{"report_id":"7594a0ce-75e7-44b5-b2a8-997d65a79a1d","version":6,"status":"done","tags":[],"date":"2025-11-08T08:33:31Z","url":{"schema":"http","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":0,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"final":{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"title":"Fongdo.Coffee Beans | เมล็ดกาแฟคั่วคุณภาพดี","dom":{"size":34801,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (410)","md5":"8acbc7a13dae90b3fa6278c9161cfcb0","sha1":"3ca46181349962608aee55f93df58528276acac2","sha256":"75a5c5cb1ee45c716bb7e5d328b4cba75ed44f9668f0796f2bfd5eba59248f76","sha512":"b70c61ae5836a8cab40ffbec52868b74341ba6e6e1b83805acf99c11eb9d6539d88eb261b00375bb5170ade300e7dfb3b561b9fe221d367c9d6accfebb616b4c","ssdeep":"768:lhdR7ohShnuyJFzyDGchChXSS4SSxYGetuqN1:7dSK8x6XSS4SSW1","tlshash":"e6f2dd72208e5ebf114756877124378aa09f9e35fa33f4d2f2f7125953e1f41a812da2","dom_hash":"domhashbdd285bb3d8d122cb58837c23cf00eeb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":0,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-13T08:33:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"172.217.21.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-11-02T22:13:19.243005Z","alert_count":0,"request_count":2,"received_data":1041,"sent_data":2420,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"domain_registered":"2015-07-21","domain_rank":0,"first_seen":"2022-07-10T19:25:03Z","last_seen":"2024-09-22T15:14:57Z","alert_count":23,"request_count":23,"received_data":1314803,"sent_data":11892,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Bootstrap:4.4.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-11-02T22:17:28.040208Z","alert_count":0,"request_count":1,"received_data":88737,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-02T22:12:57.589972Z","alert_count":0,"request_count":2,"received_data":6697,"sent_data":1010,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-02T22:13:40.433865Z","alert_count":0,"request_count":1,"received_data":361833,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2025-11-02T22:41:28.901183Z","alert_count":0,"request_count":1,"received_data":81655,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-02T22:15:46.374949Z","alert_count":0,"request_count":3,"received_data":219762,"sent_data":1686,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-02T22:12:55.494707Z","alert_count":0,"request_count":4,"received_data":66936,"sent_data":2300,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-10902966622","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2fb2b25ea7b234b82e714249b6e5066","sha1":"2a1381bc4f54f358a57cbcb239759ef04fdfb435","sha256":"615f29edc67a88feaa91a99e4ea2c5af83da59b70eb05f462e230e91a94234e7","sha512":"9843a6829fb10d0775672d8ec693047fa0f321050d7b1e840940cac10100efb6e6839d27642581d5d4ececd2e395f925d136e26e1d9063079ddf06f1b9ee5ca2","ssdeep":"6144:Uxe4ff+astFXXRXyN6OZd0CdpIQJYhufQLFD0:oedaAXRXy5jYhDFw","tlshash":"807419cd73c674664393a478503f018ba17b69a1f88cc899f186dce42e70a9a4277f7d","size":361183,"data":"","first_seen":"2025-11-08T08:33:36.067987Z","last_seen":"2025-11-08T08:33:36.067987Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/easing/easing.min.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"introduction_type":"scriptElement","is_inline":false,"md5":"adf739cca147aff5e39fd65e6e64f420","sha1":"ce3bb19811c619220dd2329165eb8a8166094fec","sha256":"0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d","sha512":"91ae8b810de2caddf0386e2f69c4b2ccd86878804fdff623337793ef62a0ea7e3e3435f9b2d7fc0c0870dc4dc40561401039b30fd815de53f9f2e495628e9145","ssdeep":"","tlshash":"d44107d9f9c3b75a935275e0162f200bb22e6eb000ed2530c66174aa7d3831d9d3bacd","size":2302,"data":"","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-04-09T07:50:33.932716Z","times_seen":4653,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/js/main.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"introduction_type":"scriptElement","is_inline":false,"md5":"bddcc11c448f0cc5b84fc35619df0e5c","sha1":"3ca205f0a91c4c7c3e1b2cf6a2bef6418d2c6b73","sha256":"02bce3f94611407f0b9eafbea36102a16c37efce8ebeac8b7d14da639fb69742","sha512":"f783f910876f801eaf5bc0f25beea08a173bbfb3ef67616b6c15a2fc7121cfe5a045ded08cc3eadf13ea7f75d2ed6242550e1d437a6b464cb6fd1ffa788cc301","ssdeep":"","tlshash":"df51b90a65b12822007b35756fafa1003e19158f980efc517e9d4bc05f5923d6af2b4d","size":2531,"data":"","first_seen":"2023-03-26T01:43:47Z","last_seen":"2026-02-12T11:48:15.559813Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc6ab5f37f2389113351939266d9bf67","sha1":"d1ac55d754a6236a3a467c0a994f93588541b36d","sha256":"d0c7a94c6eeffb7254ca6371f5c95451361d3cb139d1a511bff43fc4df4b53da","sha512":"68e7a4065fae5707ed6d3f2c7e6a7ae0b32887c677016e95b66161b79caced4289cfc6af66cc5a00f0d71834221ea67a563cf11bff984b3bb10b093c1247f8e7","ssdeep":"","tlshash":"281180d2b69e98ab57c621bf4c1c75cc686c18331e61b4feb05ca02d85f1b3bd072995","size":948,"data":"","first_seen":"2025-11-08T08:33:36.111224Z","last_seen":"2025-11-08T08:33:36.111224Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/owlcarousel/owl.carousel.min.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7b9c97cd68ec336d01a79d5be48c58d","sha1":"1a99890b57c9859a622337ed0b2f989d6e30cc0e","sha256":"b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43","sha512":"968e18822c24c6c54827999ec766fe54750a9489d22b6a45b641854731ec00beb8fd93b9bda8823e67463f7a99ab587d333673821ae90cfdf7e92716ba050c4e","ssdeep":"768:JBA7PMMFA0tdlXKNSR4vlGRep2lcwJeL+C2jQdc7/CORUQuFBt33:HAIMFFdYMxAcLQDV","tlshash":"cb137346b3202d2a869b61a0663f160bb23a291ce414507d7d7da6de6d7dc4c213fbfc","size":42766,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-09T07:28:40.009104Z","times_seen":16167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/isotope/isotope.pkgd.min.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"introduction_type":"scriptElement","is_inline":false,"md5":"035a94b2b3f2103ab665f2885f953836","sha1":"3cb37f0004158f3e8f9194ebdb1d361dce6f0ed0","sha256":"2ac1dec2ea676653dc33c1dc718636434357b352fd07d6bf9750c69250191abc","sha512":"a53c8bb76b4a444bd288d60cdb515159142d8ceb7f85935823e051431f720ce6ef708c9d27edc3b3f0f100a4ffbcaec3ede91215fa6e6d887b7248adcb6f0c29","ssdeep":"768:9fyxzGdHc1zfA9ZVP4eAnmc6FumKSshD6cD6GLQfq9SvDz291Fxt:Ux6dOjARP4Nnmc6FuCshD6cD6xS9ODzW","tlshash":"4df2d74f73403924468bf166966f160fb137a56c6a4790acba6ad8db1c79c0d6033fbc","size":35503,"data":"","first_seen":"2023-03-07T01:03:16Z","last_seen":"2026-04-09T08:19:03.981089Z","times_seen":4008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.4.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-09T07:59:01.853584Z","times_seen":116260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5334e475209f965b4862f3bedf32618","sha1":"fac45259046dd90b16d251739108002d67a00b54","sha256":"394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e","sha512":"738c1384f3c2326bb8c6c56e7c91e8928800f57e246b9f1ccbd70461fe6dd78ef04b0d19a38ddfc1d4f2fc80b4935a0bc5771494fbd664c9c3f1b7bad6cc16ee","ssdeep":"768:u09+zQtNHVGCcWTb7zTuBV4KtkSsMtJQ5C/xd7vPn2JNtFiH5jsHaikKrjRM+PKk:ua+OOkSs2Q5CXnFOpc6RvFvVGGZ5","tlshash":"0473d64a3244b47202afa167907f460fb33768daa50e811cb55da8ed2d7cd993267f3c","size":80698,"data":"","first_seen":"2023-03-07T01:07:09Z","last_seen":"2026-04-09T04:49:51.087444Z","times_seen":2015,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.13.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 08 Nov 2025 08:33:11 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 80328\r\ncf-ray: 99b3b95e4f905697-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"5eebda3d-139c8\"\r\nlast-modified: Thu, 18 Jun 2020 21:18:53 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 138725\r\nexpires: Thu, 29 Oct 2026 08:33:11 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=bx7hGgn%2FF4bu8w%2FKcWHTEiYpZUarjImboxrT9FHp9yUVArGvJIa4ntXOSNpdiLQoyTD7BLNedhJ7ZLS8eP2yElH11dDwKODWQarKT3j%2FkOEYosvVbX5%2F6dMC2MhvbUH0DzMDtRiw\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80328,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 80328, version 331.589","md5":"412a43d6840addd683665ec12c30f810","sha1":"f3be6605dbff23cf22ec3abddd1141a81a99e3aa","sha256":"0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc","sha512":"aadf26f3d595c0b3c9cc1f2a762559b37ba9fa0be055e8128dfa98005510ea7e2ae412abe9af7d593034d1b9126be542d7bad8d986b0128f2c2dffc6b71ec66f","ssdeep":"1536:Yfry2m5ogN0SJFfJpaz+AbNW6iGKY+aNHUO4dhdx4LxfGhRf:YfIoguYjpa3b2GKYN0N0f+f","tlshash":"cd7302dcbb83b68bb583370f2e9c59615695080de0aa11e252e5eccc0add36ed175cce","first_seen":"2023-04-15T16:03:12Z","last_seen":"2026-04-08T19:43:29.101971Z","times_seen":1477,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":18,"dns":1,"connect":0,"send":0,"wait":13,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026tid=AW-10902966622\u0026en=page_view\u0026dl=https%3A%2F%2Fcafemania.73823212-46-20190607220758.webstarterz.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1800425704.1762590791\u0026dt=Fongdo.Coffee%20Beans%20%7C%20%E0%B9%80%E0%B8%A1%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F%E0%B8%84%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B8%84%E0%B8%B8%E0%B8%93%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%94%E0%B8%B5\u0026auid=1257447682.1762590791\u0026navt=n\u0026npa=1\u0026gtm=45be5b50za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480709~115583767~115616986~115938465~115938468~116217636~116217638\u0026tft=1762590791315\u0026tfd=3345\u0026apve=1\u0026apvf=f\u0026img=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"172.217.21.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:13.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:39:42 GMT","end":"Mon, 05 Jan 2026 08:39:41 GMT"},"fingerprint":{"sha1":"21:9C:5C:29:E1:79:B5:ED:56:03:5A:DB:A7:59:E9:CD:8C:F7:7B:84","sha256":"B7:D9:C5:14:9E:24:2A:E0:DE:23:41:E5:B0:F0:10:5E:EB:C3:66:B3:4F:D9:14:ED:52:6C:5D:D0:7D:FC:9F:A1"}}},"request":{"raw":"GET /ccm/collect?frm=0\u0026tid=AW-10902966622\u0026en=page_view\u0026dl=https%3A%2F%2Fcafemania.73823212-46-20190607220758.webstarterz.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1800425704.1762590791\u0026dt=Fongdo.Coffee%20Beans%20%7C%20%E0%B9%80%E0%B8%A1%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F%E0%B8%84%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B8%84%E0%B8%B8%E0%B8%93%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%94%E0%B8%B5\u0026auid=1257447682.1762590791\u0026navt=n\u0026npa=1\u0026gtm=45be5b50za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480709~115583767~115616986~115938465~115938468~116217636~116217638\u0026tft=1762590791315\u0026tfd=3345\u0026apve=1\u0026apvf=f\u0026img=1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Sat, 08 Nov 2025 08:33:13 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T08:07:55.876601Z","times_seen":13532580,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/owlcarousel/assets/owl.carousel.min.css","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /lib/owlcarousel/assets/owl.carousel.min.css HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:09 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 13 Jun 2022 15:22:50 GMT\r\nETag: \"b78-5e155dc6ca8ef\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2936\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2846)","md5":"de0dfbabe627afa1b718d848b6b58e97","sha1":"73d8a692734089983b00005d99ef8e5e5b0dadeb","sha256":"016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d","sha512":"1aa3ffa639729b094f6fa55deca993e586daa6fa30a6d791abd7dfbee7e25d8669d18a4c4ed47db48ebfbf75378458b537d310997ba6ff205f10bc6863e4b533","ssdeep":"","tlshash":"7251bde4354b215f480fc32219d85e87293ecd52d8260a5a92bbd718479ae2d113ffcf","first_seen":"2023-04-05T08:37:21Z","last_seen":"2026-04-09T07:28:40.041884Z","times_seen":9420,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.4.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.4.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15851\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 08 Nov 2025 08:33:09 GMT\r\nage: 5784231\r\nx-served-by: cache-lga21965-LGA, cache-hel1410027-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 23, 410945\r\nx-timer: S1762590790.954414,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30638\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88145,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-09T07:59:01.853584Z","times_seen":116260,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":95,"dns":34,"connect":26,"send":0,"wait":27,"receive":8,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/easing/easing.min.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /lib/easing/easing.min.js HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:10 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 13 Jun 2022 15:22:49 GMT\r\nETag: \"8fe-5e155dc6390c7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2302\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2302,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2301)","md5":"adf739cca147aff5e39fd65e6e64f420","sha1":"ce3bb19811c619220dd2329165eb8a8166094fec","sha256":"0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d","sha512":"91ae8b810de2caddf0386e2f69c4b2ccd86878804fdff623337793ef62a0ea7e3e3435f9b2d7fc0c0870dc4dc40561401039b30fd815de53f9f2e495628e9145","ssdeep":"","tlshash":"d44107d9f9c3b75a935275e0162f200bb22e6eb000ed2530c66174aa7d3831d9d3bacd","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-04-09T07:50:33.932716Z","times_seen":4653,"resource_available":true,"data":null}},"time_used":880,"timings":{"blocked":306,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":291},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/isotope/isotope.pkgd.min.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /lib/isotope/isotope.pkgd.min.js HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:10 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 13 Jun 2022 15:22:49 GMT\r\nETag: \"8aaf-5e155dc650f98\"\r\nAccept-Ranges: bytes\r\nContent-Length: 35503\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":35503,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32004)","md5":"035a94b2b3f2103ab665f2885f953836","sha1":"3cb37f0004158f3e8f9194ebdb1d361dce6f0ed0","sha256":"2ac1dec2ea676653dc33c1dc718636434357b352fd07d6bf9750c69250191abc","sha512":"a53c8bb76b4a444bd288d60cdb515159142d8ceb7f85935823e051431f720ce6ef708c9d27edc3b3f0f100a4ffbcaec3ede91215fa6e6d887b7248adcb6f0c29","ssdeep":"768:9fyxzGdHc1zfA9ZVP4eAnmc6FumKSshD6cD6GLQfq9SvDz291Fxt:Ux6dOjARP4Nnmc6FuCshD6cD6xS9ODzW","tlshash":"4df2d74f73403924468bf166966f160fb137a56c6a4790acba6ad8db1c79c0d6033fbc","first_seen":"2023-03-07T01:03:16Z","last_seen":"2026-04-09T08:19:03.981089Z","times_seen":4008,"resource_available":true,"data":null}},"time_used":935,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":303,"receive":604,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026tid=AW-10902966622\u0026en=page_view\u0026dl=https%3A%2F%2Fcafemania.73823212-46-20190607220758.webstarterz.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1800425704.1762590791\u0026dt=Fongdo.Coffee%20Beans%20%7C%20%E0%B9%80%E0%B8%A1%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F%E0%B8%84%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B8%84%E0%B8%B8%E0%B8%93%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%94%E0%B8%B5\u0026auid=1257447682.1762590791\u0026navt=n\u0026npa=1\u0026gtm=45be5b50za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480709~115583767~115616986~115938465~115938468~116217636~116217638\u0026tft=1762590791315\u0026tfd=3345\u0026apve=1\u0026apvf=f","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"172.217.21.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:13.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:39:42 GMT","end":"Mon, 05 Jan 2026 08:39:41 GMT"},"fingerprint":{"sha1":"21:9C:5C:29:E1:79:B5:ED:56:03:5A:DB:A7:59:E9:CD:8C:F7:7B:84","sha256":"B7:D9:C5:14:9E:24:2A:E0:DE:23:41:E5:B0:F0:10:5E:EB:C3:66:B3:4F:D9:14:ED:52:6C:5D:D0:7D:FC:9F:A1"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026tid=AW-10902966622\u0026en=page_view\u0026dl=https%3A%2F%2Fcafemania.73823212-46-20190607220758.webstarterz.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1800425704.1762590791\u0026dt=Fongdo.Coffee%20Beans%20%7C%20%E0%B9%80%E0%B8%A1%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F%E0%B8%84%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B8%84%E0%B8%B8%E0%B8%93%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%94%E0%B8%B5\u0026auid=1257447682.1762590791\u0026navt=n\u0026npa=1\u0026gtm=45be5b50za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480709~115583767~115616986~115938465~115938468~116217636~116217638\u0026tft=1762590791315\u0026tfd=3345\u0026apve=1\u0026apvf=f HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/plain\r\npragma: no-cache\r\ndate: Sat, 08 Nov 2025 08:33:13 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T08:07:55.876601Z","times_seen":13532580,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":96,"dns":0,"connect":21,"send":0,"wait":33,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/logo.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:13.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/logo.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nCookie: _gcl_au=1.1.1257447682.1762590791\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:13 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:51 GMT\r\nETag: \"49a1-5e1894ff7affb\"\r\nAccept-Ranges: bytes\r\nContent-Length: 18849\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18849,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3","md5":"ad2bfe36745acc8cbf78f60e047b0efb","sha1":"70163ca12f0321141d3f18b51c5498ec7a8d5832","sha256":"5d2354aea12c7af9fbb76864eda03fb2642208edf4c273a1e3e7fe7fd5711bfd","sha512":"9d8b1bf06264fa3c2c0ab23b34ac0afe8fe00a372093cf97470a804bd89eed742ef872f6d99d7efb3a230ad1b4486c5e04ff1e0d8cc4cb0a65f9fc1a59b073cd","ssdeep":"384:c951rqZv/lv/m2KdKe7K7ZJtNbtiwtAE5DGrzARRzXu7JSvWcrRkCebRnn:cwbv/TZNX1tiw+E5DG+N+7wWwRZ0n","tlshash":"ff82bf0704095de1720ce7f8fd924c8ae38d6e89588b6efa2ae19dd3bf0a853481455e","first_seen":"2025-11-08T08:33:36.062414Z","last_seen":"2025-11-08T08:33:36.062414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/logo.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:13.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/logo.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nCookie: _gcl_au=1.1.1257447682.1762590791\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:13 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:51 GMT\r\nETag: \"49a1-5e1894ff7affb\"\r\nAccept-Ranges: bytes\r\nContent-Length: 18849\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18849,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3","md5":"ad2bfe36745acc8cbf78f60e047b0efb","sha1":"70163ca12f0321141d3f18b51c5498ec7a8d5832","sha256":"5d2354aea12c7af9fbb76864eda03fb2642208edf4c273a1e3e7fe7fd5711bfd","sha512":"9d8b1bf06264fa3c2c0ab23b34ac0afe8fe00a372093cf97470a804bd89eed742ef872f6d99d7efb3a230ad1b4486c5e04ff1e0d8cc4cb0a65f9fc1a59b073cd","ssdeep":"384:c951rqZv/lv/m2KdKe7K7ZJtNbtiwtAE5DGrzARRzXu7JSvWcrRkCebRnn:cwbv/TZNX1tiw+E5DG+N+7wWwRZ0n","tlshash":"ff82bf0704095de1720ce7f8fd924c8ae38d6e89588b6efa2ae19dd3bf0a853481455e","first_seen":"2025-11-08T08:33:36.062414Z","last_seen":"2025-11-08T08:33:36.062414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/espresso.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/espresso.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:49 GMT\r\nETag: \"11eb2-5e1894fd1a1a9\"\r\nAccept-Ranges: bytes\r\nContent-Length: 73394\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":73394,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x467, components 3","md5":"7953c71fe137ff7e52cc4028f4d6b2db","sha1":"f9805a23f4d8dd4c773498c79d78f5932b3fa89d","sha256":"639f9fd1da036c78f2ea4adf56a72ceca513c59c30715d659cf3f7678b74a5d6","sha512":"e0b7432bfb656c48f842789f69ed6ab9f634ce893f73cf466cb9ade84f5113fea8fb266ed19e6a7f018b3b636f97a875ea3d8739d8c43a744a93713b57eae129","ssdeep":"1536:poPrii5Tib3w7VjWZf6dixyqLeYxEsXppkdIuwYMv8:pomi5TSwJju7rz55pkdIuwYMv8","tlshash":"8f730218a71b3ab6966b1c8106d3d9055cf76052379bfcbcaaf2488884e36570f127d7","first_seen":"2025-11-08T08:33:36.064704Z","last_seen":"2025-11-08T08:33:36.064704Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3434,"timings":{"blocked":2828,"dns":0,"connect":0,"send":0,"wait":303,"receive":303,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Handlee\u0026family=Nunito\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:51 GMT","end":"Mon, 05 Jan 2026 08:38:50 GMT"},"fingerprint":{"sha1":"1D:8E:3A:85:91:AC:63:71:94:8B:0E:61:45:34:D9:86:AB:A6:E2:CE","sha256":"E6:93:4E:53:89:15:41:28:27:59:AA:84:50:96:96:1E:2A:98:7E:08:60:AE:68:62:AE:DD:86:AB:DB:0F:FE:2B"}}},"request":{"raw":"GET /css2?family=Handlee\u0026family=Nunito\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 08 Nov 2025 08:33:09 GMT\r\ndate: Sat, 08 Nov 2025 08:33:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2311,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5f028077ca66b59094d73a6d9b54430f","sha1":"0679ae9e17b301cd0691755c3f1eb861a8117102","sha256":"2b5eee57e9cfb577d4112a9d8f67414ac1210097e5b16bd05e44c5a3e9ac4114","sha512":"dcf7524bcb26ea8752b175ed5a2d656d734565ee088acc88624f7b9d351da2086fb74bf0d94a2ba6dbe2de1f29c8ad4764875a6a875594d4a5994721870c3a43","ssdeep":"","tlshash":"1b419b91041ad540db431cc227cf7e37ae5ea1117855d47a9bfd88d8edabd231264b0e","first_seen":"2025-10-16T07:38:49.820236Z","last_seen":"2026-02-12T11:48:15.567786Z","times_seen":10,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":135,"dns":1,"connect":20,"send":0,"wait":36,"receive":0,"ssl":273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-10902966622","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:33 GMT","end":"Mon, 05 Jan 2026 08:37:32 GMT"},"fingerprint":{"sha1":"6D:B1:20:6C:4E:45:23:88:91:95:5C:C3:FE:0D:A8:1B:29:43:20:6A","sha256":"15:E2:87:29:F5:07:FE:12:A2:58:8F:EE:D0:AD:2A:AC:63:5D:69:08:82:23:F9:BD:90:70:9F:09:AA:7B:57:8B"}}},"request":{"raw":"GET /gtag/js?id=AW-10902966622 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 08 Nov 2025 08:33:09 GMT\r\nexpires: Sat, 08 Nov 2025 08:33:09 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sat, 08 Nov 2025 06:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 125341\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":361183,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"f2fb2b25ea7b234b82e714249b6e5066","sha1":"2a1381bc4f54f358a57cbcb239759ef04fdfb435","sha256":"615f29edc67a88feaa91a99e4ea2c5af83da59b70eb05f462e230e91a94234e7","sha512":"9843a6829fb10d0775672d8ec693047fa0f321050d7b1e840940cac10100efb6e6839d27642581d5d4ececd2e395f925d136e26e1d9063079ddf06f1b9ee5ca2","ssdeep":"6144:Uxe4ff+astFXXRXyN6OZd0CdpIQJYhufQLFD0:oedaAXRXy5jYhDFw","tlshash":"807419cd73c674664393a478503f018ba17b69a1f88cc899f186dce42e70a9a4277f7d","first_seen":"2025-11-08T08:33:36.067987Z","last_seen":"2025-11-08T08:33:36.067987Z","times_seen":1,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":79,"dns":1,"connect":20,"send":0,"wait":43,"receive":56,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/medium1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/medium1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:52 GMT\r\nETag: \"15f7a-5e1894ffdf190\"\r\nAccept-Ranges: bytes\r\nContent-Length: 89978\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":89978,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x334, components 3","md5":"228b6d02a00930561015fa6fc1a62906","sha1":"f694ca4fd4b56d3af1ef917852f0de5813a7c36a","sha256":"b0ca455141db983994db369915797de5c28f70448ac3770c333c76b4ab0e33b7","sha512":"53d343e138bdec22ca205b8980399ba3388935e2126e78f7ca72e5198d8437600819db6f08fcbd2321dbbb20f1ba3bc362a5686277b2341067e94fb0c722c3e6","ssdeep":"1536:ty2wpRiPcoxkA2X/Q2LNa0RteOYLwuzHFrBPgOyrYhqS4slXbY0jZa8L2/e5:E2wpRimAufoTLFtIYwmXRjZL5","tlshash":"769312ccb24054e4bb7415874b099e7ab0da8db2c7f1355d2d8b22fc42e8648ea46cad","first_seen":"2025-11-08T08:33:36.07015Z","last_seen":"2025-11-08T08:33:36.07015Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2498,"timings":{"blocked":1916,"dns":0,"connect":0,"send":0,"wait":293,"receive":289,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/person4.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/person4.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:53 GMT\r\nETag: \"f974-5e1895011c7c2\"\r\nAccept-Ranges: bytes\r\nContent-Length: 63860\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":63860,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x334, components 3","md5":"8a6fd48c5fcfa20c6786ca90c11f498d","sha1":"1447710b92c6248ba81fc64a5af1c2b1109fb6e8","sha256":"8131863bb513f6e0da9feed6226962416c39fd24efa652e677fb7780c4f2b61a","sha512":"d80a0146dde5ea74ef6ee66ea6792c8fdf0a6cee241ff0cb1755f2d068b359400779e7c8b7dcdf056220b1e0d0ae50fd6a40c2984d511fd7e059cdf8beb2480b","ssdeep":"1536:tORuKe5GyHmK7ZpRL8u/GQaGWdE0KjhDzVhGuX+rJJE+:IoKiZHmKdjL8UGQa9dE0mRuFJx","tlshash":"6453f1a1bc71fbe5b10dd24e253aa0254fe2e1c07dac57c2bab954b1dac2196271738c","first_seen":"2025-11-08T08:33:36.072991Z","last_seen":"2025-11-08T08:33:36.072991Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3599,"timings":{"blocked":3032,"dns":0,"connect":0,"send":0,"wait":284,"receive":283,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/bean1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/bean1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:48 GMT\r\nETag: \"b7b8-5e1894fbbf2cd\"\r\nAccept-Ranges: bytes\r\nContent-Length: 47032\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":47032,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x334, components 3","md5":"a01ff70bc641af27896cc2bee663e214","sha1":"0db8f8bc12c65483fe396a730cdacd3c193c1ccb","sha256":"075331046331ea6c996ffb154a908a16efc27bd2fa2fdbff978b4e7540cbaf1a","sha512":"69bd0514279f896026f31dce9e3ab177ba84002d8fc1f08416f1d061f062a1978caea63c71371e8ba7392a3b302933e8d644478f63b422d56cb52efd497c7b75","ssdeep":"768:tqE2yPfLwXIbuZiG8keNSABpUAaSZfPKHeJHW2PCSp/Gs+ZvGDx2jy/dHUSL:tqE/PfL4idNS2XaSRPBJN6Sp/GDsxhZL","tlshash":"bf23f1b04693b3e12299e19ccdd8c9495dfcc9e8ae5bcb5601c5339010fb23b2af5b59","first_seen":"2025-11-08T08:33:36.074861Z","last_seen":"2025-11-08T08:33:36.074861Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2543,"timings":{"blocked":1609,"dns":0,"connect":0,"send":0,"wait":313,"receive":621,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/js/main.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:10 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 13 Jun 2022 15:22:49 GMT\r\nETag: \"9e3-5e155dc62dd16\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2531\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2531,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"bddcc11c448f0cc5b84fc35619df0e5c","sha1":"3ca205f0a91c4c7c3e1b2cf6a2bef6418d2c6b73","sha256":"02bce3f94611407f0b9eafbea36102a16c37efce8ebeac8b7d14da639fb69742","sha512":"f783f910876f801eaf5bc0f25beea08a173bbfb3ef67616b6c15a2fc7121cfe5a045ded08cc3eadf13ea7f75d2ed6242550e1d437a6b464cb6fd1ffa788cc301","ssdeep":"","tlshash":"df51b90a65b12822007b35756fafa1003e19158f980efc517e9d4bc05f5923d6af2b4d","first_seen":"2023-03-26T01:43:47Z","last_seen":"2026-02-12T11:48:15.559813Z","times_seen":8,"resource_available":true,"data":null}},"time_used":978,"timings":{"blocked":352,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":316},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/dark1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/dark1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:49 GMT\r\nETag: \"16741-5e1894fcd09dd\"\r\nAccept-Ranges: bytes\r\nContent-Length: 91969\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":91969,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x334, components 3","md5":"5ef46b3f910f374cbbd0e74f3236b50b","sha1":"211a42e8061be6b87831ac115c950d4617c0aa51","sha256":"867a518eeee28b7a7443c2eea10149028f17b36cd2bd4a0c4f4fbd44a854b20d","sha512":"7cd7f010a890be6d1eeb36dcc332f35cf1260cc188ecfa0083b2c17f61245943eac66ae18674af8dcaf126579d99f4f6fad85ee24d8a2f82fbc9e5869d4aec5f","ssdeep":"1536:t/vTXZsuUtLxbNpU7PPnUMwdFm87sOWE4yhS/9xMuERbONO6R0zjxQH2k:JNsBvN27PPnPw7m8gC4yhM99wCNO6izM","tlshash":"2493125b07745bba78762bd230d21f381be5eec52177031d2ea3630296a2c5b0bb474e","first_seen":"2025-11-08T08:33:36.077673Z","last_seen":"2025-11-08T08:33:36.077673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3102,"timings":{"blocked":2492,"dns":0,"connect":0,"send":0,"wait":319,"receive":291,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/handlee/v20/-F6xfjBsISg9aMakPm3wow.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:51 GMT","end":"Mon, 05 Jan 2026 08:38:50 GMT"},"fingerprint":{"sha1":"89:73:B0:EF:F1:BA:6A:DA:6C:2C:87:70:0D:17:11:82:30:E9:13:68","sha256":"96:8D:5D:62:3A:3A:D6:CD:06:9A:CE:52:F4:2D:91:F9:66:13:40:F4:5F:9B:88:3D:55:04:79:E3:14:96:51:FA"}}},"request":{"raw":"GET /s/handlee/v20/-F6xfjBsISg9aMakPm3wow.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16148\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 04 Nov 2025 20:28:47 GMT\r\nexpires: Wed, 04 Nov 2026 20:28:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 302664\r\nlast-modified: Tue, 16 Sep 2025 13:27:56 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16148,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16148, version 1.0","md5":"d46baed778c610df29c3f619e9334977","sha1":"df9654849f0419e6fd89f32e11a0f5f0e9838ad5","sha256":"d3807ea30015f5082c0a3e2b7803885310db888be091dbc86fecb1ca67f3c622","sha512":"0644b8024f9840b05d528745a208955d88e06fa0cc212d3bbd1d0750a32e9e1b188657a4270eddd19610d8419bb459cd1bcbf4464ea943c61c3f9cb15c0697e9","ssdeep":"384:6uoLfdN7Y4FBDaMd/oIFymCLIM314OVSxkgsJ1iK7Qb:6RLV5nzVoRmu/3CA3gsiKEb","tlshash":"a172e0d84605db46d1eadcb4c6ed28fdd3efe48823e073897c2e22b4c29d0653982791","first_seen":"2023-05-07T16:31:11Z","last_seen":"2026-04-09T05:27:08.074378Z","times_seen":483,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":60,"dns":1,"connect":21,"send":0,"wait":10,"receive":3,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.13.1/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 08 Nov 2025 08:33:09 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10392\r\ncf-ray: 99b3b951ec4e23eb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eebda3d-e637\"\r\nlast-modified: Thu, 18 Jun 2020 21:18:53 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 988389\r\nexpires: Thu, 29 Oct 2026 08:33:09 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=iPAYhu8jDodqqRnNv46DMyMQLH%2FTRsjPy%2Fiv4nVuPQQU0WVimZakgR3F4SkMwzUPo45Pry%2FCgH0bKMJ0jMrHTCLlXOCHPyQwt0cLqbhrWi1K7rA19GF841%2BattCji8ometi%2BqW4o\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58935,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (58749)","md5":"870dbf9e3d22ee9d7cd21acc620e107b","sha1":"61e37af38389d10e3ec44b0f5f05b10978c23768","sha256":"d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10","sha512":"c40e87a7aa1ece18dde8b88b6729eeba49bcd1ff01a19dcea5c1186aa2a8095dc72900eb6230c4d46bbca1cc60c685e6c264b33388aa3ef0ac3a440d8aee3518","ssdeep":"768:gEC31sPiyLNq4/xtoAbHJ2kEBR/MMQyYJIXtBjtF5Qzl:gE/PxLE4/v5HQpBCfOtBt4B","tlshash":"5543fbb8e54c01c9a731c44bff81b2bc61baf73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-09T11:48:45Z","last_seen":"2026-04-08T19:43:29.072101Z","times_seen":1277,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":10,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/trainer1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/trainer1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:57 GMT\r\nETag: \"a414-5e18950481a33\"\r\nAccept-Ranges: bytes\r\nContent-Length: 42004\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":42004,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3","md5":"28e79748a8d9d0c198ed8babbb764c5d","sha1":"1874984c72ab80732a47293452dd74094175dfff","sha256":"c5b8dd5fbaa55f17463ce05579b04646eb3104e1cb7fca6b73835e88a08aa71f","sha512":"da5666f655ba14a23047446359028ee1612257f26ea20a014637fa6adf65efc1d05c60023cf525a514ac6ccab29f133522ac6bdabf38469bf64f75a34f122801","ssdeep":"768:j4AhH1VwkjDBACnxSPV+5rsbcio+iiQ6pDx+O4UE0VUdXuH0s:jJbDBjx6oioIp1+OE0VYqP","tlshash":"bb1302e59dc24fea3b414aecd6016d17e28666f48c9e2db74b9130e077e5c844c8bdc1","first_seen":"2025-11-08T08:33:36.082262Z","last_seen":"2025-11-08T08:33:36.082262Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2794,"timings":{"blocked":2495,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/qr.png","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/qr.png HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:53 GMT\r\nETag: \"328-5e189500e5cbf\"\r\nAccept-Ranges: bytes\r\nContent-Length: 808\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":808,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"c51cbef9b01890d3929443f71dd354e8","sha1":"c269df912413d5aec46401991d5eab46a7f361ba","sha256":"a050d4371f7ae05986f555bcc4455c6cb8b06bcc0dff9f0d27f88e8e3c4afa2e","sha512":"bf7082e1166d9f9eb00235d568db4ff84fea8e52d769e68e339ceb9b0d04ddf3f86137d2a909b4ba28e22e62a127e6f740fba49eeda80661f63416fee4336bab","ssdeep":"","tlshash":"6601ca26ebb0ec2e4b8708ab1fe19564c411d30d0c07c684c04d550845cbdfcefd6e62","first_seen":"2025-11-08T08:33:36.084127Z","last_seen":"2025-11-08T08:33:36.084127Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1720,"timings":{"blocked":1425,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/header.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/header.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:49 GMT\r\nETag: \"30a38-5e1894fd79136\"\r\nAccept-Ranges: bytes\r\nContent-Length: 199224\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":199224,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1080x500, components 3","md5":"6ca7ba2fd05af09c0d82687ab28ba82a","sha1":"2aa26cea8c6f1e29bb70fe1df002735edd0f9575","sha256":"66291e006c8f0aafcc49ddc909c88a993d6ea4271e2c2313c1f1c7dc3a307e9d","sha512":"7ced5362b7a319915cdcd5407e67eb11a55b82cb2781a0a85af019a0569d6f95442e3b6ae31f4f4fa52134262a07f8fadd5097c66be8e12497c90dee04103609","ssdeep":"3072:C2WMGE88g9qBS7T8cXrHlhDWC2lrvIgsFlPyU0kC2u8enPhHWPNWUUIsQj7w7K0v:aM/8ImocZFWCWrgbbyUWtnp21jjs7LCA","tlshash":"d1142311ad4fa4db71f697f9d8d19b7d3e8688c840b890430de29db2f427228f86d5d8","first_seen":"2025-11-08T08:33:36.085997Z","last_seen":"2025-11-08T08:33:36.085997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5156,"timings":{"blocked":1645,"dns":47,"connect":307,"send":0,"wait":308,"receive":1530,"ssl":313},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/hotlatte.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/hotlatte.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:50 GMT\r\nETag: \"5bda-5e1894fdba81a\"\r\nAccept-Ranges: bytes\r\nContent-Length: 23514\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":23514,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x334, components 3","md5":"5e6ebde8e60736e2020b163c476ecb94","sha1":"b80249398b72ab5d85e716aedc6a0c0b12dec370","sha256":"adc11fdf59414b3e70a2ca6e2de929b0d7010fff137331c58e5f429051733533","sha512":"6b6745d4d2267e63dc327e07d0d5866f08631b5918d94cfe09454cff799200670dd9cb1a2235e6157a48f02823ed3e2e74fa4724eb60dae794461e5082c2de26","ssdeep":"384:t7bqv0LX4L0PzWGTrvHgLieM/xVHaQFaGB3V6do61j59chzCnErq5:t7evArLl3vHI92fHdFah117d5","tlshash":"45b2d059d5b158ce79de38e7c8ac2d80f8ec3eca81100a9b14ee9986ec615d4de50d3a","first_seen":"2025-11-08T08:33:36.088071Z","last_seen":"2025-11-08T08:33:36.088071Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3081,"timings":{"blocked":2790,"dns":0,"connect":0,"send":0,"wait":290,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/person2.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/person2.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:52 GMT\r\nETag: \"9767-5e1895004a856\"\r\nAccept-Ranges: bytes\r\nContent-Length: 38759\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":38759,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x334, components 3","md5":"bd765dd9b4b49c46969149f0f945a876","sha1":"1411c8ce4e99bc2d0a3c64bfbf81a38abc0e7d52","sha256":"17a5e2b5f053cc6140271d8c8bc95d0d2d16243486ac2b96b9c8ccb24fbec413","sha512":"6115dc55c012fb912a1d2611c148ee9cc5b2ddd5df0a4ebc92e3fd4a28beed273516b660dc4076f4b75c9c6c6f489a0400e731538d04cb50e9c34d78facbd770","ssdeep":"768:t3xi10W1Cd0Vb9qIlFXSi9aqNQs2lyVKKuKCZp3OLxBBefHMk8Y4E:thRd0VbgI7ZICQs2OKKuZpeLdsf","tlshash":"3203f125a24294e8fce4012fbdd18df11aedae5bb5410b408e89bcfd8060bf2b49df41","first_seen":"2025-11-08T08:33:36.090282Z","last_seen":"2025-11-08T08:33:36.090282Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3370,"timings":{"blocked":3078,"dns":0,"connect":0,"send":0,"wait":291,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/certify1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/certify1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:54:18 GMT\r\nETag: \"19153-5e1896e27e1b1\"\r\nAccept-Ranges: bytes\r\nContent-Length: 102739\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":102739,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x720, components 3","md5":"efa6a5cb89b6cf62748156d2ab347da1","sha1":"d298f5fe74299f98fb20031b3c0d3fa280106e1a","sha256":"de556d77136960bec412846e08e21ab05d1da471b3c457a16acd2cd194ec12df","sha512":"f86ba8fb7ef8c766952c99580c6934ae234afe01b25d38c065fa6d645bef1cb5277f572064d4b9c623dc475ffeed1a3daa99d760fc69eb47d12c758c0004f1eb","ssdeep":"1536:SxWDo7mIq/Lh6Gy4Uq/oKJi4FN/RMabGld30h9jR9lPMqy/Q05gRbOVSBPp:cWD8+yTq/Zi4FZR+d0h9jRqysStp","tlshash":"4ca312f421515731f70c6a9372a243be830be6195547bae44aa1d860ef7e109e5fe33c","first_seen":"2025-11-08T08:33:36.092587Z","last_seen":"2025-11-08T08:33:36.092587Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2299,"timings":{"blocked":1426,"dns":0,"connect":0,"send":0,"wait":292,"receive":581,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Prompt:wght@300;400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:51 GMT","end":"Mon, 05 Jan 2026 08:38:50 GMT"},"fingerprint":{"sha1":"1D:8E:3A:85:91:AC:63:71:94:8B:0E:61:45:34:D9:86:AB:A6:E2:CE","sha256":"E6:93:4E:53:89:15:41:28:27:59:AA:84:50:96:96:1E:2A:98:7E:08:60:AE:68:62:AE:DD:86:AB:DB:0F:FE:2B"}}},"request":{"raw":"GET /css2?family=Prompt:wght@300;400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 08 Nov 2025 08:33:11 GMT\r\ndate: Sat, 08 Nov 2025 08:33:11 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3034,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"fff7bc3d50111e6970a7699abb7ef9c4","sha1":"26af591d2c31a50b101e07eac1e1ce901eb72c3d","sha256":"9a4d6673b3b9f4d88e9c5e2f2e40820467a21660c4538b6629a9b9f4de39f1af","sha512":"b385c70898fc2dd6009e3c57822b813c632e686ffc968be43b22090474be9a03f9538984d58baf6617405c1381f67b5e156c4f3930aa1a00e89ab5103464ba1d","ssdeep":"","tlshash":"1751b9b40026d500eb830dc663cf7e369e8eb1627060c57aaffd0888eceac21535579e","first_seen":"2025-11-08T08:33:36.094564Z","last_seen":"2026-04-01T20:56:15.343612Z","times_seen":4,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:51 GMT","end":"Mon, 05 Jan 2026 08:38:50 GMT"},"fingerprint":{"sha1":"89:73:B0:EF:F1:BA:6A:DA:6C:2C:87:70:0D:17:11:82:30:E9:13:68","sha256":"96:8D:5D:62:3A:3A:D6:CD:06:9A:CE:52:F4:2D:91:F9:66:13:40:F4:5F:9B:88:3D:55:04:79:E3:14:96:51:FA"}}},"request":{"raw":"GET /s/nunito/v32/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16316\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 09:37:04 GMT\r\nexpires: Fri, 06 Nov 2026 09:37:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 168967\r\nlast-modified: Mon, 15 Sep 2025 17:03:35 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16316,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16316, version 1.0","md5":"54ef892116263384392ff608aec1da9f","sha1":"19064e82b37338402b80afc4051ebdebb164a65c","sha256":"a5906e15ceb68f73d3b2c2076b4057c3f6ed401186d56283b45ce12944ca0735","sha512":"5584a9acaf7fc4b62eeb29a505b2724d0781d1f1e5cbba3f99bc795dd941945c996cf5c21c424f16aa5351e5e95fd8065a5e375750913a9b7409b4099833997b","ssdeep":"384:IT8wSUQCnKCNg6I1oB9cvpiN7S+UbmoqBvCYcxk0iSU:IT8LqjgfovccN7S+UbFi7cT/U","tlshash":"3a72d0ade2fcc45ed31ef96945f85ec591b8786ca908f2ef11061014fecd260adee421","first_seen":"2025-09-17T08:06:15.177114Z","last_seen":"2026-04-09T08:49:01.949334Z","times_seen":4297,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":68,"dns":1,"connect":9,"send":0,"wait":10,"receive":2,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-08T08:33:08.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:09 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 24 Jun 2022 04:35:42 GMT\r\nETag: \"7cb8-5e22a1a653f50\"\r\nAccept-Ranges: bytes\r\nContent-Length: 31928\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Bootstrap:4.4.1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]}],"data":{"size":31928,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (478)","md5":"7ca85ae7fca0de46f04c5e3fef5559ac","sha1":"f10ce0ba3a07ac493da67ae379dedc63390f3e01","sha256":"1daf6cd8030dbfb120575a6bb2773f06090e459a81937cba079dcac96393c4e9","sha512":"2c9b9102b028732b8983ce5ad20c8adea38fe3518ce91cf3f202342a9df31bd454ef16a33e1267fed64f705bb6ebe7b3c8b181153abdc04181bdc110de94efe9","ssdeep":"768:JadR7Ch4UIydI8w5I9HpIIG8L+p2+IfeGeEudkZ:YdYWEZ","tlshash":"d5f2423060ae5f7f11c672973410378aa39f8e35ea67a4def1f7c14412c6ea1a425da3","first_seen":"2025-11-08T08:33:36.097893Z","last_seen":"2025-11-08T08:33:36.097893Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2764,"timings":{"blocked":948,"dns":360,"connect":289,"send":0,"wait":290,"receive":577,"ssl":297},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/class1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/class1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:48 GMT\r\nETag: \"1253a-5e1894fc1bf32\"\r\nAccept-Ranges: bytes\r\nContent-Length: 75066\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":75066,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x375, components 3","md5":"7b2b7e3acad02c3a0501545c23aeac11","sha1":"956fdbe91a1b8da9e6d8af4d30d73431b8f3a581","sha256":"64ea000e0e70dcc766dd5474de3ef3e19650736cbdc63a25d01f91e5a2002842","sha512":"d956d9864597d477d9cb0b5f303fb4da596c52934d3d0c1296c0a69b69b066550a8692a29b4564a765e33a0ac28e321aa897b6e889daa47f9ca2ea9844538cbd","ssdeep":"1536:klsdpTfnag6MwJfpxQpXSxM2VXhxp7FhTFPxSke0jatlPI:rfvzvwZHQpXSzRxp7FhTFPNeLg","tlshash":"227312b11f4017ff736cf1fa25936f7350101ae015b935a61ba187623e5249dfd6682c","first_seen":"2025-11-08T08:33:36.100448Z","last_seen":"2025-11-08T08:33:36.100448Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2823,"timings":{"blocked":1608,"dns":0,"connect":0,"send":0,"wait":305,"receive":910,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.4.1/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 08 Nov 2025 08:33:09 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 99b3b954cf245a0f-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"a5334e475209f965b4862f3bedf32618\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:09 GMT\r\ncdn-cachedat: 04/01/2025 22:45:54\r\ncdn-proxyver: 1.22\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 860\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 6dfdec3885689cfacd6537ba8d433461\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1391410\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80698,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65297)","md5":"a5334e475209f965b4862f3bedf32618","sha1":"fac45259046dd90b16d251739108002d67a00b54","sha256":"394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e","sha512":"738c1384f3c2326bb8c6c56e7c91e8928800f57e246b9f1ccbd70461fe6dd78ef04b0d19a38ddfc1d4f2fc80b4935a0bc5771494fbd664c9c3f1b7bad6cc16ee","ssdeep":"768:u09+zQtNHVGCcWTb7zTuBV4KtkSsMtJQ5C/xd7vPn2JNtFiH5jsHaikKrjRM+PKk:ua+OOkSs2Q5CXnFOpc6RvFvVGGZ5","tlshash":"0473d64a3244b47202afa167907f460fb33768daa50e811cb55da8ed2d7cd993267f3c","first_seen":"2023-03-07T01:07:09Z","last_seen":"2026-04-09T04:49:51.087444Z","times_seen":2015,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":47,"dns":33,"connect":1,"send":0,"wait":10,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/lib/owlcarousel/owl.carousel.min.js","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /lib/owlcarousel/owl.carousel.min.js HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:10 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 13 Jun 2022 15:22:49 GMT\r\nETag: \"a70e-5e155dc67b74a\"\r\nAccept-Ranges: bytes\r\nContent-Length: 42766\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":42766,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32000)","md5":"b7b9c97cd68ec336d01a79d5be48c58d","sha1":"1a99890b57c9859a622337ed0b2f989d6e30cc0e","sha256":"b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43","sha512":"968e18822c24c6c54827999ec766fe54750a9489d22b6a45b641854731ec00beb8fd93b9bda8823e67463f7a99ab587d333673821ae90cfdf7e92716ba050c4e","ssdeep":"768:JBA7PMMFA0tdlXKNSR4vlGRep2lcwJeL+C2jQdc7/CORUQuFBt33:HAIMFFdYMxAcLQDV","tlshash":"cb137346b3202d2a869b61a0663f160bb23a291ce414507d7d7da6de6d7dc4c213fbfc","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-09T07:28:40.009104Z","times_seen":16167,"resource_available":true,"data":null}},"time_used":1478,"timings":{"blocked":318,"dns":0,"connect":0,"send":0,"wait":289,"receive":577,"ssl":294},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/prompt/v12/-W__XJnvUD7dzB2KdNodVkI.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:51 GMT","end":"Mon, 05 Jan 2026 08:38:50 GMT"},"fingerprint":{"sha1":"89:73:B0:EF:F1:BA:6A:DA:6C:2C:87:70:0D:17:11:82:30:E9:13:68","sha256":"96:8D:5D:62:3A:3A:D6:CD:06:9A:CE:52:F4:2D:91:F9:66:13:40:F4:5F:9B:88:3D:55:04:79:E3:14:96:51:FA"}}},"request":{"raw":"GET /s/prompt/v12/-W__XJnvUD7dzB2KdNodVkI.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13192\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 09:37:49 GMT\r\nexpires: Fri, 06 Nov 2026 09:37:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 168922\r\nlast-modified: Thu, 28 Aug 2025 11:24:27 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13192,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13192, version 1.0","md5":"411c0b4692c9ef0bebdafff2a7d12ada","sha1":"481ad8102233682a320b606ad91acc016fbe6be9","sha256":"d10643e148806b6ec9976370cf78b43b0542b6c457ca14b5fc89a5d2fdd156f1","sha512":"d64327c83cc1635dd6503525dbeee80c16ab938e77c1b2f59ba0f72aed4510618dfab01dd97ce2c03e23fa01f7db80763f203ff931f94ddf37ef839bbcf8c984","ssdeep":"384:yB4Hky5vaUfUEk3hXAVcyWd2mDM/JLIU8:hHky5vjfUHtAWYmDUI5","tlshash":"7442cf536094626e71f41fbe84d886543af7a2b34bd37a74d130981391fade192f4c2d","first_seen":"2025-04-28T22:18:44.543524Z","last_seen":"2026-04-08T23:13:29.968589Z","times_seen":1115,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":63,"dns":1,"connect":24,"send":0,"wait":15,"receive":2,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/light1.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/light1.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:11 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:50 GMT\r\nETag: \"1366d-5e1894fe5d59b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 79469\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":79469,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x331, components 3","md5":"3c7de4c1e4fd648ae79215a9408da91e","sha1":"173ad5833d6ad689f74b5b0dfc9d7e516e977a3a","sha256":"46628444f3856f4d17ce521f1f7f10eb87154dddf4e645ba13cda871897021ed","sha512":"dc50fd938e4bb19cccabd9dfa114a36f63b26bdd94528df3a73a4169b3b01f7e2b24ec95bae32d2be8389d3a31be1674942bb69c0b6d5b77b6ed7fa7b79122bd","ssdeep":"1536:Q04U21PNyaXviyDke5+9AtHbaTDcY0KzHL2+mC31XaGqw9qaL/oP/nKTFj4:z4U21MafOSbqYY0U7Alw9qIonKTl4","tlshash":"d4730236939242ce323b4c9496308baea4df1bdb7ae5d0c150f570d68efb16aa311646","first_seen":"2025-11-08T08:33:36.105788Z","last_seen":"2025-11-08T08:33:36.105788Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3064,"timings":{"blocked":1644,"dns":0,"connect":0,"send":0,"wait":288,"receive":1132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.13.1/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 08 Nov 2025 08:33:11 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 77444\r\ncf-ray: 99b3b95e9fcb5697-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"5eebda3d-12e84\"\r\nlast-modified: Thu, 18 Jun 2020 21:18:53 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 126338\r\nexpires: Thu, 29 Oct 2026 08:33:11 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=S9lIWLeMhmNhMPkffptexiowqrNAKKa5Ry9OHKYiOSgMokM8Z6ZhgRQ3nyG02UmMbzwvDM68Csg1lljUbGFUTGewk%2F6aU%2Bm6vyerpP3rXIdKDxBkb1KANVC2yEmXWQwKnN8WJg1%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77444,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 77444, version 331.589","md5":"91a23e8bf2b4b84c39311cb5eb23aaa0","sha1":"992e28bfb17bebc55d628d1b743d4c7d20082c19","sha256":"e98ae3ff936b4723cd8a2377d2c549a667ce87e81201ec4995cc01bd374c1288","sha512":"b5d7c675c1dc26d3ece7d7969064d6e7c9806c7825d6a8c600b4cf70813671427f5854720201870fe006057300daf03da92d6949a92726ae8700fc93f33a77dc","ssdeep":"1536:xK8JQ+TVbXbfuv8zuSLeV74SsRg6aWWPPjTduvyR2lBNjJI:bzVbGEzulaDRg3puKR2lBNju","tlshash":"5373027909f465acaa48b1777fd97c4c878d88ac2e974c3416077e12d861b2f19ec13a","first_seen":"2023-04-17T14:14:30Z","last_seen":"2026-04-08T19:43:29.109508Z","times_seen":778,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/prompt/v12/-W__XJnvUD7dzB2KYNod.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:11.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:38:51 GMT","end":"Mon, 05 Jan 2026 08:38:50 GMT"},"fingerprint":{"sha1":"89:73:B0:EF:F1:BA:6A:DA:6C:2C:87:70:0D:17:11:82:30:E9:13:68","sha256":"96:8D:5D:62:3A:3A:D6:CD:06:9A:CE:52:F4:2D:91:F9:66:13:40:F4:5F:9B:88:3D:55:04:79:E3:14:96:51:FA"}}},"request":{"raw":"GET /s/prompt/v12/-W__XJnvUD7dzB2KYNod.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://cafemania.73823212-46-20190607220758.webstarterz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 17940\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 09:39:43 GMT\r\nexpires: Fri, 06 Nov 2026 09:39:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 168808\r\nlast-modified: Thu, 28 Aug 2025 11:25:32 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17940,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17940, version 1.0","md5":"d00c3e51355e3bb01c063709fbab809f","sha1":"13dadc7c5b140de8748bc9203573b93931451126","sha256":"76f4b0e556e9bdcdcd9c839d20f5e3420a3ccca3f2d5da2f7beefb0e95a09bcb","sha512":"f25c89140713d8d0f135d05f658cc46473e1664376486271aef7239e01999fe9ef32ac5d839183c3c22026eb7a7bbd4d102f1beb0c531c80a80e25b04a580674","ssdeep":"384:nhLa3NqEycXKtdAqWvZH8VqnY62EwwlcES75nBCOmplNSkTkb:n4IEycXY5WllvvwvHnf4yQU","tlshash":"5782d1cd9304ce64b06b600e2b61b48463c72f77e938c77f5146cd35abda9574e112a5","first_seen":"2025-04-24T06:53:03.973679Z","last_seen":"2026-04-09T03:31:47.785518Z","times_seen":3008,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/css/style.css","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:09 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 13 Jun 2022 15:22:48 GMT\r\nETag: \"2c52d-5e155dc5377a0\"\r\nAccept-Ranges: bytes\r\nContent-Length: 181549\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":181549,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (629)","md5":"ce2f7c36ad22570328d72cdefdc09c87","sha1":"b6dec299fb7f0060396b88b4541d5850ec159b70","sha256":"248ffea288ecbc80a9a7570786fc4dab6e9ef8acb7165b601e0474188205e4a4","sha512":"5a4350fe1352500e6c4c89887e076a3f7c2edeac550a4a311f3a7f766ec63c3251bd499ad6dd27f3309fdaacd530686b508dcf65b3a069cbd00d9b580003f690","ssdeep":"3072:gWeirUrH/zlULyEgDEUt2MmnfxH7OLSN1o4kIJ5mkzu/zDL4iDF4Q:gWeirUrHJULyEgDEUt2MmnfxH7OLSN1c","tlshash":"2c044459fdf02504707b966c6496e7e57b2e8082c61ecdbab6e23128df4d3854cb3d88","first_seen":"2025-11-08T08:33:36.108892Z","last_seen":"2025-11-08T08:33:36.108892Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1647,"timings":{"blocked":198,"dns":0,"connect":0,"send":0,"wait":292,"receive":1157,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cafemania.73823212-46-20190607220758.webstarterz.com/img/icelatte.jpg","fqdn":"cafemania.73823212-46-20190607220758.webstarterz.com","domain":"webstarterz.com","tld":"com"},"ip":{"addr":"163.44.198.42","port":443,"asn":135161,"as":"GMO-Z com NetDesign Holdings Co., Ltd.","country":"Thailand","country_code":"TH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cafemania.73823212-46-20190607220758.webstarterz.com/","date":"2025-11-08T08:33:09.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.elevendoi.73823212-46-20190607220758.webstarterz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 05:47:33 GMT","end":"Tue, 03 Feb 2026 05:47:32 GMT"},"fingerprint":{"sha1":"22:1C:69:C9:F2:64:47:43:D1:FB:8E:64:8E:91:94:A5:E2:E9:DC:18","sha256":"AB:33:99:25:18:BE:E7:6B:20:4F:E5:FA:65:93:4D:B7:91:A9:7A:C6:B2:CE:FA:35:E0:E7:E7:2E:03:57:64:E2"}}},"request":{"raw":"GET /img/icelatte.jpg HTTP/1.1\r\nHost: cafemania.73823212-46-20190607220758.webstarterz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cafemania.73823212-46-20190607220758.webstarterz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 08 Nov 2025 08:33:12 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Jun 2022 04:45:50 GMT\r\nETag: \"a9cc-5e1894fde8a64\"\r\nAccept-Ranges: bytes\r\nContent-Length: 43468\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43468,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 612x408, components 3","md5":"a76f3224b728c7514f22d166bf0eebe1","sha1":"27c849c3037ba1924d750f6c2b17f27df303be9e","sha256":"432e0cec87e4f2adddd76e3578dcc1f23a608d841a29600cfb3d6600f86207ea","sha512":"9ed662c926981f70e763867559027ca37b327c01c73435d8862d3a890180167c49fbe008c3575da6f8e2111dd20b7e42b2c709905ae20b3f4442cf49d000c414","ssdeep":"768:OdTY4Nk+03snvEzp4tI+JNKb2IKuAHJYLqruPJ55tKYjCqHHax6gfh:OZq9cn46lJbvdpYh5g+CqnaxLh","tlshash":"a8130262b7c95bc43b5781f19330cc4fafe8e46463c51601aeda29495ea43c2ddb3a39","first_seen":"2025-11-08T08:33:36.110035Z","last_seen":"2025-11-08T08:33:36.110035Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3174,"timings":{"blocked":2549,"dns":0,"connect":0,"send":0,"wait":315,"receive":310,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-08","alert":"Sinkholed","trigger":"cafemania.73823212-46-20190607220758.webstarterz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}