5umqC_xhXW60bYafuy3JxeIFrTlXWsW0P6v0JRK7ZJvJYHscCN37Ywke7yRqG9grSqqkb3eXPSPJ5K3RiTbHvKeqhvaLbyRJKzBT7xEYm7tq--ympAYSgTLDXFxqrOvEoBDzcFaBkzii14_pcWHwAWTTWOGPAEMeAbUjKSsv5wsvIOmNKKQYVUR59tKMkiQpcsKCIrpVVOeJ4YGkTs4DPK-zg7hTyAwZ_9-SCqts5gjIAjMDxqnbOK_YV6ZgSHhbmVRlvDPVOmQAjhH4vSVSCtRRRD8bYtsvMZZ6le37VxgwkwUHI1VU4DrNGsX5agw216lXi7Vl-8VY7Oab_AQuAN-Cz2W1dMGtBWj2LkeWa1woF2PkJfd8XzSlQ0rkF6JaNygs3rOkZpvi7BPZEUWzDFbaplO3P23R4juJaxXpZajUvbt-eKDQD18yS3J8Bc6kPXof7yypNs3VBbk-9vc_lnfpopz6HqNY3usjCrgL1-KuhlpQxcsBoAIhUvxK6oLDesUiC1_F6fy-MsBCPwTyTL95v7PPrEWsQyGouf2zy3JXBBV7SeZVemlU_LdBGcXzoEQB_GuvdYnaMIuJ1GK9mtD-0fNE1_n85XwUtrxULOZ2oj4hmObcb5NRLf2qJ8gobw-gcyqKa6rbdGFGdVyZq0l HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:49 GMT\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","fqdn":"www.usaxtoday.blogspot.com","domain":"usaxtoday.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-11T12:49:37.730Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /2025/10/balin-miller-fall-vider.html HTTP/1.1\r\nHost: www.usaxtoday.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":92,"dns":0,"connect":8,"send":0,"wait":0,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt\u0026tn=IFRAME\u0026ign=false\u0026pw=1280\u0026ph=1024\u0026x=0\u0026y=884.8","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"57:4F:37:52:35:3F:6C:48:14:D9:58:C8:25:71:FC:8E:BA:C6:9D:D7","sha256":"12:75:2E:3D:26:85:EA:B7:93:6B:DE:18:A4:AB:5B:9E:10:E7:92:FC:4E:D9:FD:CA:D3:1C:9D:72:D0:73:84:3A"}}},"request":{"raw":"GET /pagead/gen_204?id=ach_evt\u0026tn=IFRAME\u0026ign=false\u0026pw=1280\u0026ph=1024\u0026x=0\u0026y=884.8 HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 11 Oct 2025 12:49:45 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=7c0bda1f073c4e77ad7f857c8dae1f7c\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=12","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:48.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=7c0bda1f073c4e77ad7f857c8dae1f7c\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=12 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:48 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 70b530baf4dbf861819f56723ec98175\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":288,"dns":0,"connect":93,"send":0,"wait":98,"receive":2,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f77ea98ddd7815f2f1591e24ce353f91/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 16318\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 21cdac87bef4b932952412968c206765\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38394,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38394), with no line terminators","md5":"2930e6d8ba9d3fa17005d1b52eb1b9f8","sha1":"1251ec84398e53c2b704c807cfdb0e868b0e2263","sha256":"21aa2c1ab2104c55542b2ff6d3eb83dcff0cda7e1d721c0f625494e1d69f8d19","sha512":"bf1cae61884774cdf4ec7264e6d26412be57dd90ddec36071a82e645215e02a45b528b91e34428e1ea92fc05f7a1a8c85f6d678b959d2b97bcd0550dde190af8","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MBgHS:8qt0O248I6ngWCIj2XMBR","tlshash":"9703c88d3f61b85d0796a033723f840ae6ee4e0458dcd8e8e4076ca0fe68755d4b7ea5","first_seen":"2025-10-11T12:50:11.029769Z","last_seen":"2025-10-11T12:50:11.029769Z","times_seen":1,"resource_available":true,"data":null}},"time_used":786,"timings":{"blocked":290,"dns":14,"connect":93,"send":0,"wait":99,"receive":93,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inklinkor.com/tag.min.js","fqdn":"inklinkor.com","domain":"inklinkor.com","tld":"com"},"ip":{"addr":"104.21.91.63","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inklinkor.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 11:30:26 GMT","end":"Tue, 30 Dec 2025 12:28:55 GMT"},"fingerprint":{"sha1":"A8:3D:46:6A:95:FE:EB:75:B2:E2:6A:82:EB:F5:D9:8D:E2:50:4C:12","sha256":"AB:AA:8D:F9:E3:E8:C6:33:24:01:E5:09:27:BB:6C:96:71:67:F5:9D:A9:5F:74:80:8A:F0:E5:61:69:C3:87:12"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: inklinkor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: ff0da43cf14e1b853c7545a8d413a708\r\ncache-control: max-age=86400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\nexpires: Sun, 12 Oct 2025 12:30:00 GMT\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1183\r\ncf-cache-status: HIT\r\nlast-modified: Sat, 11 Oct 2025 12:30:01 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LF3Hm79v596C7jKYfMddEEGbeXrTl5RW69T1mlRChHSCvpck4Sx1LMSN7ZcZ6PRattCJogEVTFNNHRXclH%2BFd6BOezukmHEwlnQ%2F\"}]}\r\ncf-ray: 98ce7aad2e22b518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109924,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4602ba01583c2514a9abd08435c3035c","sha1":"e766d257a08fad64c002c4732f30f25f700f8be1","sha256":"4e16eb978a977773df526423e558ff04ea7d5e435a171ee8beb856800be027a4","sha512":"b3ce476794e8747ca8034d5935f40713094a6e9dcb237fe3c1b54b209b3a3980bbf7a5ac1736412a217d1952c78bf4162fc838965541e63f891d413beb17cfde","ssdeep":"1536:I8zmHlk4JQ9aO4kD97aZ06GUqo54Az0SBYQ4+DIVV3BWw:jzsJkaO44K06GUb0S6z3xWw","tlshash":"a2b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","first_seen":"2025-10-08T11:40:34.402808Z","last_seen":"2025-10-13T11:53:28.853954Z","times_seen":101,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":34,"connect":4,"send":0,"wait":12,"receive":0,"ssl":252},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"inklinkor.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"deadmentionsunday.com/e1/c4/41/e1c441b287fd68da21ff313dd5d3c055.js","fqdn":"deadmentionsunday.com","domain":"deadmentionsunday.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.737Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /e1/c4/41/e1c441b287fd68da21ff313dd5d3c055.js HTTP/1.1\r\nHost: deadmentionsunday.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":1,"connect":93,"send":0,"wait":0,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"deadmentionsunday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:45.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:45 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6dcd757430d2653e95179ff5fe1ee200\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":56,"dns":1,"connect":17,"send":0,"wait":20,"receive":18,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/f77ea98ddd7815f2f1591e24ce353f91/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /f77ea98ddd7815f2f1591e24ce353f91/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 16322\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6d3097b6813e0a95279a969131f69640\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38397,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38397), with no line terminators","md5":"cb58b889ebacd8be68ff4c553f378338","sha1":"da789006a0cd4feb3f3c9bbac88824c03deac981","sha256":"364eee4f1bfe5a6cf1d6ebee6e785b473b35940143065d525e227f67d00d2e3d","sha512":"9d7bdbb1c78301f6959441e4c3cf7e1a6c3cb9b1537557548a23b68eac6e6e22054ed7ef48f98000a7e5425ecc4cf1c87a2fd568d2951e990144a28fb3b525cb","ssdeep":"768:fkqtSC4OYZ748I6ngkwLXcj3PKFMrj2W+MfgHe:8qt0O248I6ngWCIj2XMfv","tlshash":"dd03c88d3f61b85d0796a033723f840ae6ee4e0454dcd8e8e4076ca0fe68755d4b7ea5","first_seen":"2025-10-11T12:50:11.033082Z","last_seen":"2025-10-11T12:50:11.033082Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fb92199cf8b28f4a809960815f2003e5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":301,"dns":12,"connect":95,"send":0,"wait":99,"receive":1,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.783543627678.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.783543627678.js?key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\nlocation: https://skinnycrawlinglax.com/watch.783543627678.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=73786e164184c3973531c25a4d7fcd20305ee100ce114f8831cd6592a9e5f325384a8478687217c82dbea341d8dee640796455bd2c25f3f5d3cb11791223e2d52180c1df68211e54350eb29825cfffe34dac40e353693e76f9ff0e\u0026tz=0\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc; expires=Sat, 11 Oct 2025 12:50:46 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 63251dc9c4539e0db89d2b2a7f722b36\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4838,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":772,"timings":{"blocked":332,"dns":13,"connect":95,"send":0,"wait":103,"receive":0,"ssl":224},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEPVTCKytyamrNukl_Pf0dYeGf_YQ_R58UvabL68CxCSlm-1o00oh8XRYCdzkjsHvg_oe_sDup2L24duR-ZGpK-YhDirxp5k7nTQmOfAUtLN44hRoYLI8VIMX7Bs-XS1WGrwupypxepDThHTlSANreX4t-PTJuv34KarVw6KivZEXKbSP595DUjmmL6n9A/s1600/20250627_084247.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhEPVTCKytyamrNukl_Pf0dYeGf_YQ_R58UvabL68CxCSlm-1o00oh8XRYCdzkjsHvg_oe_sDup2L24duR-ZGpK-YhDirxp5k7nTQmOfAUtLN44hRoYLI8VIMX7Bs-XS1WGrwupypxepDThHTlSANreX4t-PTJuv34KarVw6KivZEXKbSP595DUjmmL6n9A/s1600/20250627_084247.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v32ff\"\r\nexpires: Sun, 12 Oct 2025 12:49:48 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"20250627_084247.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:48 GMT\r\nserver: fife\r\ncontent-length: 6751\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6751,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 168x300, components 3","md5":"e00d957d6d9fccd5e933e7c78df18db1","sha1":"5f3848db8de8c2c875ec9f02ce13899b7540247a","sha256":"838d2830b0966a7e5b01f96463d0550c366539d6d241ebbe62ea9ae5b1f53806","sha512":"3a2fe5463c85a6bcde80f0d48a13259f2283990a8178694d95461f7f644074b8818229a65cf4b77dfea5a7b8a5936652333eea4abe827ce34407b1f63c9b6834","ssdeep":"96:n1dhCvTUPUWGf6OSALQ5wwrl8hKp3y6E0Y6ex/iWcxGLBiRDuLHB+Yyfk:heYMXiCLQ5wYlFFE5XoREmql+8","tlshash":"efd19fc62b9ef411f3343a74189f6b266fa4f58c9f03970796c6d6d142614e80c76269","first_seen":"2025-10-11T12:50:11.034962Z","last_seen":"2025-10-11T12:50:11.034962Z","times_seen":1,"resource_available":false,"data":null}},"time_used":926,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":926,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/3878540743-widgets.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.250.74.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:21 GMT","end":"Mon, 15 Dec 2025 08:40:20 GMT"},"fingerprint":{"sha1":"CB:02:00:8E:D9:6A:5A:D7:53:00:D4:39:04:8A:B0:4C:6D:A5:AE:0F","sha256":"EF:8B:CD:06:A1:62:C4:72:AE:45:5B:5C:FB:E9:5B:C3:21:B2:7D:7B:CA:D5:9F:E1:3A:C9:12:B1:B6:52:59:43"}}},"request":{"raw":"GET /static/v1/widgets/3878540743-widgets.js HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 52140\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:47:11 GMT\r\nexpires: Fri, 09 Oct 2026 11:47:11 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 08 Oct 2025 17:56:28 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 176553\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":147538,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4058)","md5":"21eece0b7a222dbb78c925531a656c27","sha1":"48d0cc9691ba9b6229b5e4ec20e8a88c43f5af6d","sha256":"7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106","sha512":"197338ee2203a3e54e007d8b5fb5ee330667d86536e7d8f5bf9d150e3f7d1fa0f42fa033abf6f64e20fdbd68c8e7b6aec738fdb046420cbbc1b9608f28878f7a","ssdeep":"1536:ZJVLTvRqRF9UwngQc6MYse/412eRAMwPlH2NrAtSKUnvGYgMBSBWV66dSDXsZAas:oF9USb412eqXsNrPK+gYV8sGJeNNyN","tlshash":"6ee30ad8b79270628373b4b5003f010ff13a74aae84889acb188d9e57e749695677f7c","first_seen":"2025-09-29T03:21:26.936869Z","last_seen":"2025-10-17T21:16:23.593664Z","times_seen":4190,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":64,"connect":8,"send":0,"wait":9,"receive":12,"ssl":211},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 11 Oct 2025 12:49:44 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 74656\r\ncf-ray: 98ce7aace908c759-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"5eb03e60-123a0\"\r\nlast-modified: Mon, 04 May 2020 16:10:08 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 343187\r\nexpires: Thu, 01 Oct 2026 12:49:44 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jXAZF7%2Bbwn7HW3J5Hu3y0R%2FFvmq4q%2BmlutjDEv8iEp0GvxLmgUssrBWdsKer01UQRlYJ7QbZXbUn1OlmR0IycUpl5F%2FB9ka20HPAF5NjusNplMrmQxMuc0Hg%2Bo1Wl989mYuZsfal\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74656,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 74656, version 329.-17695","md5":"9f4ce3dc689981a1b87faab0f5484f9e","sha1":"1b33b1246610585c440e464b04df64cf0cea1dca","sha256":"57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169","sha512":"e22393a22b4bca7c3999e36513b37d92f2d3c69d976a800932301c1ea393e97b493b49162af3ebb9c4cdf1344016c6c663d953efb6b9fb06ec4007cce917d7cf","ssdeep":"1536:fjE3CwwFmxm0J/P2u7G/W+z1HD+noltArzFh7NEst3sNoU:f7+Jn2uS+wHDColUFpj2oU","tlshash":"037312c2d62a35fe74f3c539d97a38001fe6b768d8384a8074f4d0bd2656138890af5b","first_seen":"2023-04-07T19:34:40Z","last_seen":"2026-04-04T00:33:01.347905Z","times_seen":2234,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":10,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22336\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:24:59 GMT\r\nexpires: Fri, 09 Oct 2026 10:24:59 GMT\r\ncache-control: public, max-age=31536000\r\nage: 181485\r\nlast-modified: Mon, 22 Jul 2019 19:22:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22336,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22336, version 1.0","md5":"2ecb426f85ffc1c53b677556210e629f","sha1":"ad9850819763f79ddc8e1edb97609acbb5f1c28d","sha256":"92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219","sha512":"b765331cf9cbc19a7ef32d280b82214d1fe08f95b20952c018e45ff80bcb65f8a316801a7aaf620ce2e03556870f6f1815c62ea0c2e137a5fbec1d7cbd9eab7a","ssdeep":"384:B+6sNaUlJfuAKzwhza0l/rfSmASgrCgu06oZrSOabylQmKS/KAi+1Vyl:B+6CWAKgzacTKo98TpyyXKS/KXeUl","tlshash":"5fa2e1725755c41edc41c3e14db1e6ee10c2b3ed6033f5282dab43985e5eaf2224e99c","first_seen":"2023-04-05T19:01:16Z","last_seen":"2026-04-04T07:07:00.157771Z","times_seen":369,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c6b568fe6aa2c054989c4a442528e4ca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":76,"dns":1,"connect":17,"send":0,"wait":29,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/watch.783543627678.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=73786e164184c3973531c25a4d7fcd20305ee100ce114f8831cd6592a9e5f325384a8478687217c82dbea341d8dee640796455bd2c25f3f5d3cb11791223e2d52180c1df68211e54350eb29825cfffe34dac40e353693e76f9ff0e\u0026tz=0\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:46.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /watch.783543627678.js?dev=e\u0026key=f77ea98ddd7815f2f1591e24ce353f91\u0026kw=%5B%22usa%22%2C%22news%22%2C%2224%22%2C%227%22%5D\u0026pst=1760187046\u0026rb=\u0026refer=https%3A%2F%2Fusaxtoday.blogspot.com%2F2025%2F10%2Fbalin-miller-fall-vider.html\u0026res=14.3095\u0026rmtc=t\u0026shu=73786e164184c3973531c25a4d7fcd20305ee100ce114f8831cd6592a9e5f325384a8478687217c82dbea341d8dee640796455bd2c25f3f5d3cb11791223e2d52180c1df68211e54350eb29825cfffe34dac40e353693e76f9ff0e\u0026tz=0\u0026uuid=6af220ef-8f87-48ac-adc2-d36e6c89a87c%3A3%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nReferer: https://usaxtoday.blogspot.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjc3Nzg5MCwiayI6ImY3N2VhOThkZGQ3ODE1ZjJmMTU5MWUyNGNlMzUzZjkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzE3OTU0LCJwaWQiOjM5NjkzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzOWV4YmJuaWI4IiwiY3BrcyI6eyIyOCI6IjdjMGJkYTFmMDczYzRlNzdhZDdmODU3YzhkYWUxZjdjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly91c2F4dG9kYXkuYmxvZ3Nwb3QuY29tLzIwMjUvMTAvYmFsaW4tbWlsbGVyLWZhbGwtdmlkZXIuaHRtbCIsImFyIjpbXX19.7HWJ1l_24LFgW3M6kyyYGzSbrH8PVa3vuMVReVt23Kc\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 11 Oct 2025 12:49:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 2221\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://usaxtoday.blogspot.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=6af220ef-8f87-48ac-adc2-d36e6c89a87c:3:1; expires=Sat, 18 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\nu_pl16777890=1; expires=Sun, 12 Oct 2025 12:49:46 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 30\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 600cf85e89008dd061f7d1f8d23090b7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4838,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3962)","md5":"e5874869e2963fb60e3e6c35973a3e59","sha1":"e821b52cd69472d8a64b872a6fa6e6302412a5d0","sha256":"4ed7a580b1890c3af2cf7d6583f6725ed2b752488a8cde92faeaf20951b87a92","sha512":"846a19fcb3e0081b3ea383930b0c963b6baaf46cce3b965a7113bc4720e81ad7f55d51c59b2910fb94d0ac8af8a0dcb6b384244e69ce3d99acebe3a695251bcf","ssdeep":"96:ZEozCqrV/Kx6pqp2ZnYQr9x/Kx6pqp2ZnYMd1/DP7CCfMEDaH:HzzysZYQrPysZYMnb+CkCaH","tlshash":"87a10a3a3fd376f85cb2e4be26be6518ac50c009914089d17c9cea960f2dfb408b4998","first_seen":"2025-10-11T12:50:11.040233Z","last_seen":"2025-10-11T12:50:11.040233Z","times_seen":1,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkIaYgpVyxF4NVIXyx7CFdvZAULNBHpbHvNoTFjnqsqaAn5FECtVlwnBRLHbTzSrTCNF8gbmHY9_xwGEEu3LF9n4tPzRddRSOM6VdiLJBDJxPy9OpJ-JtrvkSl1VslHRtlREEaFjOc_ZAuH9xFAmgxwoKl_9muRnvQz6FBDWkJxggu-J2dbP8lsk8QiU8v/s320/images.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:56 GMT","end":"Mon, 15 Dec 2025 08:41:55 GMT"},"fingerprint":{"sha1":"FB:46:5A:12:E3:6E:02:EF:CC:80:E2:C9:DB:21:F6:D0:B2:1C:01:8C","sha256":"FE:5F:B4:C6:68:6F:78:97:3E:0D:1E:04:2D:10:0E:C7:A2:90:5A:3C:B8:74:B6:84:19:8A:1F:38:D8:D8:31:28"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhkIaYgpVyxF4NVIXyx7CFdvZAULNBHpbHvNoTFjnqsqaAn5FECtVlwnBRLHbTzSrTCNF8gbmHY9_xwGEEu3LF9n4tPzRddRSOM6VdiLJBDJxPy9OpJ-JtrvkSl1VslHRtlREEaFjOc_ZAuH9xFAmgxwoKl_9muRnvQz6FBDWkJxggu-J2dbP8lsk8QiU8v/s320/images.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v20ad\"\r\nexpires: Sun, 12 Oct 2025 12:49:47 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"images.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 11 Oct 2025 12:49:47 GMT\r\nserver: fife\r\ncontent-length: 23154\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23154,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x181, components 3","md5":"79fecae03aaa5eeb46803ec39f0a3719","sha1":"1da7895646652749e71a8741ff5c74c1946d85f8","sha256":"40edf58e2c4793b0b8bf01c16e582ecfa4caba8f0b4fbb651298ff53f13817b5","sha512":"1f0a4532dcc095eba39abfa5751a0ba07315dcbce003de1dbbc01047333e5bad556f75ef5398f0a4816832d970112f97977d67b7b1614ce48649e6e605b6c1e3","ssdeep":"384:fjGji1G+AmqBZOURLoyNroGMffRroKhlYQzjbrtPn8RMh865:fjGj8GPmqBZNVoytoPNBlPjbrtP8yh86","tlshash":"20a2e04190fa7a6edb6a49788f15a26035e2f20c4bec663fd087cf45fa309d8745e225","first_seen":"2025-10-11T12:50:11.04208Z","last_seen":"2025-10-11T12:50:11.04208Z","times_seen":1,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":695,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:47.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22336\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 10:24:59 GMT\r\nexpires: Fri, 09 Oct 2026 10:24:59 GMT\r\ncache-control: public, max-age=31536000\r\nage: 181488\r\nlast-modified: Mon, 22 Jul 2019 19:22:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22336,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22336, version 1.0","md5":"2ecb426f85ffc1c53b677556210e629f","sha1":"ad9850819763f79ddc8e1edb97609acbb5f1c28d","sha256":"92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219","sha512":"b765331cf9cbc19a7ef32d280b82214d1fe08f95b20952c018e45ff80bcb65f8a316801a7aaf620ce2e03556870f6f1815c62ea0c2e137a5fbec1d7cbd9eab7a","ssdeep":"384:B+6sNaUlJfuAKzwhza0l/rfSmASgrCgu06oZrSOabylQmKS/KAi+1Vyl:B+6CWAKgzacTKo98TpyyXKS/KXeUl","tlshash":"5fa2e1725755c41edc41c3e14db1e6ee10c2b3ed6033f5282dab43985e5eaf2224e99c","first_seen":"2023-04-05T19:01:16Z","last_seen":"2026-04-04T07:07:00.157771Z","times_seen":369,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=gda\u0026tv=r20251009\u0026st=env\u0026sjk=2496581366950195","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.74.130","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:48.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:43:54 GMT","end":"Mon, 15 Dec 2025 08:43:53 GMT"},"fingerprint":{"sha1":"84:8D:B4:50:4D:F1:86:66:2E:19:17:DA:99:09:25:AE:AD:55:FA:07","sha256":"AA:E4:A6:5B:63:F3:EB:19:DF:99:22:64:53:E8:36:B8:83:44:E4:DF:F1:8E:77:2B:E6:81:25:56:70:D2:E1:99"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=gda\u0026tv=r20251009\u0026st=env\u0026sjk=2496581366950195 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usaxtoday.blogspot.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Sat, 11 Oct 2025 12:49:48 GMT\r\nserver: cafe\r\ncontent-length: 13443\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17822,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"edb170d7f25c82f64b87b8077a79a3bb","sha1":"8900404d237828bfa02d7f9862e52f3d51ecf1da","sha256":"e165afe1890c1c1592f4b403a4ec18d70b997b4a8c423ad69f613388661f95b8","sha512":"aab6030c07b28f8d59c9f10b26058a83598e968b1124fd37a443285d6e105ad6a68821eb14c9671bbb8d96b66e25f835ac70e93fb8260862c593742d95cd1e06","ssdeep":"384:6IXYqaglRUf/3tOO5powJ+hTf+ZqTov77XPuabMATT+7M+TWXt:6DbKUf/3tOOFUL+Yw/PuagATIOt","tlshash":"7182d0496e112e7e0efdf4bc276ffbfda5874025943a9aa103983361d06df76a0525c0","first_seen":"2025-10-11T12:50:11.043313Z","last_seen":"2025-10-11T12:50:11.043313Z","times_seen":1,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":79,"dns":1,"connect":21,"send":0,"wait":40,"receive":3,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usaxtoday.blogspot.com/2025/10/balin-miller-fall-vider.html","date":"2025-10-11T12:49:44.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usaxtoday.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33951\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:59:29 GMT\r\nexpires: Fri, 09 Oct 2026 12:59:29 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 172215\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":97163,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32077)","md5":"4f252523d4af0b478c810c2547a63e19","sha1":"5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb","sha256":"668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404","sha512":"8c6b0c1fcde829ef5ab02a643959019d4ac30d3a7cc25f9a7640760fefff26d9713b84ab2e825d85b3b2b08150265a10143f82e05975accb10645efa26357479","ssdeep":"1536:GYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOaS9TwD6b7/Jp9i:t4J+R3jL5TCOauTwD6FdnCVQNea98HrV","tlshash":"8893d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:45:55.557802Z","times_seen":67237,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":25,"connect":21,"send":0,"wait":24,"receive":23,"ssl":238},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}