{"report_id":"734be683-88be-4a7f-8742-ab27d574c5fe","version":6,"status":"done","tags":[],"date":"2025-11-09T14:50:31Z","url":{"schema":"http","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"title":"SAME.3 [1] – Hitode","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-14T14:50:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":9,"urlquery":0,"analyzer":6}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:10Z","timestamp":1762699810,"ip_dst":{"addr":"185.200.118.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:10.976007+0000\",\"flow_id\":1696875713586311,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.118.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.976007+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:10Z","timestamp":1762699810,"ip_dst":{"addr":"38.132.109.186","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:10.996098+0000\",\"flow_id\":1474478011986690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"38.132.109.186\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.996098+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.116.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.016104+0000\",\"flow_id\":416726351298280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.116.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:11.016104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.118.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.076210+0000\",\"flow_id\":1696875713586311,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.118.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.976007+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"38.132.109.186","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.096567+0000\",\"flow_id\":1474478011986690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"38.132.109.186\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.996098+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.116.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.116302+0000\",\"flow_id\":416726351298280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.116.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:11.016104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.118.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.276392+0000\",\"flow_id\":1696875713586311,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.118.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.976007+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"38.132.109.186","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.296799+0000\",\"flow_id\":1474478011986690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"38.132.109.186\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.996098+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.116.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.316492+0000\",\"flow_id\":416726351298280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.116.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:11.016104+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hitode.xyz","ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-10-29","domain_rank":0,"first_seen":"2025-11-08T23:19:33.268939Z","last_seen":"2025-11-08T23:19:33.268939Z","alert_count":24,"request_count":24,"received_data":1086435,"sent_data":12906,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"irk8waeqf7kb.l4.adsco.re","ip":{"addr":"185.200.118.62","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"domain_registered":"2017-02-14","domain_rank":0,"first_seen":"2025-11-09T14:50:32.996102Z","last_seen":"2025-11-09T14:50:32.996102Z","alert_count":0,"request_count":1,"received_data":463,"sent_data":432,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.cdn4ads.com","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2020-04-18","domain_rank":441594,"first_seen":"2020-04-19T20:21:04Z","last_seen":"2025-11-06T04:07:20.082588Z","alert_count":0,"request_count":2,"received_data":84920,"sent_data":878,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"c.adsco.re","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":100769,"first_seen":"2017-11-29T18:42:15Z","last_seen":"2025-11-03T06:12:22.427789Z","alert_count":0,"request_count":2,"received_data":63066,"sent_data":917,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ssl.p.jwpcdn.com","ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-08-07","domain_rank":16928,"first_seen":"2017-01-30T05:00:14Z","last_seen":"2025-11-03T21:14:49.274031Z","alert_count":0,"request_count":3,"received_data":858413,"sent_data":1211,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"adsco.re","ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":3069,"first_seen":"2017-04-03T03:11:30Z","last_seen":"2025-11-04T15:46:31.839365Z","alert_count":0,"request_count":1,"received_data":1786,"sent_data":480,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-02T22:12:57.589972Z","alert_count":0,"request_count":1,"received_data":8838,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"4.adsco.re","ip":{"addr":"162.252.214.5","port":2087,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":95532,"first_seen":"2021-01-04T16:47:52Z","last_seen":"2025-11-07T07:25:07.891766Z","alert_count":0,"request_count":2,"received_data":856,"sent_data":841,"comment":"","tags":null,"fingerprints":null},{"fqdn":"6.adsco.re","ip":{"addr":"104.16.42.28","port":2087,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":91627,"first_seen":"2018-01-15T04:15:29Z","last_seen":"2025-11-07T01:19:59.965772Z","alert_count":0,"request_count":2,"received_data":989,"sent_data":841,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"voodc.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-09-24","domain_rank":157618,"first_seen":"2022-09-24T12:42:35Z","last_seen":"2025-11-08T22:28:28.179851Z","alert_count":0,"request_count":4,"received_data":210444,"sent_data":2193,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.7.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"JW Player","description":"JW Player is a online video player with video engagement analytics, custom video player skins, and live video streaming capability.","website":"https://www.jwplayer.com","common_platform_enumeration":"","icon":"JW Player.svg","categories":["Video players"]}]},{"fqdn":"irk8waeqf7kb.s4.adsco.re","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":0,"first_seen":"2025-11-09T14:50:32.994163Z","last_seen":"2025-11-09T14:50:32.994163Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":432,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-02T22:15:46.374949Z","alert_count":0,"request_count":1,"received_data":88479,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"irk8waeqf7kb.n4.adsco.re","ip":{"addr":"38.132.109.126","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":0,"first_seen":"2025-11-09T14:50:33.007812Z","last_seen":"2025-11-09T14:50:33.007812Z","alert_count":0,"request_count":1,"received_data":463,"sent_data":432,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usrpubtrk.com","ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-11-05T16:15:51.104159Z","alert_count":4,"request_count":1,"received_data":526,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-02T22:12:55.494707Z","alert_count":0,"request_count":4,"received_data":125520,"sent_data":2173,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn4ads.com","ip":{"addr":"216.59.63.128","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2020-04-18","domain_rank":44268,"first_seen":"2020-04-19T20:21:04Z","last_seen":"2025-11-06T04:07:20.08728Z","alert_count":0,"request_count":1,"received_data":257,"sent_data":1731,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adexchangeclear.com","ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-11-03T03:22:51.930783Z","alert_count":1,"request_count":1,"received_data":1748,"sent_data":796,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:10Z","timestamp":1762699810,"ip_dst":{"addr":"185.200.118.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:10.976007+0000\",\"flow_id\":1696875713586311,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.118.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.976007+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:10Z","timestamp":1762699810,"ip_dst":{"addr":"38.132.109.186","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:10.996098+0000\",\"flow_id\":1474478011986690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"38.132.109.186\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.996098+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.116.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.016104+0000\",\"flow_id\":416726351298280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.116.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:11.016104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.118.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.076210+0000\",\"flow_id\":1696875713586311,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.118.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.976007+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"38.132.109.186","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.096567+0000\",\"flow_id\":1474478011986690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"38.132.109.186\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.996098+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.116.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.116302+0000\",\"flow_id\":416726351298280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.116.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:11.016104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.118.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.276392+0000\",\"flow_id\":1696875713586311,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.118.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.976007+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"38.132.109.186","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.296799+0000\",\"flow_id\":1474478011986690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"38.132.109.186\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:10.996098+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-09T14:50:11Z","timestamp":1762699811,"ip_dst":{"addr":"185.200.116.90","port":3478,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"172.18.0.6","port":33810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2025-11-09T14:50:11.316492+0000\",\"flow_id\":416726351298280,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":33810,\"dest_ip\":\"185.200.116.90\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":186,\"bytes_toclient\":0,\"start\":\"2025-11-09T14:50:11.016104+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c8d967999607cd820c3a947a98d52f84","sha1":"d37bfdce82851b85dab7aa69b037d2ca140e2ddf","sha256":"0e27576eb1e9c067b58d47b8749be97d9e94c1e3d67cdf541784148cd80a04b1","sha512":"299e3512dea806608762fd9bf97a96fe6d0d36391bce60eae9cc1449deea726b09b71d6d4e73b5544736849cb70a935e1d853a7a064286a48b9f2dfff0761599","ssdeep":"","tlshash":"f680044d17f00d4d457c0d4c7344114470d4f44f10101c445014171570750315005043","size":37,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-03-06T11:55:01.496646Z","times_seen":16060,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,dmFyIFdQX1N0YXRpc3RpY3NfVHJhY2tlcl9PYmplY3Q9eyJyZXF1ZXN0VXJsIjoiaHR0cHM6XC9cL2hpdG9kZS54eXpcL2luZGV4LnBocD9yZXN0X3JvdXRlPVwvd3Atc3RhdGlzdGljc1wvdjIiLCJhamF4VXJsIjoiaHR0cHM6XC9cL2hpdG9kZS54eXpcL3dwLWFkbWluXC9hZG1pbi1hamF4LnBocCIsImhpdFBhcmFtcyI6eyJ3cF9zdGF0aXN0aWNzX2hpdCI6MSwic291cmNlX3R5cGUiOiJwb3N0Iiwic291cmNlX2lkIjoxMjk1LCJzZWFyY2hfcXVlcnkiOiIiLCJzaWduYXR1cmUiOiJkMzdlMTIxOWU5ZjllNGRhY2NhNDA4OTJiYWNjNGU5MyIsImVuZHBvaW50IjoiaGl0In0sIm9ubGluZVBhcmFtcyI6eyJ3cF9zdGF0aXN0aWNzX2hpdCI6MSwic291cmNlX3R5cGUiOiJwb3N0Iiwic291cmNlX2lkIjoxMjk1LCJzZWFyY2hfcXVlcnkiOiIiLCJzaWduYXR1cmUiOiJkMzdlMTIxOWU5ZjllNGRhY2NhNDA4OTJiYWNjNGU5MyIsImVuZHBvaW50Ijoib25saW5lIn0sIm9wdGlvbiI6eyJ1c2VyT25saW5lIjohMCwiZG50RW5hYmxlZCI6ITEsImJ5cGFzc0FkQmxvY2tlcnMiOiExLCJjb25zZW50SW50ZWdyYXRpb24iOnsibmFtZSI6bnVsbCwic3RhdHVzIjpbXX0sImlzUHJldmlldyI6ITEsInRyYWNrQW5vbnltb3VzbHkiOiExLCJpc1dwQ29uc2VudEFwaUFjdGl2ZSI6ITEsImNvbnNlbnRMZXZlbCI6ImZ1bmN0aW9uYWwifSwianNDaGVja1RpbWUiOiI2MDAwMCIsImlzTGVnYWN5RXZlbnRMb2FkZWQiOiIiLCJjdXN0b21FdmVudEFqYXhVcmwiOiJodHRwczpcL1wvaGl0b2RlLnh5elwvd3AtYWRtaW5cL2FkbWluLWFqYXgucGhwP2FjdGlvbj13cF9zdGF0aXN0aWNzX2N1c3RvbV9ldmVudCZub25jZT03MWIxOGFkYmNhIn0=","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"72f54a48ebfc29475cd93ddf9e3bbdcd","sha1":"289e60aeb2796992a4f82223b6185b8c063a967a","sha256":"386ee05bbd8e5e632c9d0feef1c94c277e196c5b0182313a94f0cd58493a34c3","sha512":"55fa85d214fcb961e7f7546a843c70d30483455fc52d694b5c159cbafa4e2ffe1a0e5a1ac16609b66ef8251181324265cf01cdf422370977697c18a2ac7aeb72","ssdeep":"","tlshash":"2711cc41f6894f7a14f26fc0020efa3128e7be2357188620d2a85dad025d9e8b347602","size":860,"data":"","first_seen":"2025-11-09T14:50:42.284405Z","last_seen":"2025-11-09T14:50:42.284405Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.js","fqdn":"ssl.p.jwpcdn.com","domain":"jwpcdn.com","tld":"com"},"ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8dc1a43e7496a716635450fc7ca56ab0","sha1":"6f69857c57abb54cef15aa5d23cd3536f8a91719","sha256":"2329405419376039c00d692be914a5a01ac07a0a1e6ae84b7ba3ac06c9dafce2","sha512":"fa6982215cb191c40153d903d4621ea6ca5f22d8d7d01f8c58fb84434f59ec643267d760f6116066034d5e469d1a516f8d4d8ceaa5759f3737fd185a0b9087e6","ssdeep":"1536:v+rFRlUeyQTCcKxTqkk1QYYKDjAPkMUtbKSrvo1gBiSo2Wz1x5v/Q7ECorQMw5GX:vDQGTC1zawoiiBQMw5GX","tlshash":"36b319e531c2b4e603e628daa07a4041f23a0945380dd5a4fa6cede63d67947b177fbc","size":109839,"data":"","first_seen":"2023-07-11T16:56:50Z","last_seen":"2026-04-01T01:55:58.778584Z","times_seen":216,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/8a6211d87582e1faa6fb92ac5c8f1d05.js?ver=f1d05","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f297b5d094c0273f697ad032f6200ad","sha1":"99cfd4ff1a094f0b1c959f0d07f9c1d5268ff8ae","sha256":"9ba537499778d2e6242e0696dcf2778fde36a5618e5c9e9f61e2af3a6cb6a0dc","sha512":"d93162bc91e508a1e65fd30f8354b066a3c6c1a4bbbc0192edf40693c12edc3dc8f886fe983bca3f9954348fc0d1efacd4aec2d1ef62b6b9f111f73239441cbb","ssdeep":"96:lhWWQu/8fY656ti6zGYipxh8Xju5quscWGyz/SsS3:lhWWQu/8fY656ti6zGYipxh8zu5qusUL","tlshash":"6ca1231a717073f101ef40f990ee61c87f270e66e6099cb3a0b885954e69f431e97ade","size":5027,"data":"","first_seen":"2025-11-08T23:19:40.911346Z","last_seen":"2025-11-22T18:17:28.135957Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"aaf72876f0d5e8a677a383fd45bf938b","sha1":"d8b2ca3c238c933223f4a6313c5c0561f99e0c1c","sha256":"15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6","sha512":"c6bec20224539a5319a753a794c7521e7063e76b3d41bac8d7f0159880eaf3ed07c3fc1b0eb4ec285f1970f270f4b0ab68890d5a0ed01e3b1542102ad707f6d7","ssdeep":"","tlshash":"207000080820000820200802220322283822323022cc0002220a083022ea00b80282e2","size":24,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-03-06T11:55:01.498128Z","times_seen":23956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dc0923c33f2f758c84c52fbb61c834a3","sha1":"b058be2d1733bff3d424d94ace699f13151e3df7","sha256":"d37ef4938c8ae1d3621058c0b807b594bdff045977dab405590883e514289ac3","sha512":"428f2cdc01d9aa9d3dc8ed5a91cbbc7bc7f1e0e05118f0d8a5e817f78b4348022cc0f7219d8362cd7295faca28e22392b2766cbeabb3b65d2387366e142294eb","ssdeep":"","tlshash":"f4d0c77df0585e5020c2607fb471a016521791b9bd941130d75ebc49ff08be546afeeb","size":215,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:01:14.883241Z","times_seen":20040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fb440b8133f21c3e5d3e39624e7bda94","sha1":"1b46d8568f9bd8a2be944d6a61924a21ec0b6e4f","sha256":"a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc","sha512":"f874692932aab2be754d763a3998c5cd3c654a5bcd78c5d839fe0ba506f9a9e563d3cecba0ca71a6b0db35ff94943f6fa8bb0292f10c1aeb7df2704ea6d85fbf","ssdeep":"","tlshash":"047000000000000820200802220322083822223002cc0002220a083022ea00b80282a0","size":20,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-04-04T11:33:28.15947Z","times_seen":24288,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6c2415c0ace414e5153670314ce99a9","sha1":"5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6","sha256":"d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8","sha512":"de027062931edd07b01842eff24fc15fdbdcaa1af245dcd133155faba9e0c965f0a34dc6144ce3b149bc43b4597073c792cb6dabbfc6168c63095523923bcf77","ssdeep":"1536:/KRUXRa8Dgwxcy2jpBNwch96SLk8Ek2BSrBGS1ia/eEk4aV2EXi8SMpQ47GKV:/u1zNwcv9qBy1HOg8SMpQ47GKV","tlshash":"9f83f8df77ca702247ab30b9006f550bf276199d684d4400f259d8e9bc78a4a823bf7e","size":87462,"data":"","first_seen":"2023-05-12T23:07:48Z","last_seen":"2026-04-04T11:41:07.246037Z","times_seen":23660,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"96a23458686f611791fbbe82bbb8b508","sha1":"c196a0fe6d98f15894146003e1c9d6ab7d329740","sha256":"b8fa0c8f29f54d87b367fa2ef60d11df89d2e0457c2cb3fa2423153c17e19d8f","sha512":"a87878192fd286231f68b84cb1d34c476f75ef7a9f05d707208310fdbe07861ffc341725c3d08f518f207cc826c7a66a37b715d4b2a67a53dbace486aeddcc0d","ssdeep":"","tlshash":"801194386815b911179b553c0177fd1c38f312dd8a416ad8a9dfe0e1673688a082374c","size":972,"data":"","first_seen":"2025-11-08T23:19:40.936364Z","last_seen":"2025-11-22T18:17:28.154982Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d72b80690ba108f701c1b1a5e697720","sha1":"befbf4e1dec83cfd6b3a327a909be07a4f8ab490","sha256":"0d8bef99a34b9446ad386668c9742d804417dad6f930213a1dd1cbb8dacbd6e3","sha512":"7cc76f2ee11c4395caa4a50a63bbd1668733e4f8ba3d89189a8014364a7e93873434b7b7b7c7ab37f624d4558e064d913657c064dcc9b35f892a0f05e0991130","ssdeep":"192:q6e4j3qVXlu798fbuEO4C5/hsNs35PhSkzISM8Z:bel29YFts/Swau","tlshash":"62f153497542b57f393b7071d0af220b313970a3a84b4861e9b8f6d87c789792a23d7d","size":8109,"data":"","first_seen":"2025-07-25T05:28:04.240916Z","last_seen":"2026-04-04T11:01:14.884284Z","times_seen":16282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"476b43130f4da0758e51a26ea93e733d","sha1":"5eac9c53e9cc1410e58f6f0bdc85528acab30736","sha256":"b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c","sha512":"d7b6af5bbc8185dfa58fccd8be30e14c79aed4aba53d8824cc066465690837c5f2d173bc3bb78eda33f9ae91ac0434fbb63d4d4c906e1874cc614ecf72ac4291","ssdeep":"","tlshash":"547000088202202a003828028282a220223ca82080028020000a020228002032ba08c8","size":22,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-03-06T11:55:01.506782Z","times_seen":22784,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"99ed509dd734815f67b6271185927e5d","sha1":"8bfb2a5671caf492c6699766ecd1aa5045c1537a","sha256":"d494f13c0031a3f6bd0bf134f109bba643c38d6ec87871a3419894a96f04545f","sha512":"09949e8492954272f5263d4db110b96cf5f95f0365c6a6fed8190a55e6120daff9bd914aff85d66ac0157b7b45131c3a65f630c8ab1406cef00c6fb67c2bad20","ssdeep":"1536:VR/O1pERiVF52jocD9VtSzylZBw0ogd8NevCUJzg48U5eUik5YVNbi/OsWe/+cnb:3jocDn3fw0ogdjvN3o8JxQ1cHvb","tlshash":"71831b2233131379b699d09bfd269a60a32151c5b946842c72ec4ce7739fec97a34e78","size":82922,"data":"","first_seen":"2025-08-14T18:20:50.967538Z","last_seen":"2026-01-11T22:48:04.802302Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/5dd951d02993da36099fc496c9717501.js?ver=17501","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a97d6491ea7bef88b7be7f868d86b9b","sha1":"f37977de04b86eff4a562b1e6742aacb8f82cd64","sha256":"5221f5cc48af170d59c6bfad2b99071d0910d0076d53d3088b904cfe60d72cec","sha512":"65732a66922ee8ce35d7556d8406cf37b7a74d020acaba6ec9bfebd68ff21a4888e8d0f04e37d9ad8463cfb7fd1c1aa987ef971aba919108b8b98951cef6101c","ssdeep":"","tlshash":"8fe02babb50685b900da72337adf278e36791693ac16584159188c80ba39cd66026de5","size":420,"data":"","first_seen":"2023-03-07T13:10:56Z","last_seen":"2026-04-04T09:08:44.266669Z","times_seen":613,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d720eef71edef78b948a643d5712ec07","sha1":"ea5eb334bd6ddb0f04abafb700dc2ecb30070c76","sha256":"2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae","sha512":"63368ff1fef849df7f849af23bc2f24698893bd3d58300282427a76665b2d5c94f097d409f93173ad9c36944b4fffc2e37fa03a91f81e4e04f3737f9b73d2d6f","ssdeep":"","tlshash":"5f6000c00000c00c0000ccc3c00300c030000030c0cc3c0003003c3300cf00ccc00033","size":15,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-03-06T11:55:01.51255Z","times_seen":24260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/0d0349e89020243c4a67e912f8a8435a.js?ver=8435a","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"622812d1045068a5a6791e30a38eacbe","sha1":"d7917d9bc45a7909c5944d0138bbff75e8e59419","sha256":"3b018ba3fd44409b43ce623cbd7b69a94aedb00a35882ef3c2c754df3e9c7dca","sha512":"00675ded9bce7783e71bb04e59f0d3f71db4d9b3111bc8f8d836aad26e3774443df44383757cef4398edb9da7b2f9a9eab2f7a2aaea1336417c4628bbbbdac75","ssdeep":"","tlshash":"a280041c1111544d1dd114d0f137d5dd5433017dc00cf0174f5004404c504dc003345c","size":37,"data":"","first_seen":"2023-03-09T02:32:59Z","last_seen":"2026-04-03T20:14:05.506394Z","times_seen":499,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"9aa3dc35f8ba994aa0f04a42c4da5062","sha1":"a65df79b7b70e8b8d22a2db929f6598428a827e0","sha256":"89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb","sha512":"72ec1d5aaa34463f798b2d2c5976a6221f70e51ea2afff582319f4c8b7e31f4a67ef2a2d39427b4d1cc89ca66c4d4374db662c1137380ce0aad2acfcdbed4d6c","ssdeep":"","tlshash":"ec7000080000a0308808a002882ca3803c20a820b022a008080823080000a020008e0e","size":24,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-03-06T11:55:01.493594Z","times_seen":23251,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"e969e6981adb7ab1cb174994a5c8c627","sha1":"5f534a259a6f3754d1d392028fd4cbb344fb6563","sha256":"5cb18f9c0eebf644c0bc27e5224177984121b4c4a3f8189861a6d797a15a2e7a","sha512":"10bbe815bb6e4ade10d00a42a82dd10b668e95e275161cb0a637b2ea95785f8f7fc72b31bb48ac9c1dfad03d811912c0683941a3c09357525f164915d5b033cf","ssdeep":"","tlshash":"a380000a88a8a0222a30a0228c020200202e822080ee208083f2032020c283c022b802","size":30,"data":"","first_seen":"2024-02-12T20:00:22Z","last_seen":"2026-03-06T11:55:01.514986Z","times_seen":20053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d9f9b0f82813d813afe0d450e9fab4d6","sha1":"cb6ce93dd97adc3649f697ff49681f5aaf8b1671","sha256":"d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b","sha512":"849997b396eb218b8bbc788eeb34ec3eb9ab4c809a07ac707a57a5e13baabb69d2c52795403d032f007276109c7f4476daa8255550fa236873e1eb9ba6dba3ba","ssdeep":"","tlshash":"706000c20008802002c200028820a2802832008a20022000c00800000000a0c0222808","size":17,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-03-12T13:30:56.245454Z","times_seen":23634,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js","fqdn":"ssl.p.jwpcdn.com","domain":"jwpcdn.com","tld":"com"},"ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f4459c52455c57a5490992cac29595d","sha1":"55790ba8e788ff62ddb68f640246acda2cdb4397","sha256":"5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd","sha512":"1fef48a4b99846bd2fa0cfb9a64a9a32e0a4b50e277d59ef50e3f0158cbad9a5a356b49398a68733379fb83576cec13f259f5b2e690f3af2ea0022c2891a5497","ssdeep":"6144:yCQemC8LqtKL7uGlLKaEt/GDq2/ZaxB2KlqJxRC9i5a9GYq+:iMKOGlLKBt6qpLqJxRC/","tlshash":"bd943bed7795a02642c2a1a5903f4617633b7d0a3409c1bcfa2be9d75db8849b03bf74","size":422237,"data":"","first_seen":"2023-05-26T21:39:22Z","last_seen":"2025-12-21T05:22:40.894307Z","times_seen":215,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad81beb0a28e87fe3ce3742823d264a8","sha1":"f0aa1a71cc5d0b2b40e1b009486fc627f7703878","sha256":"10531cb9ccd59383133c85843a19c55ba0a27d1a2eb912628e9bd7f68b479aa5","sha512":"ed7834311ae7828b03aa5a7411e9f4bbf5066879ee89fe01f83fa28d1a299733d0a81eea1cc4ab97477bf80c13c5ecf94e398d95c3bd3a2911d480b651c6fb78","ssdeep":"","tlshash":"9131ee7df5291636095661fde399e341a030f0dadc428424efb5cc5ea8cce9548abdf2","size":1717,"data":"","first_seen":"2025-07-25T05:28:04.194173Z","last_seen":"2026-04-04T11:18:47.814451Z","times_seen":10949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/2cdea05afd05ac948b23819600e073bd.js?ver=073bd","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d8c6f84a49fc3fd944d3a0a3245c4ee","sha1":"aa1bb220a8fa648cae4cbd537e60e36663e11b48","sha256":"8f9f20ef8adee632a8708d924c5d964b7ad0abdc6801f95abf330b5e82af6405","sha512":"eb97918d7c7236104deb1d31ccd75ca15b2e9246d3b509584b45956b275ec4b5f7c91c513c403a9333ff55e062ce2d10a4f26f591f70de5388d81bcd8ecc0eb4","ssdeep":"96:3MyYZS6xMyYFBjJSruLMKXJFRDOPtcDaJefUwD+fBHRByiP+onLJVuZ2nQaiDF:cZZS6xMymBjJSKLMKXJFRDOPtcDaJefd","tlshash":"bd91f346783f216506ea1077317beb8fbee0b1956395a000f56cc8fc7474ec8b06ad66","size":4284,"data":"","first_seen":"2025-11-08T23:19:40.909948Z","last_seen":"2025-11-22T18:17:28.134982Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"36e84f83e434b21b17f4d3f08fff2cea","sha1":"47c62ad41b395a142d7eca64bd45c6fc8081125a","sha256":"6fe3328eb838d15c87589dafece9f0110b7aaf63cde5429f431520dcd6d43bad","sha512":"8e275e4627247f231c27580f9e0d965c9d4e5ef5ba03e5d55fce4969f0f6c8e4afad0d9724cd4d84f0afa22b05d541bf6700d07ca75f1716f946ac39b121d5ea","ssdeep":"","tlshash":"3841344b3650586a8640cbb566cf316044fbfa1a7ce6cff3a502e3029964d4a35477e7","size":2037,"data":"","first_seen":"2025-10-09T01:57:53.216387Z","last_seen":"2025-12-06T02:24:30.05527Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,dmFyIGdyaWRmbGV4X2FqYXhfb2JqZWN0PXsiYWpheHVybCI6Imh0dHBzOlwvXC9oaXRvZGUueHl6XC93cC1hZG1pblwvYWRtaW4tYWpheC5waHAiLCJwcmltYXJ5X21lbnVfYWN0aXZlIjoiIiwic2Vjb25kYXJ5X21lbnVfYWN0aXZlIjoiMSIsInN0aWNreV9zaWRlYmFyX2FjdGl2ZSI6IjEiLCJmaXR2aWRzX2FjdGl2ZSI6IiIsImJhY2t0b3RvcF9hY3RpdmUiOiIxIn0=","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"80beced4e68478b12f0adfe27c6f81a2","sha1":"0fc39451f1ab91ada9a183b1132b3ebb8e7a0d3a","sha256":"562eb4d256522f6d4c05ca94605ccc2a948d7745e2ab9f62697d8156f59fc9ec","sha512":"310f84abf9b4755d992a7afda0e0298eafeb682f12e8169b7bf1faf3b91386b1c012f9e89757510adc6e62e17c2f8fa4dffcb234f9c3c0b4f1d6f7d1cd16ff8b","ssdeep":"","tlshash":"84d0c95226252f77955391d002aa25f291be36b169e8aac2f2d889688389d81cc59183","size":209,"data":"","first_seen":"2025-11-08T23:19:40.961739Z","last_seen":"2025-11-22T18:17:28.173597Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,dmFyIGdyaWRmbGV4X2N1c3RvbV9zY3JpcHRfdmFycz17ImVsZW1lbnRzX25hbWUiOiJhYmJyIGFydGljbGUgYXNpZGUgYXVkaW8gYmRpIGNhbnZhcyBkYXRhIGRhdGFsaXN0IGRldGFpbHMgZGlhbG9nIGZpZ2NhcHRpb24gZmlndXJlIGZvb3RlciBoZWFkZXIgaGdyb3VwIG1haW4gbWFyayBtZXRlciBuYXYgb3V0cHV0IHBpY3R1cmUgcHJvZ3Jlc3Mgc2VjdGlvbiBzdW1tYXJ5IHRlbXBsYXRlIHRpbWUgdmlkZW8ifQ==","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a912d6cf416ebbc66bd7f541b58ea413","sha1":"aa5bf76267f82dbe8c93b95331f187ac3ea8dc4d","sha256":"849541ce16561987eb65955af51900858a41b3a536f08b7260ff5d2314f37131","sha512":"318409f4523aa39a66bcb7fc53977602a1f8b915d0c98d16a484ce32ffd0311fe9256701cd37dd168ac542835d2cf91c972c8d384024afccf9f3d298ace1b6ea","ssdeep":"","tlshash":"d9d02314615451dc4f4554d773c658c7f47ce3404004415d545c553323710f5ff11594","size":235,"data":"","first_seen":"2024-08-19T13:05:11.588036Z","last_seen":"2025-11-22T18:17:28.171159Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn4ads.com/mypyyfamti?cPivZVOK=BQOCAAAAAAAACZUAAun9MxME_Q9bRUl2uHGnIsVhZaIYAUBNGF_5IDZEQximY4ikcqxAKU0tHbTG3bUMBw0wmC265tI_gJMIGajnec0gcgMNrBAaRnWBnmw1axImzqxzufIjk9lVOqkb-dlac8P-8uwcOW_T3o9KybdZMIIiKUZyUQ5XB5K5GYA8BEP_AbI-qQUs42fS9oSvWvxsiENwRxfxOkju-oh36UUaHNv7FxoNJVanGu15z_hsBJTL6rUx399WGzUN5yyB5BDqXb6fpfN4qCMh57sc0k3TkiJ3gGQHkmb2-dXidPJx46hgmcLP7QTXYqjWTmryHB7AmHXWZ3GchDzLsmaxEdNF8GwY9p75v4QDOZ_JMq-DtoAAG2E3sIQMDtwlDFjPRtgx46OKYoAwGYrWtnNP0H4H_M_0wAAORuh8juu4QjHhu76mMCt9Vs-IkBTkG_wd7d2tLWTYXEgJb_0ycM4rR2tghcTUfuHVxUmN5vvcC46NT1A4Gr3UXfFWo4tRAlqw3VcCAzhoBA6HR68I5zsyuw8Yieb7wmnVqy33szpv1Fg1wSTTyUVaLh377jOIsnOC1Jbq0tjafIOLLbjF5TCXu-Id1eAjRVMMOjbYy-nqyC3pCR8b5klQUpSGykuxmqRI7elbtfF4TymROfu0vV83foUeTjnBUre9XIGNDkYWPpMt71v81l_UlgohKU-3cqfJmxQsELytT5gzOjwNmNL70OehjNj0zr--IQ8BfDWn7dXLlyJ88ZmwoD-PebOJBo0561gkzOM6l8W44MJ6oZQRISzcVDuRjBOdDJRu14CgkIrdTh2semCBHK0QWAftlCQ53J_12jSRtpZGDFXdN308S0LTCSlz_uTiL1EbgjvgQMYL-ZNzP2ngn9bL7nNwHY8PIbejjUSTK_Pz37tbOpsv8Yp9QK3CelDpnZTe0SpLx-RdnCJphLoEwcwmtTcyz6bvSlyASkpfhakNvbAICbELgkdkY4CGhNzfvWRLnBIeLt856nSezl78ZxHQf5-PSZgI45sOftjzO5tUnB9CiQZLGrqId4vZZnefqbuKVYRd0LFr7DMlWtypO35yJ67xqvFH9FVdrPJV05v6WcmallObsMupG-EuuzA7rAb3lep3XYkpz1CWhXN8Gn8CKaDyTKVbTLBmCEJJOEdab4jEaIGFpPFwWOfQqDYEbW1voIsUNW5rfv2U\u0026ldGkqFbX=4\u0026GLYTMdZB=5250473\u0026BzelNMvX=\u0026DXjMBZwp=0,0\u0026NIHsmgvL=\u0026NovWmwFg=\u0026MpcPHLWf=1280,1024,1,1280,1024,0","fqdn":"cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"216.59.63.128","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5f0a25e4d3522d56d48ce7bc3e518fb","sha1":"86794caff58f7fee6e684c2ba7195f970a8d6f4c","sha256":"9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5","sha512":"a3a81801f516a4eb11f00d6f56dab0ed4b8a79219e6b4f5436993479f09dae08f14cffbab3327ff66fb39201d8eba1153ae7114f7705a01cc6f0edf840ef1616","ssdeep":"","tlshash":"789002801814116115d1500b8d5159d01259b1a4540801324446ca502dc7883a415774","size":44,"data":"","first_seen":"2023-03-07T01:17:45Z","last_seen":"2026-04-04T11:50:12.322008Z","times_seen":22760,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"ab3b4884408bb0261d6b56a7d288fe80","sha1":"b0f370141ada9b591302b575434c255db51ae151","sha256":"e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587","sha512":"e57cb5cdac6519a8a24e85d5d91f2c6492e282308a94d369619e9455cef8f22a2a6abd62023647fbfa0228b6d3e12da22c280d691cd351608aada9c284ca3a66","ssdeep":"","tlshash":"6c80008ea0803232a2fa02038a822200a2af38ea88008820000a0200288030f232ac8a","size":26,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-03-06T11:55:01.519336Z","times_seen":23027,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/avurcfzp2.js","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9973175c500e9bbf5b5f3d1c62b5c88e","sha1":"b730988f3a92f0d4c4db592a6918e3810d29dec7","sha256":"484c51a3adc1d8fbc348563e1224db8c50a92b9ba301393491bb2c4d7866d419","sha512":"4b33d8363c3ab3c09dfd463ce50de0cd909a05fc42170ce09d1b2ef1570755c919412a8857715e429d83755510d906316509fb73b6ca165f4e57f610546fdf79","ssdeep":"","tlshash":"8a4150fb7161719242d17467104b871e92f39d5f7aebf1e2b2a0a9832b912ddd043b88","size":1896,"data":"","first_seen":"2025-10-09T01:57:53.14817Z","last_seen":"2025-12-06T02:24:30.041798Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/d23b7e6f378cb57dc46c3a8d6cd46b1a.js?ver=46b1a","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c293b894c81608d181208ae3853e6177","sha1":"21537c63b46a71d20cd4898b624d6c0b390d25c2","sha256":"a40629940ce11be91166eb91279ef44e36da11bf7e91478da91cb0a53aaa4f0a","sha512":"3d8a6a0b7713fd90dcfa7ea8a55eb839785a32621a8caf633a97da6f560b2c09b26ba58af911cd5a4f0be7442c32088432db7b901f99107fb959f70873968c05","ssdeep":"","tlshash":"20110e9d684ba4c952f359d4d52fc24f74778ef2950c9459940cc0fc6cacd1f52aabb0","size":1000,"data":"","first_seen":"2023-08-28T05:57:48Z","last_seen":"2026-04-04T08:44:13.978072Z","times_seen":4698,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-includes/js/jquery/jquery.min.js","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-04T11:49:34.807477Z","times_seen":685180,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/9633e9b03f5a44451d715edc2485ccbe.js?ver=5ccbe","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"886d7c72aac16b4d7fad967aaa37b029","sha1":"aaa2f737cfe7e8a77138b812dfe6f3b67797204b","sha256":"27ea21a9138e53d9f2dd561bb0ca8bc012f333be06059e0d76b389f74b179f2e","sha512":"b4e52588f59f4ab1e9ab514530a7e563323368863f98c866ed453ce2c4e3d4314ee250a7dfea207b4bcf54b3edf66f1bbda641a4871589c33a9dab84054541d8","ssdeep":"96:PwSrH5hrG6Qpw1rIN2Bkqsu6B89w1y+7Y3qv5StcXyuC0r4oYeTnf49uVhWWTfjb:PwSrq6Qpw1rI2k1u6i9woa3hSSCP9+X/","tlshash":"17b1318db7737563125aa0f2b31b430ab3b6509ea128419d765cecf39cb490a1973fb0","size":5522,"data":"","first_seen":"2023-11-11T17:21:40Z","last_seen":"2026-04-04T08:32:10.960728Z","times_seen":2247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d3fb31fc4a0b37980210c57f2698989d","sha1":"82a161b3a63cf0d5a5b37e9eacdfaf298bcbb55b","sha256":"45200934a32157fcedfec503f25c156ed7a19df9a9538269e7848ad8f1adc936","sha512":"69f23736f39a72a620c7ee834ab1745e31b0289d9724365899af60148af4a28c26c7f2bfd64649776390a2301775e2c5be863604d3c932f264eaf572f0c2b3e7","ssdeep":"","tlshash":"0fe0a330f14849201040c569f274c41110b2ca85dc2aed30f38db818f830989c1b7df7","size":408,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T10:49:49.269757Z","times_seen":14225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/31a13e40c7e5ef3d4dc0e1470f54e32c.js?ver=4e32c","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"02cfac20cbb029f181cc521397fa7d80","sha1":"11fdeb42879d7f3666ecf88c11d4142e628d8dfb","sha256":"c5ad54828247682405117c359ca233b9760d2b8c60daa7e5d09c8ab4af271f5e","sha512":"c93098da1a68a409e239c3e9660774a103fab813039d82f924c467517ac8de96093b88cd1778fe3d9768aa53d8167dd591a6b3fc07c8eea27c76a773dcc3738b","ssdeep":"96:8CmrPpnMTDqfVNsArPF1DYvDRGuPHB+qCuS5+6k:Fmz96DqfVOXEuPHB+qC9Y","tlshash":"01b1325e2f506139e097f8cf90cfa028906e8da75bcad079870c85d81da576891f2fde","size":5366,"data":"","first_seen":"2024-08-20T19:54:53.224004Z","last_seen":"2025-11-22T18:17:28.119641Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d72b80690ba108f701c1b1a5e697720","sha1":"befbf4e1dec83cfd6b3a327a909be07a4f8ab490","sha256":"0d8bef99a34b9446ad386668c9742d804417dad6f930213a1dd1cbb8dacbd6e3","sha512":"7cc76f2ee11c4395caa4a50a63bbd1668733e4f8ba3d89189a8014364a7e93873434b7b7b7c7ab37f624d4558e064d913657c064dcc9b35f892a0f05e0991130","ssdeep":"192:q6e4j3qVXlu798fbuEO4C5/hsNs35PhSkzISM8Z:bel29YFts/Swau","tlshash":"62f153497542b57f393b7071d0af220b313970a3a84b4861e9b8f6d87c789792a23d7d","size":8109,"data":"","first_seen":"2025-07-25T05:28:04.240916Z","last_seen":"2026-04-04T11:01:14.884284Z","times_seen":16282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/6523d8b939159156e746e0239fb61e7a.js?ver=61e7a","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1d790d533d8f1a81b64f2977cce0725","sha1":"cf6c1c721e4e56df5d0513c82aff246076fa663a","sha256":"8a05d50ec1d8c58b4ff51b5c1f8c91750ef7220bd5d888d88b00915e05cbc045","sha512":"621190896405e413f61f2009dec88969fbeb47178d6c90b902bf16705561bf185c9f3862ad392b0a9f329ed6cb3670badb907e16b1deaadc76d5149fe9229fcf","ssdeep":"192:5nQ998xYO9SkmsKlsL4WOGAOZPSeIWpYd:5nQ9WxqCL6/WI","tlshash":"d70273467bd259f1ccf23468152a2a3975ab0ed33202e170f828d9d3445c6d6e743b7a","size":8967,"data":"","first_seen":"2025-11-09T14:50:42.270394Z","last_seen":"2026-03-06T21:30:18.093994Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"79e362235e366729632e60d6d35f8904","sha1":"69df1a1691b05442e11e2bc5825fc6297b977a92","sha256":"da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36","sha512":"94ca14ccb12238f547249a07134689257dd97639be34d7f466f52741df7176be982d88c5d294dd42a534a32d908533b5eaae33a13cb47ce0cf065d3098d9383d","ssdeep":"","tlshash":"fe60000000000c30000303000c30c3cc3c3f000030033030030c00000c00c003300c00","size":15,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-04T11:33:28.157889Z","times_seen":23588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"b7d8a1a33a77fcd0328d3c709c5a9eb3","sha1":"e8ea90d66488aae87f231079141b02b04cc26f05","sha256":"3f06772f212125287a824492bf133d5fc6ef851b8478c081406f650716869cde","sha512":"b92d0879e95318270c892770db71380d6f66efbeb8e4c9a8155e82b09e66a0a90844a4d0e38ede9b6bd536d8926ab4359e3bcc5266594f04136fa66295bbc9c1","ssdeep":"","tlshash":"f37000082080000200200002020222003202203080c82002a2000a3020ea08b8020080","size":20,"data":"","first_seen":"2023-03-07T16:36:56Z","last_seen":"2026-03-06T11:55:01.489296Z","times_seen":4296,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7545d1da7159ca66338b4c84b69f8ae4","sha1":"0858800340ee5b8c413a1aabc50fb28d0bdf89db","sha256":"7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81","sha512":"dbd944acd2868ed6eb1de313c0efe7590f715129f7ca5a9ae5a3dfb9de0035612a248441d9e6c4c1812d8ec4b3de7cd2a5973c4c71887361a2276de1d73fab94","ssdeep":"","tlshash":"af8000088820202a20be0a0e02a3e232220e3022a0020220000f0280380020bb302880","size":26,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-03-06T11:55:01.488245Z","times_seen":22614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T11:34:37.147206Z","times_seen":66161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/5c7312117d6943328db6a6d0ac0e2904.js?ver=e2904","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2259dd51e76f59942db58c28d78df953","sha1":"ebb7d697a47dd800d2afe85076768b0522f0ba5d","sha256":"e9829d47f0b9b59e4a483ba6a4bceef4c48e598f29e4cb88d00d669a0334c26c","sha512":"64ef715f0039a053ee56d8c0a2adf6869702adc05e1d7cb149f0edf137d6007b321fb0c35dec68eb6961c5158b1f22ea67d102b5753d877765afb9d4847cd065","ssdeep":"96:2Y3L2JhDVIuk3GouQGth2/QAX2xhXVIGQzugugqth2/r:p3L2JhDVIuA/u9h2/bX2xhXVIGQfuthw","tlshash":"3dc15b4937007bba11ba9df791fd41c76f13571be94c9c33e868898786e0a020e5eac7","size":5975,"data":"","first_seen":"2025-11-08T23:19:40.907018Z","last_seen":"2025-11-22T18:17:28.134439Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"41310478a380eaf7e07dbad9b4f81a97","sha1":"1714b6ef86e90b5b23e2aaa1e7728ed9c59f4d34","sha256":"848e5342d9196c0f64861ab926a3c5aecce9294750febbd22e5d8df859bdb144","sha512":"7b93f330547524ce01b8f888a8d56c19cd4432fbee43db16aab33fc1aecd77243762c5e7dd5ce767e38c0fdf9d58bc629caf106d77689c1ef90ebeb09406580e","ssdeep":"","tlshash":"d37000000000000b203c00020a023a003003003000880800820808302ae800b802c0a0","size":23,"data":"","first_seen":"2024-02-12T20:00:21Z","last_seen":"2026-03-06T11:55:01.500018Z","times_seen":19951,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad81beb0a28e87fe3ce3742823d264a8","sha1":"f0aa1a71cc5d0b2b40e1b009486fc627f7703878","sha256":"10531cb9ccd59383133c85843a19c55ba0a27d1a2eb912628e9bd7f68b479aa5","sha512":"ed7834311ae7828b03aa5a7411e9f4bbf5066879ee89fe01f83fa28d1a299733d0a81eea1cc4ab97477bf80c13c5ecf94e398d95c3bd3a2911d480b651c6fb78","ssdeep":"","tlshash":"9131ee7df5291636095661fde399e341a030f0dadc428424efb5cc5ea8cce9548abdf2","size":1717,"data":"","first_seen":"2025-07-25T05:28:04.194173Z","last_seen":"2026-04-04T11:18:47.814451Z","times_seen":10949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/0b6421ed4a8ef7cdea8ecb2fe2ef442f.js?ver=f442f","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"360f7ab40d6d40c257047df5d4feefb7","sha1":"ef79d680f3bcbb8f3ed19ddfaebf832645010c2b","sha256":"5b7b0a0d0730adffaa3bb4bc245961463dfe41a070fae7516fea629d4c487768","sha512":"be833e7b1ab1c181d6f968acb5ae79005633b9ec486ea2723afb5dfe67367b0f5d8865da00fd7de99e9f1f0102d6e01b595b4a9e3cd2a3d747f555b4f365effc","ssdeep":"","tlshash":"c651227f3220712eb05b6361982f225ee5334729e747000493a9f8f12d664aed257f96","size":3115,"data":"","first_seen":"2023-05-17T19:16:02Z","last_seen":"2025-11-22T18:17:28.137214Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js","fqdn":"ssl.p.jwpcdn.com","domain":"jwpcdn.com","tld":"com"},"ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3141cfbc04d2f12e7e4047ffd289780c","sha1":"8831b1b49d7e4a9d7ad0009d56183a6a37ace6ea","sha256":"f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8","sha512":"ed046dd3672d8660dc2b54cf0bde6e65b97eaf8e95a5ce7382fff7422f1d6b72ad6e550c4464d014a02b9423bcb0751592aa505bc23b4844b7b08a1ff02199e8","ssdeep":"3072:vgu7Pz9hGlY4B+XVmnTJI6/82JhTCa8cHKSs0SMXgTraOg9dMCAq6wmmTq:YuH3cB+Fy5/82JheDMQTraTMZ3wmmTq","tlshash":"96641832214252355ada82da76514604b33a8085f516cfacff2ceddd4c6e9cb31fabb4","size":324591,"data":"","first_seen":"2023-05-26T21:39:22Z","last_seen":"2025-12-21T05:22:40.898481Z","times_seen":216,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cdn4ads.com/dfabric.min.css","fqdn":"www.cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"a06f6480a883949cb46e9564f483a3c0","sha1":"089e79580b048c467d397e4262f5ee34814f42e7","sha256":"0248b225235b66e303a69b85558f36cf9a70c504f25de3b4b4ca8260d4a5c520","sha512":"96482a296482d8d8e81b1f97a02ac397c4aa91b9bb43fe5e37666cabcd03852af6e14c79a81b194177c458e40cd61627d7e5935d931a2a45eb9d27da5ed2ec89","ssdeep":"768:bt9rqAYKK+ZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigCblqCntlqod:bb1ZzFQ9JsTgZvfzmMzhYrTscpxZw","tlshash":"15133aaab286282601e742b9503eb317b23305167912d458fcb9cdf96e3dd86117b7fc","size":41922,"data":"","first_seen":"2025-11-08T23:19:40.899569Z","last_seen":"2025-11-09T14:50:42.249226Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/embed/0/0/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4bd7e8abf83f4b9e3953156b7fc6f087","sha1":"0cf83f5e65e7c124779413eff569ab00aeb5b8ae","sha256":"be73f1af41b0722be15beec14d844453e37c2d95e6a38a3b02badf6ba26057f2","sha512":"c3e72dfd1a09f7803e3b206753e7b829b8b7ec7a5a6c3fd490e24a45522119f04bf55640dc55b368ee467524554f3ba3b9fa773349d565120265f6129d0e3eee","ssdeep":"","tlshash":"a151747bb7f6702540673176886a6084387e9563bd0b8cd07c4dce649f38c3849b7d68","size":2503,"data":"","first_seen":"2025-11-09T14:50:42.238433Z","last_seen":"2025-11-09T14:50:42.238433Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7a837a4ba8ea13b8193945adf0261e19","sha1":"61428cd720ebc0f01c4c017204c313193c22c101","sha256":"28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e","sha512":"abe0e46d98027527a7d2567c4feaece7ad3c1ec94eed8fea59b9eec596cdd4fa39e7776e9dbc4dd6fe777d9b09300d45ba2a49fc9479e0acbdea92ebf5ef940f","ssdeep":"","tlshash":"516000000003c03300300300030f33000030003000030000000c00303003c03c0030c3","size":14,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-04-04T11:33:28.138425Z","times_seen":23237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"hitode.xyz/index.php?rest_route=/wp-statistics/v2/hit","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"POST /index.php?rest_route=/wp-statistics/v2/hit HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 155\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.26\r\nx-dns-prefetch-control: on\r\ncontent-type: application/json; charset=UTF-8\r\nx-robots-tag: noindex\r\nlink: \u003chttps://hitode.xyz/index.php?rest_route=/\u003e; rel=\"https://api.w.org/\"\r\nx-content-type-options: nosniff\r\naccess-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link\r\naccess-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type\r\nallow: POST\r\naccess-control-allow-origin: https://hitode.xyz\r\naccess-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\nx-litespeed-cache-control: no-cache\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":15,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"28ec1eee5f4049e3c4f2135069c1d2c8","sha1":"3505519507ca1c2a089c46e100b80408ca278421","sha256":"edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b","sha512":"f71618e40ebaa14ab6d523a2341258c0da264b545388f8fffd14c31c64b35f94b21eb633316c4d77afcd864aade1db588ef6387ee0c4787e6f7770db0abc1183","ssdeep":"","tlshash":"f06000020000002088800a000220aa302a200a20080a0080000c30200020080800a002","first_seen":"2023-04-06T19:00:00Z","last_seen":"2026-04-04T11:34:07.084706Z","times_seen":8969,"resource_available":true,"data":null}},"time_used":1067,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":1064,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js","fqdn":"ssl.p.jwpcdn.com","domain":"jwpcdn.com","tld":"com"},"ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","date":"2025-11-09T14:50:10.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jwplayer.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 05 May 2025 18:19:12 GMT","end":"Sat, 06 Jun 2026 18:19:11 GMT"},"fingerprint":{"sha1":"F1:90:E6:09:04:E3:35:FC:0D:3C:D3:A8:A5:9C:2D:F8:BA:F6:B7:98","sha256":"F1:76:6A:8D:CB:F1:B8:39:85:28:98:4C:E9:01:C8:1C:86:9C:37:93:39:C9:93:42:89:33:29:8A:C1:56:7D:1C"}}},"request":{"raw":"GET /player/v/8.27.1/provider.hlsjs.js HTTP/1.1\r\nHost: ssl.p.jwpcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=31536000, immutable\r\nlast-modified: Mon, 22 May 2023 06:27:32 GMT\r\netag: \"4f4459c52455c57a5490992cac29595d\"\r\ncontent-type: application/javascript\r\nserver: AmazonS3\r\nfastly-restarts: 1\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\nage: 1569827\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nx-served-by: cache-lga21960-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1230, 0\r\nx-timer: S1762699810.484079,VS0,VE1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-length: 116717\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":422237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"4f4459c52455c57a5490992cac29595d","sha1":"55790ba8e788ff62ddb68f640246acda2cdb4397","sha256":"5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd","sha512":"1fef48a4b99846bd2fa0cfb9a64a9a32e0a4b50e277d59ef50e3f0158cbad9a5a356b49398a68733379fb83576cec13f259f5b2e690f3af2ea0022c2891a5497","ssdeep":"6144:yCQemC8LqtKL7uGlLKaEt/GDq2/ZaxB2KlqJxRC9i5a9GYq+:iMKOGlLKBt6qpLqJxRC/","tlshash":"bd943bed7795a02642c2a1a5903f4617633b7d0a3409c1bcfa2be9d75db8849b03bf74","first_seen":"2023-05-26T21:39:22Z","last_seen":"2025-12-21T05:22:40.894307Z","times_seen":215,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/css/a4294d0ecc18cb030c2a2739c08073ea.css?ver=dc7af","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:07.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/css/a4294d0ecc18cb030c2a2739c08073ea.css?ver=dc7af HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Nov 2025 13:06:47 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 49830\r\ndate: Sun, 09 Nov 2025 14:50:07 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":327972,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55654)","md5":"a4294d0ecc18cb030c2a2739c08073ea","sha1":"7967112f26a61beec7c6798f91e2b15e36c36ccc","sha256":"88cc03356f14e483f9886525538af8eda8ec84a5e0a4e056850d708fcb46c1f0","sha512":"e9156b843db6452df42a18003e900b818602316bb0337798af0f5af89c289fb9e0c18305035aa8646c9ba88f20063e33c37074cda5ca3bcbd17a910c6cccf3b2","ssdeep":"6144:Q1iQg5MG7x+qehvP0x2pck2lAkBMl09cGGFwZuH:Q1iQg5MG7x+qehvP0x2pck2l9BMO9cGM","tlshash":"646462a092a829f43337c16bef88b3ac5562f725c5450de5f06bc91c5ac96840de3f6e","first_seen":"2025-11-09T14:50:42.216248Z","last_seen":"2025-11-22T18:17:28.132509Z","times_seen":2,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/d23b7e6f378cb57dc46c3a8d6cd46b1a.js?ver=46b1a","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/d23b7e6f378cb57dc46c3a8d6cd46b1a.js?ver=46b1a HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4680\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"47a628aef2f254c32c3b5878700a42ce","sha1":"43814a498670a432b6a73cc80e67bdc738313ea2","sha256":"ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713","sha512":"2dad1648412fe67306b86320bc4ba90a681086b4e799528ea9783157fdc1fda64dede2e9e7958d0973156ed3d9084034422ed9c4794bedb5c7b8151917540671","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORl:5rprxaefKI0LP19m4q1WW+h4Mjw","tlshash":"5e52c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-08-09T06:09:09Z","last_seen":"2026-04-04T11:40:27.296956Z","times_seen":9734,"resource_available":true,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/5dd951d02993da36099fc496c9717501.js?ver=17501","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/5dd951d02993da36099fc496c9717501.js?ver=17501 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 201\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":420,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"3a97d6491ea7bef88b7be7f868d86b9b","sha1":"f37977de04b86eff4a562b1e6742aacb8f82cd64","sha256":"5221f5cc48af170d59c6bfad2b99071d0910d0076d53d3088b904cfe60d72cec","sha512":"65732a66922ee8ce35d7556d8406cf37b7a74d020acaba6ec9bfebd68ff21a4888e8d0f04e37d9ad8463cfb7fd1c1aa987ef971aba919108b8b98951cef6101c","ssdeep":"","tlshash":"8fe02babb50685b900da72337adf278e36791693ac16584159188c80ba39cd66026de5","first_seen":"2023-03-07T13:10:56Z","last_seen":"2026-04-04T09:08:44.266669Z","times_seen":613,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/8a6211d87582e1faa6fb92ac5c8f1d05.js?ver=f1d05","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/8a6211d87582e1faa6fb92ac5c8f1d05.js?ver=f1d05 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1020\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5027,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1077)","md5":"6f297b5d094c0273f697ad032f6200ad","sha1":"99cfd4ff1a094f0b1c959f0d07f9c1d5268ff8ae","sha256":"9ba537499778d2e6242e0696dcf2778fde36a5618e5c9e9f61e2af3a6cb6a0dc","sha512":"d93162bc91e508a1e65fd30f8354b066a3c6c1a4bbbc0192edf40693c12edc3dc8f886fe983bca3f9954348fc0d1efacd4aec2d1ef62b6b9f111f73239441cbb","ssdeep":"96:lhWWQu/8fY656ti6zGYipxh8Xju5quscWGyz/SsS3:lhWWQu/8fY656ti6zGYipxh8zu5qusUL","tlshash":"6ca1231a717073f101ef40f990ee61c87f270e66e6099cb3a0b885954e69f431e97ade","first_seen":"2025-11-08T23:19:40.911346Z","last_seen":"2025-11-22T18:17:28.135957Z","times_seen":3,"resource_available":true,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.5972689591797364\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","date":"2025-11-09T14:50:10.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 12:29:00 GMT","end":"Sat, 10 Jan 2026 13:27:25 GMT"},"fingerprint":{"sha1":"2D:85:E1:CC:5C:69:E9:00:F0:2A:D7:4D:EC:27:FD:E4:0E:99:3F:1F","sha256":"FF:B8:FC:07:03:69:0B:74:AC:FD:81:98:21:29:56:B1:D8:28:5E:79:5B:0B:DF:E3:6B:94:DB:9F:B8:AF:5B:7F"}}},"request":{"raw":"POST /ut/hb.php?cb=0.5972689591797364\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 890\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ud275RsekaazhtmMk0XJMN9ivQHnAy9%2FAkb8wkp7xrwzYsF5suWea2JEkLJGAbmzLlZUN7JMH%2F2jlYcGNuKd9pKQXBljoVALosv%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99be1ef87efd56c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":37,"dns":20,"connect":1,"send":0,"wait":146,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4.adsco.re:2087/","fqdn":"4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":2087,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4.adsco.re:2087\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 09 Nov 2025 14:50:11 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET, HEAD, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Origin: https://hitode.xyz\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: private, max-age=5\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":97,"dns":1,"connect":30,"send":0,"wait":54,"receive":1,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6.adsco.re:2087/","fqdn":"6.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.42.28","port":2087,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6.adsco.re:2087\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\ncf-ray: 99be1efa78f50731-OSL\r\naccess-control-allow-origin: https://hitode.xyz\r\ncache-control: private, max-age=10\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 2592000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":2087\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":33,"dns":19,"connect":1,"send":0,"wait":27,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/0b6421ed4a8ef7cdea8ecb2fe2ef442f.js?ver=f442f","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/0b6421ed4a8ef7cdea8ecb2fe2ef442f.js?ver=f442f HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:36:25 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1134\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3115,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3113)","md5":"360f7ab40d6d40c257047df5d4feefb7","sha1":"ef79d680f3bcbb8f3ed19ddfaebf832645010c2b","sha256":"5b7b0a0d0730adffaa3bb4bc245961463dfe41a070fae7516fea629d4c487768","sha512":"be833e7b1ab1c181d6f968acb5ae79005633b9ec486ea2723afb5dfe67367b0f5d8865da00fd7de99e9f1f0102d6e01b595b4a9e3cd2a3d747f555b4f365effc","ssdeep":"","tlshash":"c651227f3220712eb05b6361982f225ee5334729e747000493a9f8f12d664aed257f96","first_seen":"2023-05-17T19:16:02Z","last_seen":"2025-11-22T18:17:28.137214Z","times_seen":7,"resource_available":true,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/2cdea05afd05ac948b23819600e073bd.js?ver=073bd","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/2cdea05afd05ac948b23819600e073bd.js?ver=073bd HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1387\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4284,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1105)","md5":"8d8c6f84a49fc3fd944d3a0a3245c4ee","sha1":"aa1bb220a8fa648cae4cbd537e60e36663e11b48","sha256":"8f9f20ef8adee632a8708d924c5d964b7ad0abdc6801f95abf330b5e82af6405","sha512":"eb97918d7c7236104deb1d31ccd75ca15b2e9246d3b509584b45956b275ec4b5f7c91c513c403a9333ff55e062ce2d10a4f26f591f70de5388d81bcd8ecc0eb4","ssdeep":"96:3MyYZS6xMyYFBjJSruLMKXJFRDOPtcDaJefUwD+fBHRByiP+onLJVuZ2nQaiDF:cZZS6xMymBjJSKLMKXJFRDOPtcDaJefd","tlshash":"bd91f346783f216506ea1077317beb8fbee0b1956395a000f56cc8fc7474ec8b06ad66","first_seen":"2025-11-08T23:19:40.909948Z","last_seen":"2025-11-22T18:17:28.134982Z","times_seen":3,"resource_available":true,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/domine/v25/L0x8DFMnlVwD4h3hu_qn.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/domine/v25/L0x8DFMnlVwD4h3hu_qn.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28224\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 17:36:30 GMT\r\nexpires: Fri, 06 Nov 2026 17:36:30 GMT\r\ncache-control: public, max-age=31536000\r\nage: 249219\r\nlast-modified: Wed, 10 Sep 2025 17:03:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28224,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28224, version 1.0","md5":"98b1ff0e04234acc3f97d3e0b543e633","sha1":"5e6367057781060180089aeb0684fb20b2d42bf5","sha256":"d0531fda200ea312e58435464c89a12f50ce52fff1961d8967df2db515f460cf","sha512":"2ca4ec408fad369c12630f6107ea4ef31ce69d471df5b87d8dff1a78cdd94e91256cfb285bc4d87a2a9e9365c865b3f29c2e2dc03c0b52eb3939085ae4916dc8","ssdeep":"768:LDdnZTRmxWPKzCQrG/kwNzfAI8xLNsjs26hiih8K+i:NnZTYoSzfMkjRxJsb6h3hlv","tlshash":"1fc2d041dc9791c5c510b05ad67e6b0b1e363e0d9097ba0ecad035a2f2e890603f7da9","first_seen":"2025-09-12T03:49:11.566583Z","last_seen":"2026-04-04T12:37:26.16454Z","times_seen":947,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":119,"dns":0,"connect":27,"send":0,"wait":28,"receive":29,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/themes/gridflex/assets/webfonts/fa-solid-900.woff2","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/themes/gridflex/assets/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/wp-content/litespeed/css/0099c74120c592f428e3ae04a6f1a93b.css?ver=1a93b\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Tue, 04 Nov 2025 17:08:19 GMT\r\naccept-ranges: bytes\r\ncontent-length: 157192\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":157192,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 157192, version 774.256","md5":"237f4a0afbdb652fb2330ee7e1567dd3","sha1":"69335cd6a6ac82253ea5545899cccde35af39131","sha256":"1f0189e087fcefbf654fad74a3a06668b782c01353a61d5c0b7f0bf23e33c020","sha512":"27e8e1f91507179c207f93a19485738ed5d372a977eb27d44a4ed163013097d38b117c7a5bf4336ecc9862ca514d78ffcd2b8a07e304bbfe1b2cce9c087baa38","ssdeep":"3072:Qeqp46DjdHdb7UT/IGFc27+78oGmfIXe0pGRDH9tQm1pbYqup:Q16n/IqpoG2IXZYTtxrbdO","tlshash":"5ce3125bf5e6dbe5525e6d64fb5478972b1030823ee11cf12ce2206eb889317399e08f","first_seen":"2024-07-18T18:39:32Z","last_seen":"2026-04-04T11:39:01.436012Z","times_seen":9668,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/avurcfzp2.js","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","date":"2025-11-09T14:50:10.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voodc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 23:12:02 GMT","end":"Sat, 24 Jan 2026 00:09:41 GMT"},"fingerprint":{"sha1":"F4:A1:67:36:9B:34:29:E8:22:8F:7C:55:2F:4A:A9:81:E8:65:EF:B3","sha256":"2D:71:49:67:10:84:6A:EB:F2:75:F8:AE:A9:C5:39:6C:DF:30:60:9C:E1:E1:2F:15:DF:27:0F:C5:A2:00:86:CD"}}},"request":{"raw":"GET /avurcfzp2.js HTTP/1.1\r\nHost: voodc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nx-powered-by: PHP/8.0.30\r\nstrict-transport-security: max-age=63072000\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AWOsznJ852yaNA52UaBM7FGdILnr1TqJqFZiePaboTHhslz%2BXFbv6Wg%2FAKNBRoJsZNggyosI9c090jB3LFq2XW3FlmpB6o%2BdNA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99be1ef5fa9a4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1896,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1895)","md5":"9973175c500e9bbf5b5f3d1c62b5c88e","sha1":"b730988f3a92f0d4c4db592a6918e3810d29dec7","sha256":"484c51a3adc1d8fbc348563e1224db8c50a92b9ba301393491bb2c4d7866d419","sha512":"4b33d8363c3ab3c09dfd463ce50de0cd909a05fc42170ce09d1b2ef1570755c919412a8857715e429d83755510d906316509fb73b6ca165f4e57f610546fdf79","ssdeep":"","tlshash":"8a4150fb7161719242d17467104b871e92f39d5f7aebf1e2b2a0a9832b912ddd043b88","first_seen":"2025-10-09T01:57:53.14817Z","last_seen":"2025-12-06T02:24:30.041798Z","times_seen":7,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/css/4c11246f2fbcf10121a11e3303bc222d.css?ver=c222d","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/css/4c11246f2fbcf10121a11e3303bc222d.css?ver=c222d HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14354\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":116328,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55654)","md5":"d0cb2a53625f20cb22d7ae2d18129847","sha1":"30e4b3e7f46956badb9ca6481e5c2363c46a78bd","sha256":"242eddaa92636d19d045d3b9098f529c63d3e24824253267ecaabd829c362644","sha512":"c9d1adcf7e0b3bbfd7e7e0f8a1d9a95bcea3f1e4b46d59135853e7f4455a6665b5562b2ceb3f5fbc6634b2a5caa0c652e31470ed2a28286cfbbcdc84d6624d06","ssdeep":"3072:PeeJu1iQg5MG7x+qehvP0x2pck2qkA3Pu:Q1iQg5MG7x+qehvP0x2pck2lA2","tlshash":"87b3615417b4dcf935ffa73a5e4ee248a503aa41c68a57ebe066d190618ca490cf3f0f","first_seen":"2025-07-16T05:23:56.480436Z","last_seen":"2026-04-04T03:43:01.513127Z","times_seen":2763,"resource_available":false,"data":null}},"time_used":454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":452,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.js","fqdn":"ssl.p.jwpcdn.com","domain":"jwpcdn.com","tld":"com"},"ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","date":"2025-11-09T14:50:10.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jwplayer.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 05 May 2025 18:19:12 GMT","end":"Sat, 06 Jun 2026 18:19:11 GMT"},"fingerprint":{"sha1":"F1:90:E6:09:04:E3:35:FC:0D:3C:D3:A8:A5:9C:2D:F8:BA:F6:B7:98","sha256":"F1:76:6A:8D:CB:F1:B8:39:85:28:98:4C:E9:01:C8:1C:86:9C:37:93:39:C9:93:42:89:33:29:8A:C1:56:7D:1C"}}},"request":{"raw":"GET /player/v/8.27.1/jwplayer.js HTTP/1.1\r\nHost: ssl.p.jwpcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=31536000, immutable\r\nlast-modified: Mon, 22 May 2023 06:27:30 GMT\r\netag: \"8dc1a43e7496a716635450fc7ca56ab0\"\r\ncontent-type: application/javascript\r\nserver: AmazonS3\r\nfastly-restarts: 1\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\nage: 4611766\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nx-served-by: cache-lga21962-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 56, 0\r\nx-timer: S1762699810.351519,VS0,VE1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-length: 39189\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":109839,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65144)","md5":"8dc1a43e7496a716635450fc7ca56ab0","sha1":"6f69857c57abb54cef15aa5d23cd3536f8a91719","sha256":"2329405419376039c00d692be914a5a01ac07a0a1e6ae84b7ba3ac06c9dafce2","sha512":"fa6982215cb191c40153d903d4621ea6ca5f22d8d7d01f8c58fb84434f59ec643267d760f6116066034d5e469d1a516f8d4d8ceaa5759f3737fd185a0b9087e6","ssdeep":"1536:v+rFRlUeyQTCcKxTqkk1QYYKDjAPkMUtbKSrvo1gBiSo2Wz1x5v/Q7ECorQMw5GX:vDQGTC1zawoiiBQMw5GX","tlshash":"36b319e531c2b4e603e628daa07a4041f23a0945380dd5a4fa6cede63d67947b177fbc","first_seen":"2023-07-11T16:56:50Z","last_seen":"2026-04-01T01:55:58.778584Z","times_seen":216,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":98,"dns":38,"connect":26,"send":0,"wait":29,"receive":13,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adsco.re/p","fqdn":"adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:11.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"POST /p HTTP/1.1\r\nHost: adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 6305\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 09 Nov 2025 14:50:11 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAS-P-1: OK lon123\r\nAS-P-2: OK\r\nAS-P-3: OK\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: no-transform\r\nAccept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\nAccess-Control-Allow-Origin: https://hitode.xyz\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (1212), with no line terminators","md5":"90662f45ab96d2ce0ab8579c1dfbc497","sha1":"a503a13841fdb964e97f2480b8edd4fd292164f2","sha256":"1b75a4b569402d4e905f8f0e0e43e62768aa53c86aa490520e7d10f1ea5859d9","sha512":"2ce1567f10a5ea8c4742a953d0a2e42aa1dbae4ba6ff10ded751d4d94389699f4f07d42dd3129b826561c07eb8f89e1103e2c894c637c26506d8c54eeae31009","ssdeep":"","tlshash":"c421ba306115dd71bb986fb6111a25f778a9105dc7789271b1b3f00d8c4297951add07","first_seen":"2025-11-09T14:50:42.236685Z","last_seen":"2025-11-09T14:50:42.236685Z","times_seen":1,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":87,"dns":1,"connect":27,"send":0,"wait":101,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4.adsco.re/","fqdn":"4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 09 Nov 2025 14:50:11 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET, HEAD, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Origin: https://hitode.xyz\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: private, max-age=5\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":95,"dns":1,"connect":28,"send":0,"wait":36,"receive":20,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/embed/0/0/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voodc.com/embed/85818c93a290a18a847a85979f8d98878b.html","date":"2025-11-09T14:50:10.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voodc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 23:12:02 GMT","end":"Sat, 24 Jan 2026 00:09:41 GMT"},"fingerprint":{"sha1":"F4:A1:67:36:9B:34:29:E8:22:8F:7C:55:2F:4A:A9:81:E8:65:EF:B3","sha256":"2D:71:49:67:10:84:6A:EB:F2:75:F8:AE:A9:C5:39:6C:DF:30:60:9C:E1:E1:2F:15:DF:27:0F:C5:A2:00:86:CD"}}},"request":{"raw":"GET /embed/0/0/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_ HTTP/1.1\r\nHost: voodc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voodc.com/embed/85818c93a290a18a847a85979f8d98878b.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nx-powered-by: PHP/8.0.30\r\nstrict-transport-security: max-age=63072000\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sJJKDmfKHRI9yu5J5U2vkE0EGbNuxXgDF%2FkkXsxYhdOyNPO2RrJgE2zIYBpPxQ%2F6ddx5kHB4trNmby32aEJ%2BsbMWIv1J%2BlMOQA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99be1ef49eba4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2503,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (306)","md5":"4bd7e8abf83f4b9e3953156b7fc6f087","sha1":"0cf83f5e65e7c124779413eff569ab00aeb5b8ae","sha256":"be73f1af41b0722be15beec14d844453e37c2d95e6a38a3b02badf6ba26057f2","sha512":"c3e72dfd1a09f7803e3b206753e7b829b8b7ec7a5a6c3fd490e24a45522119f04bf55640dc55b368ee467524554f3ba3b9fa773349d565120265f6129d0e3eee","ssdeep":"","tlshash":"a151747bb7f6702540673176886a6084387e9563bd0b8cd07c4dce649f38c3849b7d68","first_seen":"2025-11-09T14:50:42.238433Z","last_seen":"2025-11-09T14:50:42.238433Z","times_seen":1,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/domine/v25/L0x8DFMnlVwD4h3hu_qn.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/domine/v25/L0x8DFMnlVwD4h3hu_qn.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28224\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 17:36:30 GMT\r\nexpires: Fri, 06 Nov 2026 17:36:30 GMT\r\ncache-control: public, max-age=31536000\r\nage: 249219\r\nlast-modified: Wed, 10 Sep 2025 17:03:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28224,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28224, version 1.0","md5":"98b1ff0e04234acc3f97d3e0b543e633","sha1":"5e6367057781060180089aeb0684fb20b2d42bf5","sha256":"d0531fda200ea312e58435464c89a12f50ce52fff1961d8967df2db515f460cf","sha512":"2ca4ec408fad369c12630f6107ea4ef31ce69d471df5b87d8dff1a78cdd94e91256cfb285bc4d87a2a9e9365c865b3f29c2e2dc03c0b52eb3939085ae4916dc8","ssdeep":"768:LDdnZTRmxWPKzCQrG/kwNzfAI8xLNsjs26hiih8K+i:NnZTYoSzfMkjRxJsb6h3hlv","tlshash":"1fc2d041dc9791c5c510b05ad67e6b0b1e363e0d9097ba0ecad035a2f2e890603f7da9","first_seen":"2025-09-12T03:49:11.566583Z","last_seen":"2026-04-04T12:37:26.16454Z","times_seen":947,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":108,"dns":0,"connect":30,"send":0,"wait":61,"receive":16,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/embed/85818c93a290a18a847a85979f8d98878b.html","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voodc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 23:12:02 GMT","end":"Sat, 24 Jan 2026 00:09:41 GMT"},"fingerprint":{"sha1":"F4:A1:67:36:9B:34:29:E8:22:8F:7C:55:2F:4A:A9:81:E8:65:EF:B3","sha256":"2D:71:49:67:10:84:6A:EB:F2:75:F8:AE:A9:C5:39:6C:DF:30:60:9C:E1:E1:2F:15:DF:27:0F:C5:A2:00:86:CD"}}},"request":{"raw":"GET /embed/85818c93a290a18a847a85979f8d98878b.html HTTP/1.1\r\nHost: voodc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/8.0.30\r\nstrict-transport-security: max-age=63072000\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0zA4P%2B0Zem%2BKUqokXrWzwuL21u3cmbr9ycJ8s%2Bs2WWWKYkjdlG3Ca%2BrUHyQvhQvjGrXwLVHqZIGosryN3TS8B5btprOWYuk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 99be1ef34e3b56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.7.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"b398fea37b121f5d42d87a5533533d73","sha1":"4f95242380b52e67eaca2a3d4b0e76a05a60f6b8","sha256":"2e827c94b1499e4e361caf3d8c477ca1dae6b879ece9f7d0178676e10c8bbdf0","sha512":"9ce50ff2e4b839fdc37440a9a6fb0dbc1b9114ba12244c95ba5773268fa5216de597ec64abb02c3be32ce21f906e72c55959b80652999ff3977909f8b6773070","ssdeep":"","tlshash":"9d2196469d27114731178664abf4f21c323a7517b360cdc87aada474cf8cb88dc9b3a4","first_seen":"2025-11-09T14:50:42.239961Z","last_seen":"2025-11-09T14:50:42.239961Z","times_seen":1,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":55,"dns":21,"connect":1,"send":0,"wait":141,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"irk8waeqf7kb.l4.adsco.re/","fqdn":"irk8waeqf7kb.l4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"185.200.118.62","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.l4.adsco.re","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 09:14:30 GMT","end":"Sun, 14 Dec 2025 09:14:29 GMT"},"fingerprint":{"sha1":"AA:48:1D:E2:C4:73:88:D6:A0:D5:36:32:2B:EE:2F:67:01:C4:3D:23","sha256":"FC:04:34:8C:BD:15:93:CB:47:29:34:FA:05:BA:8C:F8:AE:96:33:7F:42:F2:72:62:C9:07:CC:D2:57:B3:1D:27"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: irk8waeqf7kb.l4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:11 GMT\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlast-modified: Fri, 02 Jun 2023 14:03:32 GMT\r\netag: \"6479f6b4-0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":152,"dns":62,"connect":24,"send":0,"wait":25,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","fqdn":"voodc.com","domain":"voodc.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://voodc.com/embed/85818c93a290a18a847a85979f8d98878b.html","date":"2025-11-09T14:50:10.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voodc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 23:12:02 GMT","end":"Sat, 24 Jan 2026 00:09:41 GMT"},"fingerprint":{"sha1":"F4:A1:67:36:9B:34:29:E8:22:8F:7C:55:2F:4A:A9:81:E8:65:EF:B3","sha256":"2D:71:49:67:10:84:6A:EB:F2:75:F8:AE:A9:C5:39:6C:DF:30:60:9C:E1:E1:2F:15:DF:27:0F:C5:A2:00:86:CD"}}},"request":{"raw":"GET /player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6 HTTP/1.1\r\nHost: voodc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voodc.com/embed/85818c93a290a18a847a85979f8d98878b.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nx-powered-by: PHP/8.0.30\r\nstrict-transport-security: max-age=63072000\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zz%2Fyu54OO2csah3DeGnR3ShnFR10uEfc4Y3II%2FOQ%2BGVe2wsA6ujafqh%2B%2Fq9aoPVixWLtcJYrepaKwCnG4jsbb0UOmVZO7Gm8WA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 99be1ef558ad4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"JW Player","description":"JW Player is a online video player with video engagement analytics, custom video player skins, and live video streaming capability.","website":"https://www.jwplayer.com","common_platform_enumeration":"","icon":"JW Player.svg","categories":["Video players"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":201985,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62109)","md5":"7f3df23fb13a62a6fabdd30284467ce1","sha1":"63abbd49843850b12fbb315519cc5704eb42ef16","sha256":"05ef88afcb29a0c24364a75e9e7f1a11acc7e83cf5f88990bea9f623ec92ffab","sha512":"f0204169194753ebdd5805622e7d5e4ef729a07b0c0d0fd1904be1a11b840088cf713531fead6dee8a5ef2651e8bc8bd2846f47b861dc33d9750619435b7f574","ssdeep":"3072:cTJjcWFGPSMZQ0iM2M2VVMF7qn5jzJZISjocDn3fw0ogdjvN3o8JxQ1cHvVNq:mu/iM2tV5jMSjT3fzoglN3o87Q1cPK","tlshash":"b2143c593393b2f677d6a0e55c2fa505b13250547809c428baecc4d1a9afece6237e3c","first_seen":"2025-11-09T14:50:42.241844Z","last_seen":"2025-11-09T14:50:42.241844Z","times_seen":1,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"irk8waeqf7kb.s4.adsco.re/","fqdn":"irk8waeqf7kb.s4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.929Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: irk8waeqf7kb.s4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":345,"connect":182,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/themes/gridflex/assets/webfonts/fa-solid-900.woff2","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:08.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/themes/gridflex/assets/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/wp-content/litespeed/css/a4294d0ecc18cb030c2a2739c08073ea.css?ver=dc7af\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:08 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Tue, 04 Nov 2025 17:08:19 GMT\r\naccept-ranges: bytes\r\ncontent-length: 157192\r\ndate: Sun, 09 Nov 2025 14:50:08 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":49046,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 157192, version 774.256","md5":"a9d14eeaa5f25b603b04a71dd4353f92","sha1":"3a1e847a75d074603bb625734500ab75642384bb","sha256":"1eb4e079bc431c60a45632e338cd075cdc1a0844d11271ed8785c0b1ee4d9ce8","sha512":"8214a8ece8023a7219606ea0b408205e6cb22d2fa9cee688642bc620b0d6f4d560015d45aeffe1c95aa2f038b64376a30b46631fdfa470108c9b0941d828017e","ssdeep":"768:mm1pN7Ujhneqia3/UyqPC17SnAe1UH+UCaPRtN7qgPOq9rNnpO7QttfPXUuS/In:XNojheqiS/UDPC1JwUeU3Rt9LvpdjXUq","tlshash":"3923f14bd8b6fafd944d8644fb41246b270510607bc61cea68bb401ed824b3e765e19f","first_seen":"2025-11-09T14:50:42.243808Z","last_seen":"2025-11-09T14:50:42.243808Z","times_seen":1,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/uploads/2025/10/cropped-491-4918899_green-star-clipart-png-green-star-clip-art-192x192.png","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/cropped-491-4918899_green-star-clipart-png-green-star-clip-art-192x192.png HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 20:53:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2336\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2336,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"d262fede28b389d82c1d4579d8d02ac2","sha1":"0601718c6693423bda0cb660f6df84bfb820f9fa","sha256":"7d11da683c2b6447be7b6740f950b5fdd9ae46a938c7e7a1cffe85129d100003","sha512":"009f5aae512ccff2a058b1911c7d299de6a6d315ed1ea54e2a164a660e971f6abb28e53e8aea9482ce805a124f82691d97bde6f2204ea0a54a9cc5fbb6a36e95","ssdeep":"","tlshash":"3241098a322cf858e2138bec14297f8cf1e884c83a338a460714958b0a7974764939fe","first_seen":"2025-11-08T23:19:40.920378Z","last_seen":"2025-11-22T18:17:28.141461Z","times_seen":3,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-09T14:50:06.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /?p=1295 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.26\r\nx-dns-prefetch-control: on\r\ncontent-type: text/html; charset=UTF-8\r\nlink: \u003chttps://hitode.xyz/index.php?rest_route=/\u003e; rel=\"https://api.w.org/\", \u003chttps://hitode.xyz/index.php?rest_route=/wp/v2/posts/1295\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://hitode.xyz/?p=1295\u003e; rel=shortlink\r\netag: \"7457-1762698871;br\"\r\nx-litespeed-cache: hit\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10242\r\ndate: Sun, 09 Nov 2025 14:50:07 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":44705,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (25086)","md5":"bbfc1e545fb6e613a690c77b31e71916","sha1":"f34d25bc13086facdbc3d0e678521b88bbdacc60","sha256":"7473336c4d58a4ff87b1448176a459a8b100e8116195073c1d2ddcd4830cb6d9","sha512":"7ce544d96cebede9152db1fa88a248c76b3ec934f84aefa8448ae46f4e2fede9ac8b11dfa31f891d058e3cf5f7e9424f6981bb9d9e739cbf6465c33aed026505","ssdeep":"768:7DYZdapzA1nCjhR29YFts/Sn1p7ryPRoxEpi57i2229YFts/Sn1p7EP9:7DQapc1CjhR2otrrcRoxEpi57i222otA","tlshash":"2813e731b06065763a2fa2f8c0ab73097535b116c8074971f5f8e5d8aab8cf60963e6d","first_seen":"2025-11-09T14:50:42.246822Z","last_seen":"2025-11-09T14:50:42.246822Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1006,"timings":{"blocked":421,"dns":87,"connect":162,"send":0,"wait":162,"receive":1,"ssl":169},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/plugins/litespeed-cache/guest.vary.php","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:08.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hitode.xyz/?p=1295\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.26\r\nx-robots-tag: noindex\r\nx-litespeed-cache-control: no-cache\r\nset-cookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f; expires=Tue, 11 Nov 2025 14:50:08 GMT; Max-Age=172800; path=/; secure; HttpOnly\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 20\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 09 Nov 2025 14:50:08 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"e2bb2c7e02e214822b4ffffc314ca27e","sha1":"2d193e2847595361f1b0ce151dfd28c2f855c510","sha256":"76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb","sha512":"acd30fcff40e16a4a59148b85a496dad9946906d3e1c998d9b6fbfc8f8474a828489e9f129eb20f3c3588b3fc55cb3f146c1c457a2f4d51d2dc115ef88d044f8","ssdeep":"","tlshash":"92600000220c820202200880b080000000800822888a80e08000000080008800002a22","first_seen":"2023-04-05T13:39:14Z","last_seen":"2026-04-04T11:54:08.202642Z","times_seen":9269,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cdn4ads.com/dfabric.min.css","fqdn":"www.cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1037973644.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Sep 2025 10:34:12 GMT","end":"Tue, 02 Dec 2025 10:34:11 GMT"},"fingerprint":{"sha1":"5E:92:6D:1B:67:C5:DE:22:D3:E2:A7:96:AC:93:64:66:73:8D:00:93","sha256":"36:2E:B5:0F:55:E4:8E:AF:F3:BB:D8:AB:FC:72:BF:79:40:98:8A:09:89:93:56:BC:A9:DE:63:81:85:2C:9B:BE"}}},"request":{"raw":"GET /dfabric.min.css HTTP/1.1\r\nHost: www.cdn4ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\ncontent-type: application/x-javascript\r\npopads-node: wb8\r\nexpires: Tue, 11 Nov 2025 16:55:32 GMT\r\naccess-control-allow-origin: https://hitode.xyz\r\nlink: \u003chttps://cdn4ads.com/\u003e;rel=preconnect\r\ncache-control: public, max-age=604800\r\nx-77-nzt: EwgBX63NDQFBDAG5TAoTAffqTgYADAElE8I0AbczKwAA\r\nx-77-nzt-ray: 2a494a156d0046d146aa10693fc3a02a\r\nx-77-cache: HIT\r\nx-77-age: 413418\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":41922,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1568)","md5":"a06f6480a883949cb46e9564f483a3c0","sha1":"089e79580b048c467d397e4262f5ee34814f42e7","sha256":"0248b225235b66e303a69b85558f36cf9a70c504f25de3b4b4ca8260d4a5c520","sha512":"96482a296482d8d8e81b1f97a02ac397c4aa91b9bb43fe5e37666cabcd03852af6e14c79a81b194177c458e40cd61627d7e5935d931a2a45eb9d27da5ed2ec89","ssdeep":"768:bt9rqAYKK+ZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigCblqCntlqod:bb1ZzFQ9JsTgZvfzmMzhYrTscpxZw","tlshash":"15133aaab286282601e742b9503eb317b23305167912d458fcb9cdf96e3dd86117b7fc","first_seen":"2025-11-08T23:19:40.899569Z","last_seen":"2025-11-09T14:50:42.249226Z","times_seen":2,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":13,"dns":1,"connect":1,"send":0,"wait":24,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6.adsco.re/","fqdn":"6.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.42.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\ncf-ray: 99be1efa78950b3d-OSL\r\naccess-control-allow-origin: https://hitode.xyz\r\ncache-control: private, max-age=10\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 2592000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":32,"dns":20,"connect":1,"send":0,"wait":21,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/css/0099c74120c592f428e3ae04a6f1a93b.css?ver=1a93b","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/css/0099c74120c592f428e3ae04a6f1a93b.css?ver=1a93b HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 21853\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":97338,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58966)","md5":"5d630f0f8b463786c00226552e352b02","sha1":"f353e5707cfc4826edc1fbf778050a954604be99","sha256":"ac5a35fcc3040778ee3950391dffd12c90560ed4cbfcb0b0b2347637c74c11e7","sha512":"984514051d43bced35541e823329b64677cbe7d2a9222a22539f0862c0b05da09cedbb404c4d27ba15202eda7b4aa4890fb9fd03e33595d0fc9867d6e4ef5614","ssdeep":"1536:E6M1MvMaMfMRQk709/bQZMfjSFOlyPG9PXgRw0F:H709/UGGFwyPG9PwRw0F","tlshash":"e59374f8e44c05d97732c44bab55b37c65b6f738d9810ca9f02f590c29d26a822caf79","first_seen":"2025-11-08T23:19:40.90211Z","last_seen":"2025-11-22T18:17:28.14046Z","times_seen":3,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":452,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/5c7312117d6943328db6a6d0ac0e2904.js?ver=e2904","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/5c7312117d6943328db6a6d0ac0e2904.js?ver=e2904 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 846\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5975,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (986)","md5":"2259dd51e76f59942db58c28d78df953","sha1":"ebb7d697a47dd800d2afe85076768b0522f0ba5d","sha256":"e9829d47f0b9b59e4a483ba6a4bceef4c48e598f29e4cb88d00d669a0334c26c","sha512":"64ef715f0039a053ee56d8c0a2adf6869702adc05e1d7cb149f0edf137d6007b321fb0c35dec68eb6961c5158b1f22ea67d102b5753d877765afb9d4847cd065","ssdeep":"96:2Y3L2JhDVIuk3GouQGth2/QAX2xhXVIGQzugugqth2/r:p3L2JhDVIuA/u9h2/bX2xhXVIGQfuthw","tlshash":"3dc15b4937007bba11ba9df791fd41c76f13571be94c9c33e868898786e0a020e5eac7","first_seen":"2025-11-08T23:19:40.907018Z","last_seen":"2025-11-22T18:17:28.134439Z","times_seen":3,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":622,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/frankruhllibre/v23/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4briiY6hBg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/frankruhllibre/v23/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4briiY6hBg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 44260\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 07 Nov 2025 19:04:40 GMT\r\nexpires: Sat, 07 Nov 2026 19:04:40 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 19:04:32 GMT\r\ncontent-type: font/woff2\r\nage: 157529\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44260,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 44260, version 1.0","md5":"def5a63bcfb21f853bfadc8fa2402e5c","sha1":"f705e727782014e59bd051ce9d9e62e449136d0f","sha256":"dd7ba212ad845e5d7c8fcffcddaf126909691e6ae4dfb64579930f2dc752a50e","sha512":"3629364eb053943c8e1c858306a0819b99d5f9082bc22aaeee4de6f89ea5c903ed3036a62c63443147b4ac3b41360fef85a72a55080a46c76dc59ab335508997","ssdeep":"768:5t8F7Bv0rsHTIRRkiTCukRwASXjWxeMrTBOetm4FMly5WgFrSfP20McR:5izGsHkjNC5RwASXKlrTBOVPoWK+fu0D","tlshash":"4513f1b469f0b8e0e617ae6035b7c6bbca602be7d261ddaf6520243f40c978047505e6","first_seen":"2025-09-10T22:33:05.137506Z","last_seen":"2026-04-04T12:24:54.83617Z","times_seen":690,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":143,"dns":4,"connect":30,"send":0,"wait":56,"receive":17,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/css/f832a8bd6fd18bc56ede3aac792f4386.css?ver=f4386","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/css/f832a8bd6fd18bc56ede3aac792f4386.css?ver=f4386 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 13953\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":114306,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1975f0868214f80d0882626871c4670d","sha1":"d63014520f13575608d8489982c3d12e9a1b0797","sha256":"8b9bc5a9b5b179509b6f72b358df1069cf3d5459cf9d738beb9fb14099010b0d","sha512":"4a49be3aaf1089075d515dcdd3b54af9789147b5b7a7717de1c3725c5460463831e536622501a40c74b6bcc2e0c686d29205ec52018eb3bf1b8c12bd2dc7fd41","ssdeep":"1536:9bPPWZ3Qkt5SdASow4vEhYjY+YvYpY9YHHY2yYH5YnBl2HZfl/5WOXc4tj:BBM5","tlshash":"79b3957264f03778611b80f6ead4b5cd4e138252e6061df6b8e69e24cb826c50db3bdd","first_seen":"2025-11-08T23:19:40.918452Z","last_seen":"2025-11-22T18:17:28.138221Z","times_seen":3,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":453,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn4ads.com/mypyyfamti?cPivZVOK=BQOCAAAAAAAACZUAAun9MxME_Q9bRUl2uHGnIsVhZaIYAUBNGF_5IDZEQximY4ikcqxAKU0tHbTG3bUMBw0wmC265tI_gJMIGajnec0gcgMNrBAaRnWBnmw1axImzqxzufIjk9lVOqkb-dlac8P-8uwcOW_T3o9KybdZMIIiKUZyUQ5XB5K5GYA8BEP_AbI-qQUs42fS9oSvWvxsiENwRxfxOkju-oh36UUaHNv7FxoNJVanGu15z_hsBJTL6rUx399WGzUN5yyB5BDqXb6fpfN4qCMh57sc0k3TkiJ3gGQHkmb2-dXidPJx46hgmcLP7QTXYqjWTmryHB7AmHXWZ3GchDzLsmaxEdNF8GwY9p75v4QDOZ_JMq-DtoAAG2E3sIQMDtwlDFjPRtgx46OKYoAwGYrWtnNP0H4H_M_0wAAORuh8juu4QjHhu76mMCt9Vs-IkBTkG_wd7d2tLWTYXEgJb_0ycM4rR2tghcTUfuHVxUmN5vvcC46NT1A4Gr3UXfFWo4tRAlqw3VcCAzhoBA6HR68I5zsyuw8Yieb7wmnVqy33szpv1Fg1wSTTyUVaLh377jOIsnOC1Jbq0tjafIOLLbjF5TCXu-Id1eAjRVMMOjbYy-nqyC3pCR8b5klQUpSGykuxmqRI7elbtfF4TymROfu0vV83foUeTjnBUre9XIGNDkYWPpMt71v81l_UlgohKU-3cqfJmxQsELytT5gzOjwNmNL70OehjNj0zr--IQ8BfDWn7dXLlyJ88ZmwoD-PebOJBo0561gkzOM6l8W44MJ6oZQRISzcVDuRjBOdDJRu14CgkIrdTh2semCBHK0QWAftlCQ53J_12jSRtpZGDFXdN308S0LTCSlz_uTiL1EbgjvgQMYL-ZNzP2ngn9bL7nNwHY8PIbejjUSTK_Pz37tbOpsv8Yp9QK3CelDpnZTe0SpLx-RdnCJphLoEwcwmtTcyz6bvSlyASkpfhakNvbAICbELgkdkY4CGhNzfvWRLnBIeLt856nSezl78ZxHQf5-PSZgI45sOftjzO5tUnB9CiQZLGrqId4vZZnefqbuKVYRd0LFr7DMlWtypO35yJ67xqvFH9FVdrPJV05v6WcmallObsMupG-EuuzA7rAb3lep3XYkpz1CWhXN8Gn8CKaDyTKVbTLBmCEJJOEdab4jEaIGFpPFwWOfQqDYEbW1voIsUNW5rfv2U\u0026ldGkqFbX=4\u0026GLYTMdZB=5250473\u0026BzelNMvX=\u0026DXjMBZwp=0,0\u0026NIHsmgvL=\u0026NovWmwFg=\u0026MpcPHLWf=1280,1024,1,1280,1024,0","fqdn":"cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"216.59.63.128","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:11.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cdn4ads.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 04 Apr 2025 00:00:00 GMT","end":"Tue, 05 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:E8:5F:67:E6:26:22:D5:AD:B6:B6:67:7C:38:20:45:99:C6:B1:7F","sha256":"7B:DB:ED:86:83:B7:92:84:B5:0C:52:DE:81:DC:EB:28:C6:80:A9:EC:C7:FA:B5:BB:A7:55:6E:17:99:E5:84:B6"}}},"request":{"raw":"GET /mypyyfamti?cPivZVOK=BQOCAAAAAAAACZUAAun9MxME_Q9bRUl2uHGnIsVhZaIYAUBNGF_5IDZEQximY4ikcqxAKU0tHbTG3bUMBw0wmC265tI_gJMIGajnec0gcgMNrBAaRnWBnmw1axImzqxzufIjk9lVOqkb-dlac8P-8uwcOW_T3o9KybdZMIIiKUZyUQ5XB5K5GYA8BEP_AbI-qQUs42fS9oSvWvxsiENwRxfxOkju-oh36UUaHNv7FxoNJVanGu15z_hsBJTL6rUx399WGzUN5yyB5BDqXb6fpfN4qCMh57sc0k3TkiJ3gGQHkmb2-dXidPJx46hgmcLP7QTXYqjWTmryHB7AmHXWZ3GchDzLsmaxEdNF8GwY9p75v4QDOZ_JMq-DtoAAG2E3sIQMDtwlDFjPRtgx46OKYoAwGYrWtnNP0H4H_M_0wAAORuh8juu4QjHhu76mMCt9Vs-IkBTkG_wd7d2tLWTYXEgJb_0ycM4rR2tghcTUfuHVxUmN5vvcC46NT1A4Gr3UXfFWo4tRAlqw3VcCAzhoBA6HR68I5zsyuw8Yieb7wmnVqy33szpv1Fg1wSTTyUVaLh377jOIsnOC1Jbq0tjafIOLLbjF5TCXu-Id1eAjRVMMOjbYy-nqyC3pCR8b5klQUpSGykuxmqRI7elbtfF4TymROfu0vV83foUeTjnBUre9XIGNDkYWPpMt71v81l_UlgohKU-3cqfJmxQsELytT5gzOjwNmNL70OehjNj0zr--IQ8BfDWn7dXLlyJ88ZmwoD-PebOJBo0561gkzOM6l8W44MJ6oZQRISzcVDuRjBOdDJRu14CgkIrdTh2semCBHK0QWAftlCQ53J_12jSRtpZGDFXdN308S0LTCSlz_uTiL1EbgjvgQMYL-ZNzP2ngn9bL7nNwHY8PIbejjUSTK_Pz37tbOpsv8Yp9QK3CelDpnZTe0SpLx-RdnCJphLoEwcwmtTcyz6bvSlyASkpfhakNvbAICbELgkdkY4CGhNzfvWRLnBIeLt856nSezl78ZxHQf5-PSZgI45sOftjzO5tUnB9CiQZLGrqId4vZZnefqbuKVYRd0LFr7DMlWtypO35yJ67xqvFH9FVdrPJV05v6WcmallObsMupG-EuuzA7rAb3lep3XYkpz1CWhXN8Gn8CKaDyTKVbTLBmCEJJOEdab4jEaIGFpPFwWOfQqDYEbW1voIsUNW5rfv2U\u0026ldGkqFbX=4\u0026GLYTMdZB=5250473\u0026BzelNMvX=\u0026DXjMBZwp=0,0\u0026NIHsmgvL=\u0026NovWmwFg=\u0026MpcPHLWf=1280,1024,1,1280,1024,0 HTTP/1.1\r\nHost: cdn4ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\npopads-node: wb5\r\naccess-control-allow-origin: *\r\nasf: 9\r\npopads-ec: ASB\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-length: 44\r\ndate: Sun, 09 Nov 2025 14:50:12 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"d5f0a25e4d3522d56d48ce7bc3e518fb","sha1":"86794caff58f7fee6e684c2ba7195f970a8d6f4c","sha256":"9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5","sha512":"a3a81801f516a4eb11f00d6f56dab0ed4b8a79219e6b4f5436993479f09dae08f14cffbab3327ff66fb39201d8eba1153ae7114f7705a01cc6f0edf840ef1616","ssdeep":"","tlshash":"789002801814116115d1500b8d5159d01259b1a4540801324446ca502dc7883a415774","first_seen":"2023-03-07T01:17:45Z","last_seen":"2026-04-04T11:50:12.322008Z","times_seen":22760,"resource_available":true,"data":null}},"time_used":729,"timings":{"blocked":309,"dns":1,"connect":93,"send":0,"wait":111,"receive":0,"ssl":211},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.adsco.re/","fqdn":"c.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:08.240Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: c.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/uploads/2025/10/cropped-491-4918899_green-star-clipart-png-green-star-clip-art-32x32.png","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/cropped-491-4918899_green-star-clipart-png-green-star-clip-art-32x32.png HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 30 Oct 2025 20:53:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1008\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1008,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"9eb7f472d7528964d420c2583b54eb1e","sha1":"ce1b4f893ce557c546d0c676c3f176a2ba227c75","sha256":"2e5399350720e5e65a0df8545c9c08ba4eaefac3cf1cc33941799fb6e56a7b62","sha512":"c1796afd240a710e0bb5f7ae41ff46c1bce50c18ee6efadc44100f439e665610a491b8ce5d9b77f8d21fc78b14844a8373d79386311a24faf0c4fa51ec47b782","ssdeep":"","tlshash":"9c1181fca1a8465ac82037bc01103f0aebb7c4050d478e40bf30f21c0b0caad2863aeb","first_seen":"2025-11-08T23:19:40.917234Z","last_seen":"2025-11-22T18:17:28.139745Z","times_seen":3,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"c.adsco.re/#0.5317514004072024","fqdn":"c.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.43.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: c.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: text/html\r\ncontent-encoding: br\r\ncache-control: public, max-age=2678400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\npermissions-policy: ch-ua=(self \"https://adsco.re\"),ch-ua-mobile=(self \"https://adsco.re\"),ch-ua-full-version=(self \"https://adsco.re\"),ch-ua-platform=(self \"https://adsco.re\"),ch-ua-platform-version=(self \"https://adsco.re\"),ch-ua-arch=(self \"https://adsco.re\"),ch-ua-model=(self \"https://adsco.re\"),ch-device-memory=(self \"https://adsco.re\"),ch-downlink=(self \"https://adsco.re\"),ch-ect=(self \"https://adsco.re\"),ch-rtt=(self \"https://adsco.re\"),ch-width=(self \"https://adsco.re\"),ch-viewport-width=(self \"https://adsco.re\"),ch-dpr=(self \"https://adsco.re\")\r\nlink: \u003c//adsco.re/\u003e;crossorigin;rel=preconnect,\u003chttps://6.adsco.re/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://4.adsco.re/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://6.adsco.re:2087/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://4.adsco.re:2087/\u003e;rel=prefetch;crossorigin;as=fetch,\u003chttps://0.l.adsco.re/\u003e;rel=preconnect,\u003chttps://0.s.adsco.re/\u003e;rel=preconnect,\u003chttps://0.n.adsco.re/\u003e;rel=preconnect\r\nexpires: Wed, 10 Dec 2025 14:50:10 GMT\r\netag: W/\"LvTxXIbLQ/DvDiQbcP3Xkg==\"\r\nvary: accept-encoding\r\nage: 52729\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 99be1efa3ffbb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61289,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (2374)","md5":"2ef4f15c86cb43f0ef0e241b70fdd792","sha1":"4971749861cba038c2cd1dce3c68c28aed4676fd","sha256":"5c240a0fcfa70d0e87f614c22547e240fc1a17214a232b6d4272e4a4cd42d905","sha512":"97857fceb635a585da1def0b639726d2414b8ba2b62015deadabc2ad3e01be420adcc1bf9bc1508aed8fb0ac45036922aff198abde2a291ffc30a6269c2812e1","ssdeep":"1536:P/EE3nA5ePdB1tz9NSU3myQjyiw1snWlwj:3TnAQp7S4QHnWSj","tlshash":"bf533b797561203a82b228fe167f532170ba56906d46d0d2d3bdc9503c38e9b933bf9e","first_seen":"2025-11-08T22:28:35.654808Z","last_seen":"2025-11-11T20:29:54.277417Z","times_seen":150,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cdn4ads.com/dfabric.min.css","fqdn":"www.cdn4ads.com","domain":"cdn4ads.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:08.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1037973644.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Sep 2025 10:34:12 GMT","end":"Tue, 02 Dec 2025 10:34:11 GMT"},"fingerprint":{"sha1":"5E:92:6D:1B:67:C5:DE:22:D3:E2:A7:96:AC:93:64:66:73:8D:00:93","sha256":"36:2E:B5:0F:55:E4:8E:AF:F3:BB:D8:AB:FC:72:BF:79:40:98:8A:09:89:93:56:BC:A9:DE:63:81:85:2C:9B:BE"}}},"request":{"raw":"GET /dfabric.min.css HTTP/1.1\r\nHost: www.cdn4ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:08 GMT\r\ncontent-type: application/x-javascript\r\npopads-node: wb8\r\nexpires: Tue, 11 Nov 2025 16:55:32 GMT\r\naccess-control-allow-origin: https://hitode.xyz\r\nlink: \u003chttps://cdn4ads.com/\u003e;rel=preconnect\r\ncache-control: public, max-age=604800\r\nx-77-nzt: EwgBX63NDQFBDAG5TAoTAffpTgYADAElE8I0AbczKwAA\r\nx-77-nzt-ray: 2a494a152c3c08bf45aa1069f4ad0008\r\nx-77-cache: HIT\r\nx-77-age: 413417\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":41922,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1568)","md5":"a06f6480a883949cb46e9564f483a3c0","sha1":"089e79580b048c467d397e4262f5ee34814f42e7","sha256":"0248b225235b66e303a69b85558f36cf9a70c504f25de3b4b4ca8260d4a5c520","sha512":"96482a296482d8d8e81b1f97a02ac397c4aa91b9bb43fe5e37666cabcd03852af6e14c79a81b194177c458e40cd61627d7e5935d931a2a45eb9d27da5ed2ec89","ssdeep":"768:bt9rqAYKK+ZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigCblqCntlqod:bb1ZzFQ9JsTgZvfzmMzhYrTscpxZw","tlshash":"15133aaab286282601e742b9503eb317b23305167912d458fcb9cdf96e3dd86117b7fc","first_seen":"2025-11-08T23:19:40.899569Z","last_seen":"2025-11-09T14:50:42.249226Z","times_seen":2,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":45,"dns":32,"connect":1,"send":0,"wait":26,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/?p=1295","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-09T14:50:08.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /?p=1295 HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.26\r\nx-dns-prefetch-control: on\r\ncontent-type: text/html; charset=UTF-8\r\nlink: \u003chttps://hitode.xyz/index.php?rest_route=/\u003e; rel=\"https://api.w.org/\", \u003chttps://hitode.xyz/index.php?rest_route=/wp/v2/posts/1295\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://hitode.xyz/?p=1295\u003e; rel=shortlink\r\netag: \"7455-1762698845;br\"\r\nx-litespeed-cache: hit\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7426\r\ndate: Sun, 09 Nov 2025 14:50:08 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WordPress:6.8.3","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:8.3.26","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":27468,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9173)","md5":"4ee739cadf87545e2b91f3e8a5ece6e6","sha1":"8b936b5353704121c250593602a4ad8326584dfb","sha256":"624a5938f8e56935bfd7cf78f3edcae3141041c2d13110dcc566c80e0d998216","sha512":"cd92a9cf7ef32748905abe9b7a5233bbda5babe8ae0a4d449627eb34d769a15867b6bd78e86469dc4d6c345774628ed8c334b6099534eb853040136666c7617e","ssdeep":"768:7sUZdapzT53H+Yu1nCjhyoxEafGZqjIOghgN5tB:7s0apH53HM1CjhyoxEsaY3","tlshash":"efc2d872a47455b13a0fdbfcc0d0b36cb952e209ca0297b2f5f491989786df60ca7a4d","first_seen":"2025-11-09T14:50:42.264536Z","last_seen":"2025-11-09T14:50:42.264536Z","times_seen":1,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":326,"dns":4,"connect":162,"send":0,"wait":162,"receive":1,"ssl":167},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/css/02d46b47cdab5e5919df537b75e7197d.css?ver=7197d","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/css/02d46b47cdab5e5919df537b75e7197d.css?ver=7197d HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 0\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":453,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":453,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=7137382\u0026cbur=0.47746921228325223\u0026cbiframe=1\u0026cbWidth=0\u0026cbHeight=0\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fvoodc.com%2Fembed%2F85818c93a290a18a847a85979f8d98878b.html\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=qapdututycwyj.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1762699810508\u0026srs=ab1011ba0ca185496babff084e4f344e\u0026atv=63.0\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","date":"2025-11-09T14:50:10.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 20:14:35 GMT","end":"Tue, 06 Jan 2026 21:12:18 GMT"},"fingerprint":{"sha1":"7C:B6:62:0F:43:12:2D:86:DD:92:D1:44:95:36:24:C7:2F:BA:B0:B6","sha256":"06:21:18:21:3A:A8:90:A4:4D:D0:A6:7B:7B:C8:4A:3B:31:47:C3:5D:48:A5:94:AC:08:75:A0:A1:DF:D6:B9:3C"}}},"request":{"raw":"GET /script/suurl5.php?r=7137382\u0026cbur=0.47746921228325223\u0026cbiframe=1\u0026cbWidth=0\u0026cbHeight=0\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fvoodc.com%2Fembed%2F85818c93a290a18a847a85979f8d98878b.html\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=qapdututycwyj.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1762699810508\u0026srs=ab1011ba0ca185496babff084e4f344e\u0026atv=63.0\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://voodc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ucSDP1%2FCNiICPjzq1Q7Kv3%2Fyq8WzeOJ6%2BfbEfj1voN37YR8d7EBuIVh%2FeuAD3QlUJ26ZkJSA%2Bse5LoZx1c7FSmGHC3ftXzOB3rMIt7ArY8JJ\"}]}\r\ncf-ray: 99be1ef7fa880b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1030,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5378c8cee804cd01c46c543d1434883b","sha1":"1d2856f601995a8fe52cce6336b418fa879cf49b","sha256":"a95dae535988fac29027f86d4de18ecff0426c57e6c5259b34ce9fed88d22b61","sha512":"bae6aeeef65c286b95d7fdd21976ab3204e10bbdaa970bded92b1b5293df36deb9df433bfe12b065cb515f297fad2f98a46570cd6ae7d770cdd9e0be51814a05","ssdeep":"","tlshash":"b7117973c3fd1a2d795602f514fba16a3441359296e0b488834d1d1886fe9cc0d9f5b5","first_seen":"2025-11-09T14:50:42.267266Z","last_seen":"2025-11-09T14:50:42.267266Z","times_seen":1,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":42,"dns":20,"connect":1,"send":0,"wait":207,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-includes/js/jquery/jquery.min.js","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 17:14:23 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 29744\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-04T11:49:34.807477Z","times_seen":685180,"resource_available":true,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/6523d8b939159156e746e0239fb61e7a.js?ver=61e7a","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/6523d8b939159156e746e0239fb61e7a.js?ver=61e7a HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2670\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8967,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8965)","md5":"b1d790d533d8f1a81b64f2977cce0725","sha1":"cf6c1c721e4e56df5d0513c82aff246076fa663a","sha256":"8a05d50ec1d8c58b4ff51b5c1f8c91750ef7220bd5d888d88b00915e05cbc045","sha512":"621190896405e413f61f2009dec88969fbeb47178d6c90b902bf16705561bf185c9f3862ad392b0a9f329ed6cb3670badb907e16b1deaadc76d5149fe9229fcf","ssdeep":"192:5nQ998xYO9SkmsKlsL4WOGAOZPSeIWpYd:5nQ9WxqCL6/WI","tlshash":"d70273467bd259f1ccf23468152a2a3975ab0ed33202e170f828d9d3445c6d6e743b7a","first_seen":"2025-11-09T14:50:42.270394Z","last_seen":"2026-03-06T21:30:18.093994Z","times_seen":77,"resource_available":true,"data":null}},"time_used":620,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":620,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js","fqdn":"ssl.p.jwpcdn.com","domain":"jwpcdn.com","tld":"com"},"ip":{"addr":"151.101.194.114","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voodc.com/player/d/jXuPkaCJmomIl8Xb1cPVtYl6rcrau9jLx5iqkpyHpKu9uIyVp8-fiI-8zJKfi5mbua3B0J6HmoSEe4aSssDbubq5zpKfi5k_/p6CDl5nHwIGHgIOSo42bi4R6jZGchKC6","date":"2025-11-09T14:50:10.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jwplayer.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 05 May 2025 18:19:12 GMT","end":"Sat, 06 Jun 2026 18:19:11 GMT"},"fingerprint":{"sha1":"F1:90:E6:09:04:E3:35:FC:0D:3C:D3:A8:A5:9C:2D:F8:BA:F6:B7:98","sha256":"F1:76:6A:8D:CB:F1:B8:39:85:28:98:4C:E9:01:C8:1C:86:9C:37:93:39:C9:93:42:89:33:29:8A:C1:56:7D:1C"}}},"request":{"raw":"GET /player/v/8.27.1/jwplayer.core.controls.js HTTP/1.1\r\nHost: ssl.p.jwpcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=31536000, immutable\r\nlast-modified: Mon, 22 May 2023 06:27:29 GMT\r\netag: \"3141cfbc04d2f12e7e4047ffd289780c\"\r\ncontent-type: application/javascript\r\nserver: AmazonS3\r\nfastly-restarts: 1\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\nage: 2769750\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\nx-served-by: cache-lga21929-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 47, 0\r\nx-timer: S1762699810.479931,VS0,VE1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-length: 79303\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":324591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"3141cfbc04d2f12e7e4047ffd289780c","sha1":"8831b1b49d7e4a9d7ad0009d56183a6a37ace6ea","sha256":"f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8","sha512":"ed046dd3672d8660dc2b54cf0bde6e65b97eaf8e95a5ce7382fff7422f1d6b72ad6e550c4464d014a02b9423bcb0751592aa505bc23b4844b7b08a1ff02199e8","ssdeep":"3072:vgu7Pz9hGlY4B+XVmnTJI6/82JhTCa8cHKSs0SMXgTraOg9dMCAq6wmmTq:YuH3cB+Fy5/82JheDMQTraTMZ3wmmTq","tlshash":"96641832214252355ada82da76514604b33a8085f516cfacff2ceddd4c6e9cb31fabb4","first_seen":"2023-05-26T21:39:22Z","last_seen":"2025-12-21T05:22:40.898481Z","times_seen":216,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Domine:400,700|Oswald:400,700|Frank+Ruhl+Libre:400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:58 GMT","end":"Mon, 05 Jan 2026 08:38:57 GMT"},"fingerprint":{"sha1":"1E:BD:59:57:1D:85:DE:FA:02:4F:D0:E3:99:CD:8C:9B:62:9E:2A:D4","sha256":"E6:2C:01:FB:2E:B9:ED:F7:DF:AE:35:78:93:C6:BD:6B:FE:43:09:67:54:88:15:D5:34:D6:13:53:F1:93:4A:45"}}},"request":{"raw":"GET /css?family=Domine:400,700|Oswald:400,700|Frank+Ruhl+Libre:400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 09 Nov 2025 14:50:09 GMT\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8152,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9b4ce3a32bca5ab2aaff7e6164324b98","sha1":"856b2c286dbb98a33955d84d99a902b7205561b4","sha256":"147c9a769d91af594539da79c43ccef0fdef34d956207987781ffa82b7be7da0","sha512":"94eab782e89a8340dc26331c184d3b74d666460c02129126245e9464194fb8d6e3ad4c0afdacd3a54a1b28344c68197ac13bb6a5f4a511df56e4436d842428b6","ssdeep":"192:ITVNTssuvup2uvuSupzuZWvKoBsVeWSKBossT:NCf7o","tlshash":"2af1dfa2082ba440ef470dd233ce7e36ee1f52552414d9799efd1898ecabd225315b8e","first_seen":"2025-11-08T23:19:40.89825Z","last_seen":"2026-03-22T13:38:25.309974Z","times_seen":7,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":101,"dns":0,"connect":16,"send":0,"wait":35,"receive":0,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voodc.com/embed/85818c93a290a18a847a85979f8d98878b.html","date":"2025-11-09T14:50:10.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://voodc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:10 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27437\r\ncf-ray: 99be1ef4bb567130-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"659afac8-6b2d\"\r\nlast-modified: Sun, 07 Jan 2024 20:26:00 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 183178\r\nexpires: Fri, 30 Oct 2026 14:50:10 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=L5SB8j4Wr%2Fg6wGsfz5W4BnM8o6R7DHSFwHsJadbK74vhyjqmdowATox72U9FRvM39j6M8BJiwGpTDuW6QH6dBKGKKT5ZhRIp%2F930giOkCJOu2gvh4zM1ziE%2BtcYzlw0YZAY8Rb3B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87462,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"e6c2415c0ace414e5153670314ce99a9","sha1":"5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6","sha256":"d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8","sha512":"de027062931edd07b01842eff24fc15fdbdcaa1af245dcd133155faba9e0c965f0a34dc6144ce3b149bc43b4597073c792cb6dabbfc6168c63095523923bcf77","ssdeep":"1536:/KRUXRa8Dgwxcy2jpBNwch96SLk8Ek2BSrBGS1ia/eEk4aV2EXi8SMpQ47GKV:/u1zNwcv9qBy1HOg8SMpQ47GKV","tlshash":"9f83f8df77ca702247ab30b9006f550bf276199d684d4400f259d8e9bc78a4a823bf7e","first_seen":"2023-05-12T23:07:48Z","last_seen":"2026-04-04T11:41:07.246037Z","times_seen":23660,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":16,"dns":1,"connect":1,"send":0,"wait":15,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"irk8waeqf7kb.n4.adsco.re/","fqdn":"irk8waeqf7kb.n4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"38.132.109.126","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:10.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.n4.adsco.re","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 09:14:20 GMT","end":"Sun, 14 Dec 2025 09:14:19 GMT"},"fingerprint":{"sha1":"E1:1C:75:CB:71:36:CE:62:CC:D3:97:20:A3:3E:A2:FA:DB:E6:BA:53","sha256":"71:DD:71:4E:B6:1B:9E:7A:90:D9:9D:D2:2D:76:D2:D4:30:96:42:27:B9:D5:71:B1:13:B4:4E:91:D6:27:1A:8F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: irk8waeqf7kb.n4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 14:50:11 GMT\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlast-modified: Fri, 16 Jun 2023 08:37:42 GMT\r\netag: \"648c1f56-0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":916,"timings":{"blocked":421,"dns":134,"connect":88,"send":0,"wait":89,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/0d0349e89020243c4a67e912f8a8435a.js?ver=8435a","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/0d0349e89020243c4a67e912f8a8435a.js?ver=8435a HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 37\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":37,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"622812d1045068a5a6791e30a38eacbe","sha1":"d7917d9bc45a7909c5944d0138bbff75e8e59419","sha256":"3b018ba3fd44409b43ce623cbd7b69a94aedb00a35882ef3c2c754df3e9c7dca","sha512":"00675ded9bce7783e71bb04e59f0d3f71db4d9b3111bc8f8d836aad26e3774443df44383757cef4398edb9da7b2f9a9eab2f7a2aaea1336417c4628bbbbdac75","ssdeep":"","tlshash":"a280041c1111544d1dd114d0f137d5dd5433017dc00cf0174f5004404c504dc003345c","first_seen":"2023-03-09T02:32:59Z","last_seen":"2026-04-03T20:14:05.506394Z","times_seen":499,"resource_available":true,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/31a13e40c7e5ef3d4dc0e1470f54e32c.js?ver=4e32c","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/31a13e40c7e5ef3d4dc0e1470f54e32c.js?ver=4e32c HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:36:25 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1599\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5366,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5364)","md5":"02cfac20cbb029f181cc521397fa7d80","sha1":"11fdeb42879d7f3666ecf88c11d4142e628d8dfb","sha256":"c5ad54828247682405117c359ca233b9760d2b8c60daa7e5d09c8ab4af271f5e","sha512":"c93098da1a68a409e239c3e9660774a103fab813039d82f924c467517ac8de96093b88cd1778fe3d9768aa53d8167dd591a6b3fc07c8eea27c76a773dcc3738b","ssdeep":"96:8CmrPpnMTDqfVNsArPF1DYvDRGuPHB+qCuS5+6k:Fmz96DqfVOXEuPHB+qC9Y","tlshash":"01b1325e2f506139e097f8cf90cfa028906e8da75bcad079870c85d81da576891f2fde","first_seen":"2024-08-20T19:54:53.224004Z","last_seen":"2025-11-22T18:17:28.119641Z","times_seen":4,"resource_available":true,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hitode.xyz/wp-content/litespeed/js/9633e9b03f5a44451d715edc2485ccbe.js?ver=5ccbe","fqdn":"hitode.xyz","domain":"hitode.xyz","tld":"xyz"},"ip":{"addr":"64.187.97.202","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hitode.xyz","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"33:5E:B3:E7:07:B1:48:40:BC:4F:0C:9E:84:BF:EF:13:64:52:00:8F","sha256":"A1:55:43:5A:F1:E3:C6:7E:BA:CD:6D:2F:CF:50:16:DF:E8:28:4F:70:3C:D0:94:CC:AC:0B:65:A8:48:96:86:A0"}}},"request":{"raw":"GET /wp-content/litespeed/js/9633e9b03f5a44451d715edc2485ccbe.js?ver=5ccbe HTTP/1.1\r\nHost: hitode.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hitode.xyz/?p=1295\r\nCookie: _lscache_vary=0c1526058e97d6db4be41896866d7d8f\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31557600\r\nexpires: Mon, 09 Nov 2026 20:50:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Nov 2025 14:46:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1689\r\ndate: Sun, 09 Nov 2025 14:50:09 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5522,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4358)","md5":"886d7c72aac16b4d7fad967aaa37b029","sha1":"aaa2f737cfe7e8a77138b812dfe6f3b67797204b","sha256":"27ea21a9138e53d9f2dd561bb0ca8bc012f333be06059e0d76b389f74b179f2e","sha512":"b4e52588f59f4ab1e9ab514530a7e563323368863f98c866ed453ce2c4e3d4314ee250a7dfea207b4bcf54b3edf66f1bbda641a4871589c33a9dab84054541d8","ssdeep":"96:PwSrH5hrG6Qpw1rIN2Bkqsu6B89w1y+7Y3qv5StcXyuC0r4oYeTnf49uVhWWTfjb:PwSrq6Qpw1rI2k1u6i9woa3hSSCP9+X/","tlshash":"17b1318db7737563125aa0f2b31b430ab3b6509ea128419d765cecf39cb490a1973fb0","first_seen":"2023-11-11T17:21:40Z","last_seen":"2026-04-04T08:32:10.960728Z","times_seen":2247,"resource_available":true,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":622,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"hitode.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hitode.xyz/?p=1295","date":"2025-11-09T14:50:09.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:57 GMT","end":"Mon, 05 Jan 2026 08:38:56 GMT"},"fingerprint":{"sha1":"50:87:4B:4E:FB:30:AB:11:12:23:8E:8F:6B:DB:F7:6D:9A:37:CE:D9","sha256":"E1:35:48:CB:CA:92:00:73:EB:EA:EF:E9:B3:8E:D0:29:54:33:B5:C7:4E:73:DF:B7:7C:F8:B6:07:E7:AD:8C:24"}}},"request":{"raw":"GET /s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hitode.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21472\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 17:01:17 GMT\r\nexpires: Fri, 06 Nov 2026 17:01:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 251332\r\nlast-modified: Wed, 10 Sep 2025 16:45:39 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21472,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21472, version 1.0","md5":"5f49329007f1e2c86462fd68a5f3affe","sha1":"aabe123b52750eaf9e6fe604204c2687222b0c54","sha256":"571f3457dab507b6f2ce5394d593ca015251b69fea81ab7a546bd2368e9fc3ed","sha512":"59b693cf63d3bc706adc09d289f51f3be1ed2cec80a6e1ebfaf35a5b569ed006e5785cf1faa884e133ab83eb7a0fce9c4545c512c9e7fed63e94264fb13c4937","ssdeep":"384:89cq4KprqBvQGNLahU+kaK7dWYQmQp48QMg9syZ/0TxUAWKymEIetG0pLlZxeH:8iq4cmvfNLahDK7QVmQqhw1EjLLMH","tlshash":"4da2f1a25a83d949fb68403e3b80287d963a03c733967a63575225ebbae1c53305a4c9","first_seen":"2025-09-11T17:19:09.761048Z","last_seen":"2026-04-04T09:43:34.24737Z","times_seen":7404,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":113,"dns":0,"connect":0,"send":0,"wait":59,"receive":6,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}