{"report_id":"8905ecc3-bdb9-4a1e-8ef8-93ab3a8b91f9","version":6,"status":"done","tags":[],"date":"2026-01-05T20:28:47Z","url":{"schema":"http","addr":"twinply.shop/vid/Rrwyh8cz3","fqdn":"twinply.shop","domain":"twinply.shop","tld":"shop"},"ip":{"addr":"172.67.203.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"twinply.shop/vid/Rrwyh8cz3","fqdn":"twinply.shop","domain":"twinply.shop","tld":"shop"},"title":"Rrwyh8cz3 — https://twinply.shop","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"twinply.shop/vid/Rrwyh8cz3","fqdn":"twinply.shop","domain":"twinply.shop","tld":"shop"},"ip":{"addr":"172.67.203.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T20:28:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":12}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"vidoes.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"hotloss.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"stream.alflix.cv","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"vj.cubirashly.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nv.loristracked.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"tan-mouse.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"thumbs.alflix.cv","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bartererfaxtingling.com","ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":58323,"first_seen":"2025-05-24T21:02:57.974133Z","last_seen":"2026-01-02T21:35:20.715631Z","alert_count":0,"request_count":4,"received_data":204076,"sent_data":5087,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pagead2.googlesyndication.com","ip":{"addr":"142.251.38.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2003-01-21","domain_rank":610,"first_seen":"2012-05-21T07:15:40Z","last_seen":"2026-01-05T03:22:45.851126Z","alert_count":0,"request_count":1,"received_data":790,"sent_data":438,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vidoes.live","ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-21T11:58:02.822406Z","last_seen":"2025-12-25T21:06:49.283052Z","alert_count":3,"request_count":3,"received_data":127190,"sent_data":1443,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"a.labadena.com","ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-01-21","domain_rank":266368,"first_seen":"2020-05-24T00:28:49Z","last_seen":"2026-01-01T20:27:54.742353Z","alert_count":4,"request_count":4,"received_data":4293,"sent_data":2388,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":1,"received_data":18927,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"enrtx.com","ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-10-07","domain_rank":18023,"first_seen":"2024-11-04T09:19:58Z","last_seen":"2026-01-01T20:11:04.030943Z","alert_count":0,"request_count":1,"received_data":4707,"sent_data":486,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.popcash.net","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"2012-08-13","domain_rank":609759,"first_seen":"2012-12-16T03:00:03Z","last_seen":"2025-12-31T11:25:16.192787Z","alert_count":0,"request_count":1,"received_data":111747,"sent_data":407,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"nv.loristracked.com","ip":{"addr":"23.109.253.37","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-12-13","domain_rank":0,"first_seen":"2025-12-16T04:22:11.879234Z","last_seen":"2025-12-30T12:35:48.610252Z","alert_count":1,"request_count":1,"received_data":1411,"sent_data":424,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a6a1c6ffd0.35c82e35f3.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-12-06","domain_rank":0,"first_seen":"2026-01-05T20:28:49.887164Z","last_seen":"2026-01-05T20:28:49.887164Z","alert_count":0,"request_count":3,"received_data":254401,"sent_data":1424,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"vj.cubirashly.com","ip":{"addr":"188.42.241.221","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-12-20","domain_rank":0,"first_seen":"2025-12-25T21:06:47.060617Z","last_seen":"2026-01-02T16:33:50.115905Z","alert_count":1,"request_count":1,"received_data":1411,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.plyr.io","ip":{"addr":"104.26.13.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-02-16","domain_rank":65563,"first_seen":"2015-03-05T06:48:14Z","last_seen":"2025-12-29T22:27:34.471214Z","alert_count":0,"request_count":1,"received_data":6501,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-12-31T09:44:40.044694Z","alert_count":2,"request_count":2,"received_data":815,"sent_data":1044,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"hotloss.com","ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":39311,"sent_data":1040,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.tapioni.com","ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-05-27","domain_rank":177570,"first_seen":"2021-07-01T10:46:55Z","last_seen":"2025-12-30T16:00:34.964181Z","alert_count":4,"request_count":4,"received_data":637919,"sent_data":1642,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ntvpforever.com","ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-18","domain_rank":18811,"first_seen":"2021-11-19T01:49:18Z","last_seen":"2025-12-30T20:00:28.194965Z","alert_count":0,"request_count":2,"received_data":695,"sent_data":1020,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"driverhugoverblown.com","ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":75021,"first_seen":"2025-03-30T06:27:07.780857Z","last_seen":"2026-01-01T20:27:54.624349Z","alert_count":0,"request_count":4,"received_data":165002,"sent_data":3155,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"thumbs.alflix.cv","ip":{"addr":"104.21.14.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-21T11:58:02.830415Z","last_seen":"2025-12-25T21:06:49.322834Z","alert_count":1,"request_count":1,"received_data":73950,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.pncloudfl.com","ip":{"addr":"104.20.30.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-04-20","domain_rank":95245,"first_seen":"2021-06-07T14:28:03Z","last_seen":"2026-01-02T04:51:27.749777Z","alert_count":0,"request_count":2,"received_data":182675,"sent_data":964,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"tuqojtancv.com","ip":{"addr":"94.242.247.32","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-10-03","domain_rank":0,"first_seen":"2026-01-05T19:03:20.370414Z","last_seen":"2026-01-05T19:03:20.370414Z","alert_count":0,"request_count":1,"received_data":1572,"sent_data":543,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2026-01-05T00:14:18.31671Z","alert_count":0,"request_count":3,"received_data":6911,"sent_data":1784,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"stream.alflix.cv","ip":{"addr":"104.21.14.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-28T14:20:50.438335Z","last_seen":"2025-11-28T14:20:50.438335Z","alert_count":3,"request_count":3,"received_data":1778468,"sent_data":1554,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tan-mouse.com","ip":{"addr":"88.85.69.212","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-11-29","domain_rank":0,"first_seen":"2025-12-25T20:47:06.154269Z","last_seen":"2025-12-25T20:47:06.154269Z","alert_count":2,"request_count":2,"received_data":39323,"sent_data":1044,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"dcba.popcash.net","ip":{"addr":"18.206.206.130","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2012-08-13","domain_rank":494908,"first_seen":"2018-01-31T15:18:32Z","last_seen":"2025-12-30T19:07:14.878923Z","alert_count":0,"request_count":1,"received_data":196,"sent_data":434,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.ktbch.cloud","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-03-25","domain_rank":4384698,"first_seen":"2025-06-25T22:55:06.331645Z","last_seen":"2025-12-25T21:06:47.756927Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":406,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-01-04T22:18:41.67311Z","alert_count":0,"request_count":1,"received_data":433601,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"twinply.shop","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-31T11:25:15.419688Z","last_seen":"2025-12-31T11:25:15.419688Z","alert_count":0,"request_count":2,"received_data":6777,"sent_data":938,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"e5824b3f38.76e3d5200b.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-12-06","domain_rank":0,"first_seen":"2026-01-05T11:31:42.18582Z","last_seen":"2026-01-05T11:31:42.18582Z","alert_count":0,"request_count":1,"received_data":345,"sent_data":833,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"nereserv.com","ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-12-21","domain_rank":17097,"first_seen":"2020-12-21T11:07:56Z","last_seen":"2025-12-31T14:16:10.611482Z","alert_count":4,"request_count":2,"received_data":644,"sent_data":1104,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":3,"received_data":697735,"sent_data":1304,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hotloss.com/cBDy9.6dby2/5mlNSKW/Q/9vNpjfY/5SO/D/IZ2-NXi/0U2yNcjDkA4VMDjkYX3B","fqdn":"hotloss.com","domain":"hotloss.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab706ebe7c5b36e2e9680c5ee9553129","sha1":"65b3cf049bda9433b4ea79164c9d05fe8aaddaf9","sha256":"298507e4c7409bd0fe294557f40511cde4dbb5389eb7657aa691eade5b7aa55c","sha512":"e5b83c18fc2b12e255f73e0215fb61f4cade97ab1d7e4829d55e3d29bd56a43eaaa776f751a54f51b59437146cf16fdd3cd14beb3a2356719c27755b36fb0b83","ssdeep":"768:bZhdZg7J05MLfTF9dFaQNp8JY29c6SboEBkleZ2YoOcLhIOPTgLgooDMiG82IGz7:bZ1g7JFLqQNp8Jr9c6SboEBkleZ2qcLE","tlshash":"1c03a6c8b1c3642642ea507d713b7208b23a54655429b028bc79c8e4fcb9e9f8577bbd","size":38007,"data":"","first_seen":"2026-01-05T20:28:58.415864Z","last_seen":"2026-01-05T20:28:58.415864Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a6a1c6ffd0.35c82e35f3.com/133dd3e386fc47f05aa38e69bbd96649.js","fqdn":"a6a1c6ffd0.35c82e35f3.com","domain":"35c82e35f3.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2f32802c43a8d95bb13e2bf58e3f0a4","sha1":"15246a9eb4cb7cde52369bd1fdc35908f5279d00","sha256":"4668d1c4351ace7e86b543c992cb17cdd15407847b207edf6dfab101ff57e25c","sha512":"1fe832cab8641e1fec4ef84f31ec835d53f51d757a93e56c58da574b1879e9d5b0822f14d9b7a8a2a02ef98a55fb8e5963fe69e74bc1d1144ac78c9556859951","ssdeep":"768:uAiyOOIGF3vRzxnR0i+bhLrhL5xub8JwfPsEIyp+dZIioT9FeWVbuoUfwqNl1iWJ:zOOlBB0FuM0Xi77Jc/sknkU8JRVUi","tlshash":"74a3298a32a1f4b006e244da943b0216f33e1929740e905cb7adddd5791ad4fa236f7e","size":104174,"data":"","first_seen":"2025-12-18T08:36:30.965351Z","last_seen":"2026-01-06T08:03:45.153096Z","times_seen":315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nv.loristracked.com/rdXqPgOBW4Uds/131675","fqdn":"nv.loristracked.com","domain":"loristracked.com","tld":"com"},"ip":{"addr":"23.109.253.37","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T06:33:33.093087Z","times_seen":14785,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"88def6e407093a47722617ddfae06778","sha1":"d9812d2e57fcc27a94b8402b565a7e735dfa988a","sha256":"6489354ee07b926278627bc2b0af1be32aa588dca10d25d70067bfda2aaf9e07","sha512":"04990a4d43d080d7f313e1bf41a06bd98bde956f63295976429f301052085e1ae5f11c2d4056683f062a17702e2d35f20a818063d1325920581dada09e02313d","ssdeep":"","tlshash":"99411ca8ec90968e03808f79337ae2d2e6acdd5c09685483e012ed807818a25fbd7c71","size":2360,"data":"","first_seen":"2026-01-05T20:28:58.455937Z","last_seen":"2026-02-07T05:38:38.851635Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4402ff91a4c2c14641427454c831602","sha1":"720e8365191135a4745a533a843f4acd32292df9","sha256":"0019105a70cd9bed5725359fb59b243d481224ce5fc68a317a4637ca853e3829","sha512":"c5f5215cec44e91fc07547550c764cdce55e38cc3107a037840777c013266fe86b37c22f34c9687ff3198c3fce27976ae4fd7bb609e9a99ba4afd7a62ef25134","ssdeep":"3072:kg9Ou1GUClpCuDFiYLPSYOP5iXac/znNTxx7p+Qw:Ku1GrlUu5SZ4XZDx7pY","tlshash":"7634b78cb6c1b4e586a361b4023f181af3773a15744ec481b52dd6d16e7ea0fa927e3c","size":248445,"data":"","first_seen":"2025-12-23T13:01:17.084993Z","last_seen":"2026-02-08T15:49:19.807881Z","times_seen":441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d01017191eac6655155f7834a2792ab9","sha1":"dc2f2acd45ed143d8b591fafecd5d47283cbe4b6","sha256":"135de6f611926b0c2c207c236781410baff095c7de7251a5637d9132452abfb1","sha512":"bc34a5c4461360e2dae1b0dd97e68770daedfdd6353ecaa51de3339b1f247196faf8a6343ae74f80ff537c1a229cf6c35c95411082778db22cceebfab0f4eefd","ssdeep":"","tlshash":"ef60003f00000000003300cc3c3000000000c000003c00000000030030c00000030000","size":12,"data":"","first_seen":"2025-12-07T22:33:23.275963Z","last_seen":"2026-02-07T05:38:38.855448Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"19242f771e7d83be2a2bc746ee6ac764","sha1":"fd33829fb6e31fe099aebdf67e41dc85e733554b","sha256":"0518a74c1cf289cb46fe100dd7d1fdac299782515a4e9d391be612dd30ce91d6","sha512":"c5414c0130ab560b937f2d20bdbecb9589c594cb0fc47f0d948d6c782c50751bc6b1cfbf350736aa9c0158a5ee99f7f5a8a92bf1a5898a54b1c541885a510ebe","ssdeep":"","tlshash":"b0e0263c1d31d13480221cfa72fec5a8b9b338203d63e9427c4dec3d9940e87588b8a0","size":327,"data":"","first_seen":"2025-12-31T11:25:28.676721Z","last_seen":"2026-02-07T05:38:38.85373Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/505952?host=vidoes.live\u0026ev=228\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b\u0026i=1\u0026referrer=twinply.shop\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a816daff003d28d992f1ebb549626eb","sha1":"bbf10f69c002b1375a869d16f30393d5721587c6","sha256":"c72c731ca46c9158109698e103b2682e810ce1fdf00f39ae0529ab183a2a4152","sha512":"d57e3e1a0e28e247ad946b64a3d9fbca5624a23bd1017ca9e3b5ea5215dd0eb63776d6869cf9d074a0add0228114064ac803cc6d592e3fd12ce925ea99f9f87c","ssdeep":"","tlshash":"2601ddc0478c65fe8b0855a7e83e4eb6dd5d853c6754901afb28530f55ce18203a129b","size":668,"data":"","first_seen":"2026-01-05T20:28:58.429735Z","last_seen":"2026-01-05T20:28:58.429735Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/get/2090229?id=2090229\u0026var=100111\u0026jp=_clcrzvyslwnnusvecevvnv\u0026dr=102\u0026cuaa=1\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=3l0UarmaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=2086169213510144\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=1\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pi=W1oqmg\u0026pload=1251\u0026rlp=%5B0%2C121%2C151%2C95%2C22298%2C3969%2C409%2C3969%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0\u0026freq=0","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbd9b5154c2990626f32b44e9592ac94","sha1":"cf79bd030f58d307f01dac6ad9e1397e0b38e470","sha256":"b815af53ca12649f2967fedf01d198f15d9aa6c2abdf76a630ef1df6b4ec0d11","sha512":"35fd5492e2b0b46361b071b188754ec2d62274d881e94a53353429a1688c724d5d6ba27c254146b4ade2d7d5b8d91642c9f90f1f2aac53e513adb80e82bab96c","ssdeep":"192:GwsiDqQ8j2jY22E6Irn1silb3ZD1rij277ovjs0IcK:MorrBJD1povjszcK","tlshash":"33d16d462975d5d7680c9c1732783e9b68d60aec8bc7fc6802b5c128858e73a68224df","size":6513,"data":"","first_seen":"2026-01-05T20:28:58.403096Z","last_seen":"2026-01-05T20:28:58.403096Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"twinply.shop/vid/Rrwyh8cz3","fqdn":"twinply.shop","domain":"twinply.shop","tld":"shop"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f2ed0fc319ec5ec7c36ced7254048ba7","sha1":"d1ea526178357b526474906fe0a859a9861f0f76","sha256":"d05980c124c0db6e6d2424013006eb9c6d733ea8d96e4c41c624f80c72b9341e","sha512":"8d4403a2d0a212e94334087bf39530b2b06bc0f8f5af4e46550f3d7159b2e794531f37a8842fbd67cfa149f0530d13f35a027b1d6a77a5dab1c2d9e775c0c993","ssdeep":"","tlshash":"dbe0ab2b329020bcd4eb44ab22f7ef063832021a7041d122751e93a10f61564646fafd","size":436,"data":"","first_seen":"2025-11-21T11:58:21.787452Z","last_seen":"2026-02-07T05:38:38.862015Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1962fe3d604fdd0c33adc30a72a71a97","sha1":"ff0560109893a6f8544b3bde9b02f8bd3161c505","sha256":"b349b1abf11ad3446e4e78db1d085d83ed2f89134fedcd42a223d67dc755670a","sha512":"00f003079608b1648ae98dc7da8e4b2599226963e5bc1fbafbd0240a7f8f1834271e4d2a5724f31c98d1a3264dde7c227fc2becb2f7c81057bf1285aab4c40e6","ssdeep":"192:F4+vqmUo/gEKY8/3Vn16FuUuzKnfdo8E9wqpbztyksr6aBvWDGe:NvxUo/lKp/Tcdnfm8E9bzskU6ZDGe","tlshash":"e802f9b22282e46d83a51ced657a6868f07a0941344bc194f0fcde533c27547d6f2ebd","size":8530,"data":"","first_seen":"2025-12-31T11:25:28.679374Z","last_seen":"2026-02-07T05:38:38.857526Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2bd7896282fae2dc085070a2b5f43ca","sha1":"b2e6820695e68db2dbb77a95c70fd651db53c581","sha256":"dc3a97ae05dfd044edeff249dea8707e1e46defeba8ad69e5e3e6a7f47b62620","sha512":"e8870aca6cfd5d7606e80f7e5cbe5912d3af05736bce9254b012919499253c3684e297879ee37d36bb21a774e29baa9c56c6b9b60bfc81fc28a89f250691e4fa","ssdeep":"1536:+9zwiun7syoQ28WmEDEMIqhr3O/0ieQhNlh0/RNzf9kcbOFUtAlPDfVwgpiOHrg6:+XD+/sQjH2zFkcbOqtUDSGuusvdHIN","tlshash":"0de3748c768bac320622b02d0c3f520ab725dce5d6b95514d067c1c9b97fc1b9276afb","size":157005,"data":"","first_seen":"2025-12-24T14:26:06.873721Z","last_seen":"2026-01-12T07:53:54.730368Z","times_seen":434,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d3fe699575fdcd2725610bc7390a6338","sha1":"61eac9fdb00066e787c75d5c8b1470f87c4a03c5","sha256":"ed8831fe8eefcacea48420e99639fe048df0bb0bed85f333730cdbf595b0d1f7","sha512":"69ebee2f677dea7393c0514e1e9f5cc004c837dccbd02eeb86f888bf0a6b825a8393069b0e57ed963e5eb6ba7743440a94b471ddd53410d7e25fc8dd5904152e","ssdeep":"","tlshash":"42b012c52791604089531412083a5c80f1b40c601e39cc81600cc4680cdc6b8825e8bc","size":89,"data":"","first_seen":"2023-04-12T00:00:36Z","last_seen":"2026-04-01T22:14:59.367329Z","times_seen":2230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4402ff91a4c2c14641427454c831602","sha1":"720e8365191135a4745a533a843f4acd32292df9","sha256":"0019105a70cd9bed5725359fb59b243d481224ce5fc68a317a4637ca853e3829","sha512":"c5f5215cec44e91fc07547550c764cdce55e38cc3107a037840777c013266fe86b37c22f34c9687ff3198c3fce27976ae4fd7bb609e9a99ba4afd7a62ef25134","ssdeep":"3072:kg9Ou1GUClpCuDFiYLPSYOP5iXac/znNTxx7p+Qw:Ku1GrlUu5SZ4XZDx7pY","tlshash":"7634b78cb6c1b4e586a361b4023f181af3773a15744ec481b52dd6d16e7ea0fa927e3c","size":248445,"data":"","first_seen":"2025-12-23T13:01:17.084993Z","last_seen":"2026-02-08T15:49:19.807881Z","times_seen":441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tan-mouse.com/cDD/9S6kb.2t5ElBSdWJQO9wNsjSY/5/OiDxIT2QNgi/0Z2_N/jgk/4AMrjHY/3j","fqdn":"tan-mouse.com","domain":"tan-mouse.com","tld":"com"},"ip":{"addr":"88.85.69.212","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"1de0f86da4873ffed25c2a78be79851b","sha1":"c1879ec390708f2f7b6e0069d2d26b51d008962f","sha256":"3ee319d33b52fc10af31ffc56ce280ceb67c447407caabac6e7a11acdd3c5758","sha512":"6a6077bff46a1054edc0cdf02e39d99e04abd1c8a687c68b43da3bdc5c3fecaca9dc45117a016403fb2f404e5c65287979f944e93712a7b59fabd11cc8604625","ssdeep":"768:bZhdZg7J05MLfTF9dFaQNp8JY29c6SboEBkleZ2YoOcLhr7PTgLgooDMiG82IGjD:bZ1g7JFLqQNp8Jr9c6SboEBkleZ2qcLM","tlshash":"a003a6c871c3642642ea507d713f7208b23a54655429b028bc7dc8e4bcb9e9f8577bbd","size":38019,"data":"","first_seen":"2026-01-05T20:28:58.450729Z","last_seen":"2026-01-05T20:28:58.450729Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","size":17908,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T02:43:03.70094Z","times_seen":7019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vj.cubirashly.com/rlGaoxt7fvDxX/131675","fqdn":"vj.cubirashly.com","domain":"cubirashly.com","tld":"com"},"ip":{"addr":"188.42.241.221","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T06:33:33.093087Z","times_seen":14785,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"34b62a20166c522643a176a5f0db8e8a","sha1":"d2f25067959ff32e1a4e87d7d39fa244ad2b7232","sha256":"4a3906948d0378ccd648292eec729a8ea9acfd9bfef48789b9bba69aa1ced06c","sha512":"4685807a3300a1dd70c825f7dea1faaceae92c3f00654b7bdc3eecf562ed234e507b360b50a67cf3c2fc6fd72b0b3fa2f68347d8b2aeb9a96ce17561e179c300","ssdeep":"1536:xnkoD7uFiT8yf1MASbLavt9dSziFidJPL6m2EvOrx2Cu5M0pai53Z08A8/PRRMp2:NnnileViOGF9mrx/0JZwSD","tlshash":"3383e9c835dab81a0ba2e86f137f300bb52e6d947d6d7140d8b1c5f8796831e90b7d68","size":88632,"data":"","first_seen":"2026-01-05T20:28:58.466694Z","last_seen":"2026-01-11T03:26:01.482373Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/plyr@3.7.8/dist/plyr.polyfilled.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"71dc06ef63bafd519190803503d6fdd0","sha1":"efc20140bd1efe04b3a56bb3635874f0749cd8ca","sha256":"b0fc604958d3c5d9b393c4a4e48f77e232ab9928ee1a585a0e87e97984b5b024","sha512":"09719b177749c237fa5682d3022b73803bcc1f81dc93eb37a8925eabb2a56e0d0d9c559fc83e6bc682b867424632ff81225c4a27011237ff1135aaabd7f73141","ssdeep":"1536:hhaP8CysBHnjvlzs265In0KSVjq1FrJRD4r/lhmn7GGq78NUQJkAwwlepmDZBS34:hG88j91D1/itRajAUccxnC8t","tlshash":"dec319c3325af63181a659dea036021572398b9a7005c26cfd3cedde6838d4276bbf75","size":119969,"data":"","first_seen":"2023-10-23T10:46:16Z","last_seen":"2026-04-04T06:08:13.743509Z","times_seen":1128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"44e779c40cd30f4c42672cc5da4b401f","sha1":"6f9e73edd4a638fdc18bd1682769bc42e9d6262f","sha256":"522d5bc2363f09cbd6f07f36edced87224638ed91cf051ed3cbd36d724e6b7a8","sha512":"e5b99b6a0620bcc7b9f067f83197f633f1c6186bd82c6f2c533c315d09110c470afca718548cb59035f5ba28a17252de86db00433ce11beca1940faeff6a1cd4","ssdeep":"","tlshash":"78e0c6cc0c18283042cb643bc0399b0bb88022206462e6c1741caa2b3754fec8c50aea","size":342,"data":"","first_seen":"2026-01-05T20:28:58.469199Z","last_seen":"2026-01-11T03:26:01.490601Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2089259?id=2089259\u0026jp=_clwjjcxhpqneadjmxvegvf\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=UVU3j67aHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=A7MhTe6aHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1241744283310080\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=906\u0026rlp=%5B0%2C1%2C85%2C54%2C4657%2C1384%2C99%2C1384%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2158cc3897c593300c1d5b935b742518","sha1":"08bbda9029eb182eb012932c5778d080528417ab","sha256":"e4efdb9c1526fc52206cc18cf578e878e7af502912b2b95150ec99687f40e945","sha512":"dbe9034a3b3d8c047928ec3bbd574be8e187160c14db2c082d72e8b69e666785ef74413416a95c8c07c4308e2dbbf8da5b3b3999c764034c7911d4af8e7264a6","ssdeep":"","tlshash":"3771a299265beac560a8686df3f62d4034cd1bc1a8ce75a4f3052b00c199c20ff8beb4","size":3524,"data":"","first_seen":"2026-01-05T20:28:58.411753Z","last_seen":"2026-01-05T20:28:58.411753Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/get/2090229?id=2090229\u0026var=100111\u0026jp=_clcrzvyslwnnusvecevvnv\u0026dr=102\u0026cuaa=1\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=JoKRHhuaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=8560093677873152\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=1\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pload=1251\u0026rlp=%5B0%2C121%2C151%2C95%2C15695%2C3007%2C390%2C3007%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0\u0026freq=0","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"daf7dc7d2402388a6e942c648a74e102","sha1":"aa8a73571df04c44bfc3e78bab027930dc5c3d83","sha256":"f227cd7dc21c46d35e7921eaeab4e7234aade07c939b4822c2723da45c128bd6","sha512":"ecea4bc539c69d1c21bf1b3a1f9231af048c0b95d3e9ea18359985d7457e193adbea4b45455c729aaf184c8e24b445569239e7ba0411f281773e3c6ac9b444a9","ssdeep":"","tlshash":"def0c0b4d433d8fe6a97788523751f93088c5bf5dd0388550a99ca1ac33c0b55193c02","size":548,"data":"","first_seen":"2026-01-05T20:28:58.389238Z","last_seen":"2026-01-05T20:28:58.389238Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a1721f33c17121a1de07be5cea3a6b66","sha1":"c588fdee81825675aa903afc9bfa35e53597336e","sha256":"0be2c254d012873dee1cab6bdef0418afbfe0f1a63f68f33bf0d0faa26336d9a","sha512":"c2bf85f9420b7b894219f3c64429461f26bcf97cee07a758b77abef3d26deffd999e60f5015d831feb2de128206add5a15c3ad6249b0675291b05da0e92acc71","ssdeep":"96:HWJnGZVvxkh0NhBaJzOHp+G1EbCQiQZAJ1tTBn0yXS+tpTQxA:2oZhxf9H9eWQVAhB08TH","tlshash":"f6d1f2f6b97b334d979371ea2d161041500098a903adbc98fa64f2d5fcb4cfe192b350","size":6404,"data":"","first_seen":"2025-11-28T14:21:06.10041Z","last_seen":"2026-02-07T05:38:38.861246Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuqojtancv.com/jifppa/oqbablan/awp?uZso3=mZY3m\u0026agdpy=iu\u0026tyvc=yx\u0026mow=uiy\u0026pkbls=elmvy\u0026om=7045685\u0026plekos=vvin\u0026zl=5\u0026emp=8\u0026mpwmkbi=417685\u0026kn=_enkmfqqlxjmmgkzbzrqwhg","fqdn":"tuqojtancv.com","domain":"tuqojtancv.com","tld":"com"},"ip":{"addr":"94.242.247.32","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d149b15fdd4d8f072e922a4406c4e55","sha1":"64415c449c2d03fb5e4d79910a461ca7f762a54d","sha256":"21a0d4c0201a9072ea5951d8302863f278fc20834d6e5c9c563626a96b97997f","sha512":"276b976c80f033767b7b0f2a7c7e08704d60618c2261fb7363bde3c607a1cb299f27d76e4b8263fb8d0f5fd24becab0db914b850245ed1d1f845a18f6c449226","ssdeep":"","tlshash":"bef0c0eda434e8ddc407080a67fdcf9c4d64022ace6b0640b2c4c2ea500c9f15623b43","size":535,"data":"","first_seen":"2026-01-05T20:28:58.426483Z","last_seen":"2026-01-05T20:28:58.426483Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff1a7ef27d66a8dfd40c3a86d7e1c127","sha1":"cf211238cbba54b060cf4a9798ef946fb1c1b6ab","sha256":"8b1fa343a47f3d13f66208871a8213c58442b3d69b48eec8dc8dcf84fdb349a7","sha512":"2f66a46c5fb04477a3b996ca1f214b04b8e506b57559d48f2f77e06d67742d9ea1eac700e4b872f1c3cba046876bbb1752252d25fbd3d4d8e1720692d8668167","ssdeep":"1536:gxnmq0VdSHcg4Qs55a2Rn55lYU7t6UK71hnln2Cazf7XoJ27ilcgG:wnX0VdSkQs55HRjvt6D1hGe2Ge","tlshash":"b8d3838dbac1b16106e37064027f540af2b73a54b44fc8c0f66ad5e06ebe94f6167e2d","size":137417,"data":"","first_seen":"2025-12-23T14:51:43.590335Z","last_seen":"2026-01-30T11:02:48.824717Z","times_seen":260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"35005acdb9b94b784118a82eda174eca","sha1":"c2c43bb243d1e39aff4d743d8b8fb3e217af8544","sha256":"c6482f61bd64e8ebf203b901c0fed36b1fbc91d676a0652ce60c413e7f4dc9ea","sha512":"bd3b71576d52064d3346c0cc7b8619d8f8c5b2eca42deb16475c1d35b8fc78d89dec26549b778ea50f3ec6407600dab638478fc382d82e5f8039f564115604fd","ssdeep":"192:SsbBNUEgrkBieS0/g9RetY/JJPjXSiHfTiiJiHInwieiWibiD7iTfUDEiAPVd+1G:/bBNUEmkl/2RetMJJzSiH7iiJiowieij","tlshash":"8032c6ab15f30171896360ad5fab221532338107630ece457e9f97801f59b6442f2fed","size":11402,"data":"","first_seen":"2026-01-05T20:28:58.474255Z","last_seen":"2026-01-11T03:26:01.494258Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5ccccd9368f84b3c3f57cc06fa39f2c","sha1":"57d9c00a52d3b343e42632417ce04fc29450d1e7","sha256":"b2164dada50bef6a7163e287204c798be2653531ceaa7cb3b9e9bc6372f26417","sha512":"0af8414b424261806647fa1fec6506c8cd329a85e8dcab4bdd059e5247a0f7bd56862666d1bb23a23c9378a1c1e84124c3a12f60d3e51550b89d14e6a6223a5f","ssdeep":"","tlshash":"8cc08c88220b0cb051a73a890b2f6100f006221258a099312a1f63048f21e17d349a14","size":164,"data":"","first_seen":"2025-11-21T11:58:21.796613Z","last_seen":"2026-03-22T14:41:26.729344Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.popcash.net/show.js","fqdn":"cdn.popcash.net","domain":"popcash.net","tld":"net"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f20f0952507fda6beb023023ecc3ece","sha1":"c6c61f2bc884cc8b3b675461dc12f4aff42d3d0a","sha256":"ac2044b6693753a1d8f0f316ad175a7caa2afd1725484c5f7289015c9d11a98d","sha512":"3e9e084c61af23def755c7a57320ba34d7b3c4c16c80b4aca8053fc5b6f3743e70059a66c83cc0b3958eb1de1e80a1ee7230d09bd7973b14b13be5eb5f7a7faf","ssdeep":"1536:f24Ny1erT/XuZ3gYCuG90tqxSDsWI8Za6HMhX20BDbvcQzStYO5CX:zg1eP+ZGuoSaRks7O5CX","tlshash":"59b3754661cd22708a8bf333adefbcd4ee6f5900756588d7261cc2816925dac40bedf9","size":110984,"data":"","first_seen":"2025-09-04T19:58:55.300269Z","last_seen":"2026-04-01T22:14:59.260842Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a6a1c6ffd0.35c82e35f3.com/121a908eacafa91f943687aeb96a72d7.js","fqdn":"a6a1c6ffd0.35c82e35f3.com","domain":"35c82e35f3.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bf20c44981795047ce2c610a2100a35a","sha1":"24c225c700d3f4208417651f6779de9758cd90a1","sha256":"0ec0d01651f974e70dc3c7d4cc50599dbd3a818863b7011ef052c3a0641dc161","sha512":"97612ed9de3cfb245c7e6a70420ca817b99f7b6db0dae1395fbc16c1eef8e4cb4ff993954fbddc4917563840baeef269a9edea324b06e0131fc2e2e833266e7a","ssdeep":"1536:O18MdnC5OPz8QP9r2RcZSgtK8sBggHhO12FoX50FtQySd8uj6DzKEVKf7lbe0etc:mFSGSgtqZXqd8uODG0K5y0etsz","tlshash":"c8e34adcb2d2b07407e75099d83f1206b73a1a16b80c9058f6a6e9c17878ddb5237f7a","size":147733,"data":"","first_seen":"2025-12-24T08:41:20.196676Z","last_seen":"2026-01-15T08:09:34.935655Z","times_seen":438,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/in.js","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"18dd74f90139b81be9c0b1773046ebf5","sha1":"277ecf6c6779286316d4176460e3442cb37d480f","sha256":"af3562ce86727c51c1c62ce374a1afbc5ed4961af3fbf56b8d102899f38d6af3","sha512":"34e0719fe4e3ddc56fad66a2f2a119d8d7a439e3a1a15888143dff0344d6c6a76eabc166ac395a1d352ad6b7b2dcf669a6d120fbf63ed5397970d944c2744e08","ssdeep":"3072:WQ813/etuoJZ5p89vSnNSQ//BMqZOyG1slFXdqMxzbwu2qWT4GoNRihWk+xM1GxY:23/etuoJZqaSQ/ZDOyG1s7XdqQzbwu2b","tlshash":"1614968c2b8260325a77b02938ff7a0b5633b8eadccdc5c5d431d1c515bfd05a52baa9","size":193273,"data":"","first_seen":"2025-12-24T16:56:59.126616Z","last_seen":"2026-01-11T23:50:31.646976Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fc3ac4b260ddcb1b6c684743a2b154f","sha1":"ca0d7b66644944e5270be95b6ca7e8dd6b875bc7","sha256":"647c68c23c5d03cb19a403f4db195ea033d9db787f2fc9720749d21dd0e676f2","sha512":"9d75da9ecdd924b86911e978b8af234ef2a399787688b2221ccca52c2b7ee0ae289d4f16fd318a2935cfbdf11471129a229e9020ccf4558f697a79801a00c2e0","ssdeep":"","tlshash":"703101ee31a1edb1078b6048203f040af5acb4a0a3ade9d6dba5c9647d781444062ffe","size":1849,"data":"","first_seen":"2025-12-23T09:40:45.346184Z","last_seen":"2026-01-30T11:59:22.192754Z","times_seen":491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/505951?i=1\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026referrer=twinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2fddd77817bd31918a17d12a5982968","sha1":"340b1b527b737c7d847fe5e78c08c84cd1a0391a","sha256":"42d60e6d85d0649457d94b9e8d8604dfc8e8c58f200c0078274eb09f1181dcb4","sha512":"e71d73e84c7b223449f552b480c842dd6b1fbc7b5901bc69eaf25cf136cfd339a22bedfcb141f897ad4e6c6c0b14bb8b043a92d9e6935fb7b6e0f0cfa6c638fb","ssdeep":"","tlshash":"62515684d5ac2216b51b10a0dd79cfdf655da140a2158065efb726aac3cd64c06722ca","size":2582,"data":"","first_seen":"2026-01-05T20:28:58.448075Z","last_seen":"2026-01-05T20:28:58.448075Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/hls.js@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"69991b6ecc5d57cf73bad5b3a1296058","sha1":"5c7108b1d0ee56af5c9fc4cf18124998c0017632","sha256":"413a83e2bb0c77ed0bf0be105d539d17ef45dfd984a0b13ecd3b14a901383938","sha512":"09256a7386bbb67fad8b30cdb7e783a159f67d7600c0c0e908baf01a55ab3a4b4d7d943d829e1d28a49c12531e465ac889f865897b346b4e812da52098c94253","ssdeep":"6144:ax52zYCo5VplapfQn4RzVt2tFPR5Szfmm6faVqKxh7U4StP1BHTO1OMAt2TMQxIu:a959aB7RzT2tF4lVqKxKld24Q9","tlshash":"35b429ed36a5a01643c2b169903f5507633a7d0a284cc12cfa2be9d72d7994db13bf74","size":541870,"data":"","first_seen":"2025-11-19T18:04:40.578466Z","last_seen":"2026-04-04T06:42:56.90098Z","times_seen":1362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"8f2e0cd22b41fa7c9212af0b11f449d3","sha1":"6c552632a2eeaa712496444594c3e8c68eadbbb0","sha256":"d7ca5af269e02e5109a61ef55df0196e2206204d6c742daba5a153defc097fda","sha512":"c90bb9984fc0b2a5374129cb10fc509e937ba565063e2530578430fb0329f8058c145c914de139fa166d8530cfff9799a8c78aa1ad2752d9ec72e24c0fed477c","ssdeep":"","tlshash":"d201685934f5684d5127b630255b22182d32a40325cbd94efb2cdb301f825a7eca8aef","size":762,"data":"","first_seen":"2025-03-07T08:34:13.499254Z","last_seen":"2026-03-04T07:06:03.173543Z","times_seen":7245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LEPP2CC3N9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"84b7d0be08db1f0bd67522e6573f2d19","sha1":"7d26057da952cc362ced89c923eba15aef71ebec","sha256":"a907f8a4339d189621e7d70eddd2dae6b9200d8ee8e57f1cfb19e9ea33867356","sha512":"626a09995f0c05290994230ac8b3ca32143f9137cbb24aab3a877faef6034ef1b60bfc95f81df35a36b4fb93957af3edf4e0805263f00cd4c42acb398ce94259","ssdeep":"6144:1n7nTmlObujKYz1U95efDHHYOyQFzvnsdRiCjFW5ajaJddpC1xY:hTpbuNz1cEVnsdrpWjNpb","tlshash":"11941ace73c674269396e078503f118ba57b29e2b45cc896f189cce01e74a9a4277f7c","size":432997,"data":"","first_seen":"2026-01-05T20:28:58.405707Z","last_seen":"2026-01-05T20:28:58.405707Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=3f86f27a-7e36-4827-be2f-3fe509fde13f\u0026subid=1619763552\u0026spot_id=1469352\u0026created_at=2026-01-05\u0026timezone=0\u0026ver=1.170.4","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:26.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 02:02:57 GMT","end":"Wed, 25 Mar 2026 02:02:56 GMT"},"fingerprint":{"sha1":"C4:80:D6:E8:F3:2B:FD:8A:89:D9:CF:8B:78:3F:74:35:34:B3:68:8A","sha256":"DF:07:A2:74:C6:6C:63:AA:37:DD:AA:4F:E0:F5:C5:D7:9C:B8:28:C4:9C:45:3F:F7:BC:1B:0A:AE:7F:38:FF:B1"}}},"request":{"raw":"GET /in/dip?event_id=3f86f27a-7e36-4827-be2f-3fe509fde13f\u0026subid=1619763552\u0026spot_id=1469352\u0026created_at=2026-01-05\u0026timezone=0\u0026ver=1.170.4 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Mon, 05 Jan 2026 20:28:26 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"142.251.38.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:25 GMT","end":"Wed, 25 Feb 2026 15:49:24 GMT"},"fingerprint":{"sha1":"91:C9:D2:96:3C:37:B7:AA:92:08:CB:D8:91:FB:4B:EC:F0:31:EE:14","sha256":"F9:FB:99:62:9D:67:65:04:DE:83:94:21:A9:3D:E7:BF:DB:C8:AF:30:5A:64:53:01:12:4A:34:94:55:B4:42:2A"}}},"request":{"raw":"HEAD /pagead/js/adsbygoogle.js HTTP/1.1\r\nHost: pagead2.googlesyndication.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nlink: \u003chttps://googleads.g.doubleclick.net\u003e; rel=\"preconnect\"; crossorigin\r\nvary: Accept-Encoding\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\nexpires: Mon, 05 Jan 2026 20:28:25 GMT\r\ncache-control: private, max-age=3600, stale-while-revalidate=3600\r\ncontent-type: text/javascript; charset=UTF-8\r\netag: 2069977423921799221\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\nserver: cafe\r\ncontent-length: 55445\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":108,"dns":0,"connect":7,"send":0,"wait":26,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/chicken.gif?z=2090229\u0026var=100111\u0026pb=a8cc7f11c52f42a8d1f944c841cb67421767652105\u0026pbc=zOz-n4qxOqUJO1xp\u0026pbi=c83Lqx5L-s8JO1xp\u0026pbu=mYXx6TuttX0JO1xp\u0026psp=uWzsa8Z22un9q11T3xCE2Hf1ZV30tRRs526-RGLGvIjYPXevzCBZbePau8jyqnIFklZJKcjJtRdTwVnyB_kj5HVlDKt8E3pG4wN0d0vT3zxvGkEZejcss8AvVmV88l7ijEgAcnCvD9naR0oXeJ-blMRpEbVJ8ee5emWp4MNgOHLn6hHv_ZEc-oLQVMK6SQGhu7aUgZf0f_JTvrjTYyT7IbjIVojBTct3wMZN57u0wnBTqG4OocBoTx-T4Klx0HH1sfGMFVy5BiEKrZQb8tC7hmABUXJCO22MUOacVVp6TeqxRUl9E1uZgTHC79FBMt_8kj35egZ47rF0c7l5UZeHbm6wCJfNxdF7G47uWCOUP4O4D7yDmoxaDSWsU2LnFsa2-iNZwggQUim3Qz7N2Z41PtybkboBD2tAQ-NI0ttQPHP6qXhVxwKvkL8LFwQ9OE4QhzbVjexYjHBqKUcN7P4YEqjuewFf_FmlW_qza3tA9bjvl-s1WsoYnlYTra1dhs6EnfVR_ke04Sre6rQm7QxRWiCQNpxUFNUMEOTzPEvgFZy4zckV9BGVQaAtOWaKlGb3Vkmjhtz8JaNwf0PkerZ1vCa2WPH43G0oIhcjEU_csnSAalvvmNwgMikkhSJPCxQELBJs4zGteuHHemTnTrWDVW1iOUyQp0IB08cE4GxbrAvjIDqS-eQ904ihlBBOCTwhRIl-K8kZDl1HC4witIW1CabXUVFvQ8bU9kDHOMJHjey90m6_uekHMq7xQT3U74uaiLg-Ti5HkUzSdQuMYc9kt2GgLcIG0e6JlEeKQLhl6pNoDZhEnPicxGoe7c7GL8doNL6Ii3IlOFhQMLCYrLf9KnmGYQcYBYEumaOhHxz4BMyqpPYpmvPXVLcPpEMsl7kEDDLgkP23hxxkOlq7Z4pM9xV1ymd68rfNscDAGeOy1QJDCQLqpqcHeLtWNLmEpMHg0lk-qIfHA4WyBcDbDvfwZE_ICBaxjTDPaD7i7fHAw0vtX5KBvvR0j2UTOPqjWsqT2cExWllfFkbowYCgDKwx81NadfNcKwIfLBGbXfF5msVHFpWruF9oc7FYbrJpHC4dAO0Xj6c-E-0r8plPDci9I7PT\u0026freq=0\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=BxZ2NeKaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1804694236902912\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=3\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pi=W1oqmg\u0026pload=1251\u0026rlp=%5B0%2C130%2C260%2C194%2C50128%2C8854%2C458%2C8854%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:27.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bartererfaxtingling.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:26:22 GMT","end":"Wed, 21 Jan 2026 14:26:21 GMT"},"fingerprint":{"sha1":"F1:45:16:A9:B8:54:81:33:AA:52:3E:EC:2D:B1:37:EE:6C:AF:82:35","sha256":"82:BE:8A:83:92:78:C4:84:A6:36:46:66:AA:0F:7A:1D:C5:F9:F6:2B:98:86:EC:B6:87:AF:77:4D:CA:E3:08:5D"}}},"request":{"raw":"GET /chicken.gif?z=2090229\u0026var=100111\u0026pb=a8cc7f11c52f42a8d1f944c841cb67421767652105\u0026pbc=zOz-n4qxOqUJO1xp\u0026pbi=c83Lqx5L-s8JO1xp\u0026pbu=mYXx6TuttX0JO1xp\u0026psp=uWzsa8Z22un9q11T3xCE2Hf1ZV30tRRs526-RGLGvIjYPXevzCBZbePau8jyqnIFklZJKcjJtRdTwVnyB_kj5HVlDKt8E3pG4wN0d0vT3zxvGkEZejcss8AvVmV88l7ijEgAcnCvD9naR0oXeJ-blMRpEbVJ8ee5emWp4MNgOHLn6hHv_ZEc-oLQVMK6SQGhu7aUgZf0f_JTvrjTYyT7IbjIVojBTct3wMZN57u0wnBTqG4OocBoTx-T4Klx0HH1sfGMFVy5BiEKrZQb8tC7hmABUXJCO22MUOacVVp6TeqxRUl9E1uZgTHC79FBMt_8kj35egZ47rF0c7l5UZeHbm6wCJfNxdF7G47uWCOUP4O4D7yDmoxaDSWsU2LnFsa2-iNZwggQUim3Qz7N2Z41PtybkboBD2tAQ-NI0ttQPHP6qXhVxwKvkL8LFwQ9OE4QhzbVjexYjHBqKUcN7P4YEqjuewFf_FmlW_qza3tA9bjvl-s1WsoYnlYTra1dhs6EnfVR_ke04Sre6rQm7QxRWiCQNpxUFNUMEOTzPEvgFZy4zckV9BGVQaAtOWaKlGb3Vkmjhtz8JaNwf0PkerZ1vCa2WPH43G0oIhcjEU_csnSAalvvmNwgMikkhSJPCxQELBJs4zGteuHHemTnTrWDVW1iOUyQp0IB08cE4GxbrAvjIDqS-eQ904ihlBBOCTwhRIl-K8kZDl1HC4witIW1CabXUVFvQ8bU9kDHOMJHjey90m6_uekHMq7xQT3U74uaiLg-Ti5HkUzSdQuMYc9kt2GgLcIG0e6JlEeKQLhl6pNoDZhEnPicxGoe7c7GL8doNL6Ii3IlOFhQMLCYrLf9KnmGYQcYBYEumaOhHxz4BMyqpPYpmvPXVLcPpEMsl7kEDDLgkP23hxxkOlq7Z4pM9xV1ymd68rfNscDAGeOy1QJDCQLqpqcHeLtWNLmEpMHg0lk-qIfHA4WyBcDbDvfwZE_ICBaxjTDPaD7i7fHAw0vtX5KBvvR0j2UTOPqjWsqT2cExWllfFkbowYCgDKwx81NadfNcKwIfLBGbXfF5msVHFpWruF9oc7FYbrJpHC4dAO0Xj6c-E-0r8plPDci9I7PT\u0026freq=0\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=BxZ2NeKaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1804694236902912\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=3\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pi=W1oqmg\u0026pload=1251\u0026rlp=%5B0%2C130%2C260%2C194%2C50128%2C8854%2C458%2C8854%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5 HTTP/1.1\r\nHost: bartererfaxtingling.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PTS=; UID=2601051528bca5c399be4f4c588e0319f830; CHCK=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:27 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-route-id: stats.impression\r\nset-cookie: BCAI=ADROLQAAAAAAAAAB; Path=/; Expires=Tue, 06 Jan 2026 20:28:27 GMT; Secure; SameSite=None\nBMI=AEbTewAAAAAAAAAB; Path=/; Expires=Tue, 06 Jan 2026 20:28:27 GMT; Secure; SameSite=None\nBCRI=jRBjSwAAAAAAAAAB; Path=/; Expires=Tue, 06 Jan 2026 20:28:27 GMT; Secure; SameSite=None\nIMC_102=1; Path=/; Expires=Tue, 06 Jan 2026 20:28:27 GMT; Secure; SameSite=None\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"28e463819a210071de3b45ebe7633613","sha1":"6dccd571828ec0912629119cf7eabfea9f33ddbc","sha256":"44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84","sha512":"8a82ac5a7883cd9b74bdb561cf825ce86474e259ad8c445e538d697b0003e3f2b1d6edcd3dc6512f4ad16e9074da204a79938257c457ecf68f4329eac0182e67","ssdeep":"","tlshash":"04900003e280e082c3a0c0300e0ccb802b88a2308a28030fb0fc2baefc3a3a20c23000","first_seen":"2023-04-05T09:26:54Z","last_seen":"2026-04-04T07:45:46.54418Z","times_seen":20432,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/api/videos/public-signed/Rrwyh8cz3","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vidoes.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 22:26:15 GMT","end":"Sun, 29 Mar 2026 23:22:37 GMT"},"fingerprint":{"sha1":"19:18:DB:3F:C1:1E:0D:6B:33:43:21:23:7B:08:9B:B2:9E:AE:53:D3","sha256":"A0:58:B1:0A:F3:9A:09:76:7A:AC:5C:15:F8:0F:7B:F2:EC:51:4B:7F:0D:F5:14:79:DF:20:82:12:3D:81:A7:08"}}},"request":{"raw":"GET /api/videos/public-signed/Rrwyh8cz3 HTTP/1.1\r\nHost: vidoes.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: application/json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ivhqKnqPWaHC2lJP6VLTiBWhrC%2FTFoySb096jkmm2FeS24yNFXaFpQ3PDXPj5tS31G6CngSxKkY8pFeDxMUENI0pkk0TM2i%2Fx8vT\"}]}\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\netag: W/\"4d-qlBkuRFCBvKPIEUMAQHQc1F+QTI\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b95b8d05d4832fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f998d0d652492ae12b4e9986f428e04e","sha1":"aa5064b9114206f28f20450c0101d073517e4132","sha256":"84a9109f5b2b4a7e60bd67afb0a1a988b4c7d73c73354c044f3b5b1aba57e675","sha512":"e3b92f0acda8ee2d0769161fc338578710ab7599919fc289247fd14ee337da4b64562f82cc7ddc3d6e34e555c41d15efb9b08cd45299ac8f063198f56d523b72","ssdeep":"","tlshash":"fca022f200882a03e38032c088cc3e088083f003cccc08b0238aace0a0200800b283ca","first_seen":"2026-01-05T20:28:58.356527Z","last_seen":"2026-01-05T20:28:58.356527Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"vidoes.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S-617606915%3A1767644905980557\u0026hl=en\u0026ifkv=Ac2yZaWWoxsYdIGzC11pBMx4UKIewfBYLoK-BtPq8DjJZBvtfFC1vkHZAWzwMrXmPKPnrQEDpLPG\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:26.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:09 GMT","end":"Wed, 25 Feb 2026 15:50:08 GMT"},"fingerprint":{"sha1":"70:35:5F:58:F3:50:B0:2A:0E:11:9A:FD:D4:67:00:94:17:0E:03:EF","sha256":"01:93:34:8C:59:AC:52:25:54:81:E8:50:E1:E9:8A:11:1F:3C:82:81:00:B2:90:35:17:5F:25:9C:C2:2D:D2:E2"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S-617606915%3A1767644905980557\u0026hl=en\u0026ifkv=Ac2yZaWWoxsYdIGzC11pBMx4UKIewfBYLoK-BtPq8DjJZBvtfFC1vkHZAWzwMrXmPKPnrQEDpLPG\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 05 Jan 2026 20:28:26 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-security-policy: script-src 'nonce-yKGOnzrR0eZQdz6lpU0W-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.jam3aJYHpRA.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hotloss.com/Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNTOFPh-NRDScT1UM_DWQXxYZZW-FbjcZdGeN_kgMh2iJjl-MlTmIn1oZ_jqkrxsOtT-Iv4wMxmyN_lANBjCJDm-","fqdn":"hotloss.com","domain":"hotloss.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hotloss.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Dec 2025 10:04:06 GMT","end":"Tue, 17 Mar 2026 10:04:05 GMT"},"fingerprint":{"sha1":"AA:90:6F:BC:19:95:A2:C8:9A:3B:8D:82:65:34:BD:52:5A:C4:30:AA","sha256":"EE:C7:A1:58:27:B6:08:50:FA:E8:20:78:EA:B8:B4:DD:E8:27:DD:3F:A2:0C:0B:37:68:72:FB:21:D6:7A:A8:69"}}},"request":{"raw":"POST /Yu2vx-p.ZxWy5z0AZ_GCFD0EYFT-9HyIcJmKl_kMPNTOFPh-NRDScT1UM_DWQXxYZZW-FbjcZdGeN_kgMh2iJjl-MlTmIn1oZ_jqkrxsOtT-Iv4wMxmyN_lANBjCJDm- HTTP/1.1\r\nHost: hotloss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 104\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":104,"data":"ref=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026prevRef=https%3A%2F%2Ftwinply.shop%2F"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"hotloss.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://twinply.shop/vid/Rrwyh8cz3","date":"2026-01-05T20:28:23.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vidoes.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 22:26:15 GMT","end":"Sun, 29 Mar 2026 23:22:37 GMT"},"fingerprint":{"sha1":"19:18:DB:3F:C1:1E:0D:6B:33:43:21:23:7B:08:9B:B2:9E:AE:53:D3","sha256":"A0:58:B1:0A:F3:9A:09:76:7A:AC:5C:15:F8:0F:7B:F2:EC:51:4B:7F:0D:F5:14:79:DF:20:82:12:3D:81:A7:08"}}},"request":{"raw":"GET /e/Rrwyh8cz3?lv1=twinply.shop HTTP/1.1\r\nHost: vidoes.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://twinply.shop/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=0\r\nlast-modified: Sun, 04 Jan 2026 19:38:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=URUecE5hSZBRpEWwLA%2BlLHdJwmNFwsje3%2Fa7qERAxBb%2B4MmR1aI3QOHleHOvSUiDEZdLzlPV7HoVaMr8sd7jjqy8pp9UHb92zw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b95b8c80d71b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":123695,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (49215)","md5":"d002627d871b50fa64b5b657642b322f","sha1":"7bec957023e6c6c193f5b4b12edccfed2a1158bb","sha256":"97977c0fae8cea46df9f9bd102cabbcd09c7ba05e9580f0607ac554525bf1b99","sha512":"26de1e87ffa6af41128cd8f984fda56f3c8a090b172207e629760b79b8d9c54fb02a70ce26b50817489bafb4bb5ff2f97de62c0280ce403ce5eee652871ecc92","ssdeep":"3072:cpflnnileViOGF9mrx/0JZwSjEmkRbK+boNvn+y8wV5/UCL:cpFicLzx/0j5Emko+b4vn+y8SUCL","tlshash":"cac30bc834d7b8194b63a4ae137f300bb02aad45395db140f8b9c5e47f6435e91b7ea8","first_seen":"2026-01-05T20:28:58.361433Z","last_seen":"2026-01-05T20:28:58.361433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":39,"dns":21,"connect":1,"send":0,"wait":70,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"vidoes.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/settings/505951","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 Jan 2026 23:28:40 GMT","end":"Fri, 03 Apr 2026 23:28:39 GMT"},"fingerprint":{"sha1":"85:74:F2:79:0B:02:78:8E:1F:E8:80:75:73:6B:99:06:70:82:4A:1C","sha256":"29:2D:AF:FF:BB:42:24:C4:F8:F2:B4:C4:71:6B:6A:74:80:7D:0F:7C:8C:1D:6F:83:C8:8E:21:72:19:F1:5E:48"}}},"request":{"raw":"GET /api/settings/505951 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1be64b6d6652effba7dcf744e90def6a","sha1":"d9fbc7d1fa49fa4733f90a3739882d63972c2352","sha256":"72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f","sha512":"ff1aee5b5d4ba25f4f78a0ddc80cd878856815c1ded88b32370c72bff242e73522e6aefb60fa5e53c434f10d2611dab7679152edf9321edc2b656e0265ef7006","ssdeep":"","tlshash":"408004c00dc1545410c010f4434043150103140f535c3304d41d1701147f4d17030150","first_seen":"2023-04-06T10:58:14Z","last_seen":"2026-04-04T05:52:30.453431Z","times_seen":7143,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":68,"dns":35,"connect":13,"send":0,"wait":13,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 14:57:20 GMT","end":"Fri, 13 Feb 2026 15:57:18 GMT"},"fingerprint":{"sha1":"80:2D:1E:ED:7E:27:75:C8:26:5C:5A:67:67:AE:0B:64:50:E0:CB:35","sha256":"12:CD:2F:65:36:49:D1:F0:8F:A7:6A:68:FF:9C:96:CC:70:D2:75:FE:A5:51:07:CC:D0:AA:5A:75:18:DC:8D:61"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 77814\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 06:18:27 GMT\r\nvary: Accept-Encoding\r\netag: \"694a3433-12ff6\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 1174134\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\ncf-ray: 9b95b8cafa76569b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":248445,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"e4402ff91a4c2c14641427454c831602","sha1":"720e8365191135a4745a533a843f4acd32292df9","sha256":"0019105a70cd9bed5725359fb59b243d481224ce5fc68a317a4637ca853e3829","sha512":"c5f5215cec44e91fc07547550c764cdce55e38cc3107a037840777c013266fe86b37c22f34c9687ff3198c3fce27976ae4fd7bb609e9a99ba4afd7a62ef25134","ssdeep":"3072:kg9Ou1GUClpCuDFiYLPSYOP5iXac/znNTxx7p+Qw:Ku1GrlUu5SZ4XZDx7pY","tlshash":"7634b78cb6c1b4e586a361b4023f181af3773a15744ec481b52dd6d16e7ea0fa927e3c","first_seen":"2025-12-23T13:01:17.084993Z","last_seen":"2026-02-08T15:49:19.807881Z","times_seen":441,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/in.js","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bartererfaxtingling.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:26:22 GMT","end":"Wed, 21 Jan 2026 14:26:21 GMT"},"fingerprint":{"sha1":"F1:45:16:A9:B8:54:81:33:AA:52:3E:EC:2D:B1:37:EE:6C:AF:82:35","sha256":"82:BE:8A:83:92:78:C4:84:A6:36:46:66:AA:0F:7A:1D:C5:F9:F6:2B:98:86:EC:B6:87:AF:77:4D:CA:E3:08:5D"}}},"request":{"raw":"GET /in.js HTTP/1.1\r\nHost: bartererfaxtingling.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 24 Dec 2025 12:35:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694bde26-2f2f9\"\r\nexpires: Mon, 12 Jan 2026 20:28:25 GMT\r\ncache-control: max-age=604800\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":193273,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"18dd74f90139b81be9c0b1773046ebf5","sha1":"277ecf6c6779286316d4176460e3442cb37d480f","sha256":"af3562ce86727c51c1c62ce374a1afbc5ed4961af3fbf56b8d102899f38d6af3","sha512":"34e0719fe4e3ddc56fad66a2f2a119d8d7a439e3a1a15888143dff0344d6c6a76eabc166ac395a1d352ad6b7b2dcf669a6d120fbf63ed5397970d944c2744e08","ssdeep":"3072:WQ813/etuoJZ5p89vSnNSQ//BMqZOyG1slFXdqMxzbwu2qWT4GoNRihWk+xM1GxY:23/etuoJZqaSQ/ZDOyG1s7XdqQzbwu2b","tlshash":"1614968c2b8260325a77b02938ff7a0b5633b8eadccdc5c5d431d1c515bfd05a52baa9","first_seen":"2025-12-24T16:56:59.126616Z","last_seen":"2026-01-11T23:50:31.646976Z","times_seen":100,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":77,"dns":32,"connect":17,"send":0,"wait":34,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stream.alflix.cv/videos/2026/01/1000010433.mp4","fqdn":"stream.alflix.cv","domain":"alflix.cv","tld":"cv"},"ip":{"addr":"104.21.14.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4500e9fa.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 15:42:43 GMT","end":"Thu, 19 Feb 2026 16:42:33 GMT"},"fingerprint":{"sha1":"13:F4:5F:F4:9B:25:76:0B:1D:1C:0F:CC:BE:51:D5:9E:49:17:37:8E","sha256":"D1:CE:98:F2:D9:A4:53:C4:70:A9:83:12:1D:E0:95:42:E4:40:1D:75:8D:C2:E8:4E:6B:3D:F6:B7:B4:05:05:17"}}},"request":{"raw":"GET /videos/2026/01/1000010433.mp4 HTTP/1.1\r\nHost: stream.alflix.cv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=46235648-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 80611\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RHcBVDYj4kL2HiOiYIcM%2BLYdDdKd0nupUxfN4rrG5b865s%2BZVbsJsKxSJskUv58VWzFL%2B9JadndqdWiL18rNAsVZmWZSUuNsdSxpXLRWkEY%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nage: 4294\r\netag: \"796ea52ada3899e0825cfbddc728aa08-5\"\r\nlast-modified: Sat, 03 Jan 2026 13:40:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncontent-range: bytes 46235648-46316258/46316259\r\ncache-control: max-age=14400\r\ncf-ray: 9b95b8d46c501a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80611,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"7dce3d29440091056c6f4d00d8e3b73d","sha1":"442798975d24ebde791535182c36382b2c079611","sha256":"952ce43a9d18a9c0d5a279ab433282aea455993a555190227efb24da2bb15075","sha512":"87ce8a0bd1d12468f963afe696bcf6ace107e6e07dd3511b03df6d1640f1a9d8bd9a5cc1f0a55268b4c5d13b11beb5c8ef0a5afcd2970589b722fba9f512b497","ssdeep":"768:YvYhNtXNJu2g5H3/cvaip00U9rYgPUMCv/hyax+7CbAiFG8j+99/OEU:lhNJZgSyiy0UpYD/gb732Gj9/0","tlshash":"12734d89a76c958bf6e3773494e2331177f4dca487074eda0bd8133b9caa678508e1e4","first_seen":"2026-01-05T20:28:58.380428Z","last_seen":"2026-01-05T20:28:58.380428Z","times_seen":1,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":856,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"stream.alflix.cv","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vj.cubirashly.com/rlGaoxt7fvDxX/131675","fqdn":"vj.cubirashly.com","domain":"cubirashly.com","tld":"com"},"ip":{"addr":"188.42.241.221","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vj.cubirashly.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 12:06:01 GMT","end":"Fri, 20 Mar 2026 12:06:00 GMT"},"fingerprint":{"sha1":"49:50:C6:29:62:75:7D:6D:14:F3:9C:44:49:EB:E0:DC:E5:27:8A:F7","sha256":"95:DD:31:8C:D4:20:B3:DC:C7:4C:5C:C0:AB:A5:82:2C:64:3C:18:42:C6:54:26:87:78:1E:34:D0:83:8B:8B:70"}}},"request":{"raw":"GET /rlGaoxt7fvDxX/131675 HTTP/1.1\r\nHost: vj.cubirashly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://vidoes.live\r\naccess-control-allow-headers: content-type, gyfr29qt4j80vdr0zhsj, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Tue, 06-Jan-2026 20:28:24 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJxjYGBgEuEXZMosEOSxNNSzNNAzMdIzNDURZEwXZPLzF2RKzhNk88svKk%2BsFGQsEmQyMBZkKsoT5PYvzslXcM4vzSsBiicLsoD4goyZgnxOOZkVCsH5OaUlmfl5xYJMQMzpnJiUk6rvEuwjyFjAxijIVJIPIotTRBgEGcvYJASZchJ5HHw%2Fv9qcvuAnkJPP46BavzE63G61IFNBsSCLgaGpIQCHOyne; expires=Tue, 06-Jan-2026 20:28:24 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T06:33:33.093087Z","times_seen":14785,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":121,"dns":88,"connect":17,"send":0,"wait":24,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"vj.cubirashly.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ktbch.cloud/app.js","fqdn":"cdn.ktbch.cloud","domain":"ktbch.cloud","tld":"cloud"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.271Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /app.js HTTP/1.1\r\nHost: cdn.ktbch.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5117\r\ncf-ray: 9b95b8cedb48b4f9-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03faa-45f4\"\r\nlast-modified: Mon, 04 May 2020 16:15:38 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1706271\r\nexpires: Sat, 26 Dec 2026 20:28:24 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=V3MpSD36G6hi4rdDizQjk6KOIzmYCrsfSkSWK%2B2Zk4N82PkLfPvv%2BfTf7soEDsd4G%2BMGnDRXJxmKHldGHsysKC%2F5SdqnLmjUwrD3rDvoDXojaspBgTGco2lSbFl7HwfMkmUBcnfT\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17908,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (17660)","md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T02:43:03.70094Z","times_seen":7019,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":104,"dns":90,"connect":1,"send":0,"wait":29,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/get/2090229?id=2090229\u0026var=100111\u0026jp=_clcrzvyslwnnusvecevvnv\u0026dr=102\u0026cuaa=1\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=JoKRHhuaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=8560093677873152\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=1\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pload=1251\u0026rlp=%5B0%2C121%2C151%2C95%2C15695%2C3007%2C390%2C3007%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0\u0026freq=0","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bartererfaxtingling.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:26:22 GMT","end":"Wed, 21 Jan 2026 14:26:21 GMT"},"fingerprint":{"sha1":"F1:45:16:A9:B8:54:81:33:AA:52:3E:EC:2D:B1:37:EE:6C:AF:82:35","sha256":"82:BE:8A:83:92:78:C4:84:A6:36:46:66:AA:0F:7A:1D:C5:F9:F6:2B:98:86:EC:B6:87:AF:77:4D:CA:E3:08:5D"}}},"request":{"raw":"GET /get/2090229?id=2090229\u0026var=100111\u0026jp=_clcrzvyslwnnusvecevvnv\u0026dr=102\u0026cuaa=1\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=JoKRHhuaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=8560093677873152\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=1\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pload=1251\u0026rlp=%5B0%2C121%2C151%2C95%2C15695%2C3007%2C390%2C3007%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: bartererfaxtingling.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: PTS=; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\nUID=2601051528bca5c399be4f4c588e0319f830; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (548), with no line terminators","md5":"daf7dc7d2402388a6e942c648a74e102","sha1":"aa8a73571df04c44bfc3e78bab027930dc5c3d83","sha256":"f227cd7dc21c46d35e7921eaeab4e7234aade07c939b4822c2723da45c128bd6","sha512":"ecea4bc539c69d1c21bf1b3a1f9231af048c0b95d3e9ea18359985d7457e193adbea4b45455c729aaf184c8e24b445569239e7ba0411f281773e3c6ac9b444a9","ssdeep":"","tlshash":"def0c0b4d433d8fe6a97788523751f93088c5bf5dd0388550a99ca1ac33c0b55193c02","first_seen":"2026-01-05T20:28:58.389238Z","last_seen":"2026-01-05T20:28:58.389238Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a6a1c6ffd0.35c82e35f3.com/133dd3e386fc47f05aa38e69bbd96649.js","fqdn":"a6a1c6ffd0.35c82e35f3.com","domain":"35c82e35f3.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a6a1c6ffd0.35c82e35f3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 02:15:04 GMT","end":"Thu, 02 Apr 2026 02:15:03 GMT"},"fingerprint":{"sha1":"36:8B:74:AB:18:55:3F:83:EC:A8:3F:A3:D1:73:FC:EB:E9:E9:3D:E6","sha256":"F2:CB:5A:57:48:F3:F6:D7:77:B7:62:C7:3B:60:CD:9D:B9:27:C1:4D:BC:ED:14:3C:89:F1:AA:73:13:C8:B5:D0"}}},"request":{"raw":"GET /133dd3e386fc47f05aa38e69bbd96649.js HTTP/1.1\r\nHost: a6a1c6ffd0.35c82e35f3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Thu, 18 Dec 2025 08:08:09 GMT\r\netag: W/\"6943b669-196ee\"\r\ncontent-encoding: gzip\r\nexpires: Mon, 05 Jan 2026 20:33:25 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104174,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d2f32802c43a8d95bb13e2bf58e3f0a4","sha1":"15246a9eb4cb7cde52369bd1fdc35908f5279d00","sha256":"4668d1c4351ace7e86b543c992cb17cdd15407847b207edf6dfab101ff57e25c","sha512":"1fe832cab8641e1fec4ef84f31ec835d53f51d757a93e56c58da574b1879e9d5b0822f14d9b7a8a2a02ef98a55fb8e5963fe69e74bc1d1144ac78c9556859951","ssdeep":"768:uAiyOOIGF3vRzxnR0i+bhLrhL5xub8JwfPsEIyp+dZIioT9FeWVbuoUfwqNl1iWJ:zOOlBB0FuM0Xi77Jc/sknkU8JRVUi","tlshash":"74a3298a32a1f4b006e244da943b0216f33e1929740e905cb7adddd5791ad4fa236f7e","first_seen":"2025-12-18T08:36:30.965351Z","last_seen":"2026-01-06T08:03:45.153096Z","times_seen":315,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a6a1c6ffd0.35c82e35f3.com/3c0dfae2c59e4534a09eb67fac516fb9/386461?version_name=a\u0026domain=vidoes.live","fqdn":"a6a1c6ffd0.35c82e35f3.com","domain":"35c82e35f3.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a6a1c6ffd0.35c82e35f3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 02:15:04 GMT","end":"Thu, 02 Apr 2026 02:15:03 GMT"},"fingerprint":{"sha1":"36:8B:74:AB:18:55:3F:83:EC:A8:3F:A3:D1:73:FC:EB:E9:E9:3D:E6","sha256":"F2:CB:5A:57:48:F3:F6:D7:77:B7:62:C7:3B:60:CD:9D:B9:27:C1:4D:BC:ED:14:3C:89:F1:AA:73:13:C8:B5:D0"}}},"request":{"raw":"GET /3c0dfae2c59e4534a09eb67fac516fb9/386461?version_name=a\u0026domain=vidoes.live HTTP/1.1\r\nHost: a6a1c6ffd0.35c82e35f3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.18.0\r\ncache-control: max-age=300\r\nexpires: Mon, 05 Jan 2026 20:33:24 GMT\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: MISS\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1446,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d56293e7755dd926942724bd7f798408","sha1":"1fd6e01c5ce3aa9a03e04a86602b2daf80f7fc4f","sha256":"7d494b5d9473a0f4477d45962dd00a4355dc1234fe72dfd2ee4f8b683e665fc8","sha512":"fea8dec52f673d2287a9f83fdabe7694f2ec3a8f011322d95a8de812858a94e6bb7c0899ecf535ec7f26d0474fcaccef4f4413f518ebe966cb3c1f2b8e405f2f","ssdeep":"","tlshash":"bd3112fcc625dcaa80c046c984d53f4817a835abb1c46455f5ac49b812cf5a21e3b20f","first_seen":"2025-11-28T14:21:06.072324Z","last_seen":"2026-02-07T05:38:38.839539Z","times_seen":11,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 02:02:57 GMT","end":"Wed, 25 Mar 2026 02:02:56 GMT"},"fingerprint":{"sha1":"C4:80:D6:E8:F3:2B:FD:8A:89:D9:CF:8B:78:3F:74:35:34:B3:68:8A","sha256":"DF:07:A2:74:C6:6C:63:AA:37:DD:AA:4F:E0:F5:C5:D7:9C:B8:28:C4:9C:45:3F:F7:BC:1B:0A:AE:7F:38:FF:B1"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://vidoes.live/\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.18.0\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":109,"dns":28,"connect":25,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"enrtx.com/get/","fqdn":"enrtx.com","domain":"enrtx.com","tld":"com"},"ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:26.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"popunder-base.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 02:02:37 GMT","end":"Sat, 04 Apr 2026 02:02:36 GMT"},"fingerprint":{"sha1":"9B:E8:3D:66:67:88:7C:DD:9A:4D:3E:E3:DD:04:5E:14:B1:28:E4:07","sha256":"61:92:85:31:D4:1A:77:42:3F:EC:2A:1C:27:3B:C5:31:31:C6:32:DE:D7:24:08:BE:7B:F4:F7:AA:66:C3:85:D2"}}},"request":{"raw":"POST /get/ HTTP/1.1\r\nHost: enrtx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1767\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1767,"data":"{\"imp\":[{\"secure\":1,\"ext\":{\"user_keywords\":\"\",\"tag_ab\":\"a\",\"id\":2612,\"spaceid\":2612,\"type\":\"pop\",\"subid\":\"1619763552\",\"utm1\":\"\",\"utm2\":\"\",\"utm4\":\"\",\"spot_id\":1469352,\"labels\":\"\",\"blocked_verticals\":\"\",\"allowed_labels\":\"\",\"ad_tags\":\"Tonton%2CVideo%2CHD\",\"refdomain\":\"twinply.shop\",\"is_iframe\":true,\"gyr\":0,\"features\":\"\",\"accel\":0,\"ssp\":3758,\"rchange\":false,\"otype\":3,\"stratagem\":\"\",\"v2_track\":0,\"cla\":0,\"v2\":0,\"mn\":0,\"timezone_olson\":\"UTC\",\"event_id\":\"3f86f27a-7e36-4827-be2f-3fe509fde13f\",\"testab\":0,\"approved_mainstream\":0,\"ver\":\"1.170.4\"},\"pext\":{\"ab\":0},\"metrics\":{\"sp_scr\":0,\"intes\":[],\"high_fr_clicks\":false,\"dev_cons_act\":false,\"scroll_percent\":0,\"empty_clicks\":0,\"prev_step_diff\":511,\"act_su\":1,\"izb\":\"0\"}}],\"site\":{\"id\":\"1469352\",\"cat\":[\"IAB25\"],\"page\":\"https%3A//vidoes.live/e/Rrwyh8cz3%3Flv1%3Dtwinply.shop\"},\"device\":{\"w\":1280,\"h\":1024},\"user\":{\"id\":\"0a5640c7525ced21bad7ba7f2784495a\",\"fp\":null,\"fp_str\":\"\",\"ua_data\":null,\"interest_ids\":[],\"is_webview\":false,\"is_inapp\":false,\"social_network\":\"\",\"device_specs\":{\"brand\":\"\",\"gpu_brand\":\"\",\"gpu_version\":\"\",\"os_name\":\"Windows\",\"cpu_cores\":48,\"device_memory\":0,\"width\":1024,\"height\":1280}},\"fp_params\":{\"plugins\":[\"PDF Viewer\",\"Chrome PDF Viewer\",\"Chromium PDF Viewer\",\"Microsoft Edge PDF Viewer\",\"WebKit built-in PDF\"],\"languages\":[\"en-US\",\"en\"],\"fonts\":[\"Bitstream Vera Sans Mono\",\"Century\"],\"fontPreferences\":{\"default\":173.11666870117188,\"apple\":173.11666870117188,\"serif\":173.11666870117188,\"sans\":162.01666259765625,\"mono\":122.68333435058594,\"min\":10.800003051757812,\"system\":162.01666259765625},\"platform\":\"Win32\",\"colorDepth\":24,\"deviceMemory\":0,\"hardwareConcurrency\":48,\"indexedDB\":true,\"sessionStorage\":true,\"localStorage\":true,\"cookiesEnabled\":false,\"colorGamut\":\"srgb\"},\"ext\":{\"dt\":1767644906337}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.16.0\r\ndate: Mon, 05 Jan 2026 20:28:26 GMT\r\ncontent-type: application/json\r\ncontent-length: 1418\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4328,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2fbaacdab6a277a4045e78951c3784a8","sha1":"c67e5d966ec5601ed894d890bac295a758378ec1","sha256":"fe2715a88d64eae4fd6b0de642fefc611ce35f85fbf9fa5755eed261989af68f","sha512":"754f4b08a750f3c5d73b1113b8f2fcd6c56e7461ee443757022d062acc60091c1a48d743ce0739a55064cec994c52656aaec8925f2bdbc29672a2afbc3a8073c","ssdeep":"96:zhTFulHfCKDHs/FtW6cgOUdrYE1RlTFulHfCKDHs/FNgOUdrYE1k:a5wtJr25wAre","tlshash":"dc91d781a867de2548c6d023b004f2282fd5cf6b9f9f9d89d4b1c36585e43a621ede0c","first_seen":"2026-01-05T20:28:58.39481Z","last_seen":"2026-01-05T20:28:58.39481Z","times_seen":1,"resource_available":false,"data":null}},"time_used":617,"timings":{"blocked":184,"dns":101,"connect":25,"send":0,"wait":247,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/plyr@3.7.8/dist/plyr.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/plyr@3.7.8/dist/plyr.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5504\r\ncf-ray: 9b95b8c94ff48be6-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 3.7.8\r\nx-jsd-version-type: version\r\netag: W/\"7f34-PpVh+3oqcLk7sQFPXZWLEj/mF2Q\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230120-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 3255751\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=hErxMqRWIqgFBD8j8o2JbsvwRoE7tXuoYz9BFYgYjw2sFtyyv4453jbHSHhPg9VKcVC9Iaj%2BwmpoCLt5xTToa3RHZSO3fWydoByrvREWmGHAVu4qBQOoEeGFHlS0rdjwS%2FE%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32564,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (32562), with no line terminators","md5":"411acf0fd5fe4d42c580db72f82077fd","sha1":"3e9561fb7a2a70b93bb1014f5d958b123fe61764","sha256":"2ee720801746a99015c74144707638048778223b2520c8228b627f7262fb122b","sha512":"c9ec54f61c277b731a2cbd8f1be6090e16b2492f4d59c8facfb32f5034a8321c0d8213e05e072f6205617e3e05318a4f87539fedbb7cfd12b9034ad0f5f3cc3b","ssdeep":"384:fj8gN8LOim80ytg9agvgIgVg0qGAB21RgQ/rp6bVDjg/zy:fnN8LOiyygNbVZ","tlshash":"cde2726179692138f83bd16d37b4c5cd333ca102fdd69aa9f194b76089caaf306b3641","first_seen":"2023-05-28T19:49:37Z","last_seen":"2026-04-04T06:08:13.862667Z","times_seen":1605,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":6,"dns":1,"connect":1,"send":0,"wait":10,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.popcash.net/show.js","fqdn":"cdn.popcash.net","domain":"popcash.net","tld":"net"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.popcash.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 15:08:06 GMT","end":"Fri, 20 Mar 2026 15:08:05 GMT"},"fingerprint":{"sha1":"CF:1A:C1:CF:0D:10:01:B4:35:E5:52:4F:93:F1:8F:8F:A9:C5:F4:66","sha256":"91:A4:BB:66:B2:D7:E6:E9:AD:69:1F:D1:8E:EC:37:C7:00:8B:01:25:43:AE:66:12:E7:60:55:2D:7B:5E:6C:1E"}}},"request":{"raw":"GET /show.js HTTP/1.1\r\nHost: cdn.popcash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 1818418\r\ncdn-requestcountrycode: NO\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=2592000\r\ncontent-encoding: br\r\netag: \"4f20f0952507fda6beb023023ecc3ece\"\r\nlast-modified: Thu, 04 Sep 2025 10:50:06 GMT\r\nx-amz-id-2: YmTfEcnmrF6oWwBfRfogi/6o/mJKAqjG3o6Dox4ffTmTq+aWLzSO5qHv1DdAY7IxlOAxjWydNbg=\r\nx-amz-request-id: H7ZDJGQ8KSEABG4Q\r\nx-amz-server-side-encryption: AES256\r\ncdn-proxyver: 1.34\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 09/04/2025 10:50:12\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 7e940cc0a5a01fc59bd90dd54e577614\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":110984,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65387)","md5":"4f20f0952507fda6beb023023ecc3ece","sha1":"c6c61f2bc884cc8b3b675461dc12f4aff42d3d0a","sha256":"ac2044b6693753a1d8f0f316ad175a7caa2afd1725484c5f7289015c9d11a98d","sha512":"3e9e084c61af23def755c7a57320ba34d7b3c4c16c80b4aca8053fc5b6f3743e70059a66c83cc0b3958eb1de1e80a1ee7230d09bd7973b14b13be5eb5f7a7faf","ssdeep":"1536:f24Ny1erT/XuZ3gYCuG90tqxSDsWI8Za6HMhX20BDbvcQzStYO5CX:zg1eP+ZGuoSaRks7O5CX","tlshash":"59b3754661cd22708a8bf333adefbcd4ee6f5900756588d7261cc2816925dac40bedf9","first_seen":"2025-09-04T19:58:55.300269Z","last_seen":"2026-04-01T22:14:59.260842Z","times_seen":183,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":65,"dns":58,"connect":3,"send":0,"wait":4,"receive":0,"ssl":5},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vidoes.live/api/videos/by-token/Rrwyh8cz3","fqdn":"vidoes.live","domain":"vidoes.live","tld":"live"},"ip":{"addr":"172.67.177.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vidoes.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 22:26:15 GMT","end":"Sun, 29 Mar 2026 23:22:37 GMT"},"fingerprint":{"sha1":"19:18:DB:3F:C1:1E:0D:6B:33:43:21:23:7B:08:9B:B2:9E:AE:53:D3","sha256":"A0:58:B1:0A:F3:9A:09:76:7A:AC:5C:15:F8:0F:7B:F2:EC:51:4B:7F:0D:F5:14:79:DF:20:82:12:3D:81:A7:08"}}},"request":{"raw":"GET /api/videos/by-token/Rrwyh8cz3 HTTP/1.1\r\nHost: vidoes.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/json; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ue4KGm4%2FGisy5RwfNdKutCAanHxKSictQbzTi2TFLl90wNWnEljA3%2FvZmMqireHJkIGp8dgwm5GJRV7%2BugiZ3BD3wR3AlkpL5DHS\"}]}\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\netag: W/\"cc-4lkOv9rN6XWXy+ZpH1rCVmMGLD0\"\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9b95b8cc5ca632fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":204,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"36e492f425d9ad9fba96ef3c236908b3","sha1":"e2590ebfdacde97597cbe6691f5ac25663062c3d","sha256":"8dfa540a7f91d7e4bcd31d7e8b84d460094789f24b3a1fa950172d4fd78a8cba","sha512":"6d638be6b8adf3bb15edad079c82a2a2700ec94d96037d27e0ffae35cf35e1bf2208d467d1ab1901b264060fc2a4174b131a842c562799033bf06b0d733c93b6","ssdeep":"","tlshash":"24d022f9214028e68e80c0c28cc3bcc1288e3203c0c54a4877ab88cc1c9c8150a00083","first_seen":"2026-01-05T20:28:58.39926Z","last_seen":"2026-01-05T20:28:58.39926Z","times_seen":1,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":112,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"vidoes.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /check.html HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Mon, 24 Nov 2025 08:42:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69241a69-39e\"\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":926,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"088dba8e97eede53134c93219f7ebbae","sha1":"adb707654d1fe0af7d0d7a9f55660d22bd3625e4","sha256":"6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff","sha512":"23a1f87731e8aee4658993cd1ce35ec179fea80b89bf52aca7634488f1bdfcf88b9cabca4859481357a9fee06cbb49df64bbe0878b1dae0e5df4fa34003c6d80","ssdeep":"","tlshash":"6211d04934e1684c1127a6301597a2183c32a40315cbd949fb9cd7301f815a7dc596df","first_seen":"2024-11-22T16:59:41.974716Z","last_seen":"2026-03-04T10:11:28.020186Z","times_seen":13721,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /on.js HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 24 Dec 2025 12:35:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694bde26-2654d\"\r\nexpires: Mon, 12 Jan 2026 20:28:23 GMT\r\ncache-control: max-age=604800\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157005,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b2bd7896282fae2dc085070a2b5f43ca","sha1":"b2e6820695e68db2dbb77a95c70fd651db53c581","sha256":"dc3a97ae05dfd044edeff249dea8707e1e46defeba8ad69e5e3e6a7f47b62620","sha512":"e8870aca6cfd5d7606e80f7e5cbe5912d3af05736bce9254b012919499253c3684e297879ee37d36bb21a774e29baa9c56c6b9b60bfc81fc28a89f250691e4fa","ssdeep":"1536:+9zwiun7syoQ28WmEDEMIqhr3O/0ieQhNlh0/RNzf9kcbOFUtAlPDfVwgpiOHrg6:+XD+/sQjH2zFkcbOqtUDSGuusvdHIN","tlshash":"0de3748c768bac320622b02d0c3f520ab725dce5d6b95514d067c1c9b97fc1b9276afb","first_seen":"2025-12-24T14:26:06.873721Z","last_seen":"2026-01-12T07:53:54.730368Z","times_seen":434,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":29,"dns":0,"connect":17,"send":0,"wait":22,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bartererfaxtingling.com/get/2090229?id=2090229\u0026var=100111\u0026jp=_clcrzvyslwnnusvecevvnv\u0026dr=102\u0026cuaa=1\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=3l0UarmaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=2086169213510144\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=1\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pi=W1oqmg\u0026pload=1251\u0026rlp=%5B0%2C121%2C151%2C95%2C22298%2C3969%2C409%2C3969%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0\u0026freq=0","fqdn":"bartererfaxtingling.com","domain":"bartererfaxtingling.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bartererfaxtingling.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:26:22 GMT","end":"Wed, 21 Jan 2026 14:26:21 GMT"},"fingerprint":{"sha1":"F1:45:16:A9:B8:54:81:33:AA:52:3E:EC:2D:B1:37:EE:6C:AF:82:35","sha256":"82:BE:8A:83:92:78:C4:84:A6:36:46:66:AA:0F:7A:1D:C5:F9:F6:2B:98:86:EC:B6:87:AF:77:4D:CA:E3:08:5D"}}},"request":{"raw":"GET /get/2090229?id=2090229\u0026var=100111\u0026jp=_clcrzvyslwnnusvecevvnv\u0026dr=102\u0026cuaa=1\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=3EVW4AeaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=3l0UarmaHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=2086169213510144\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=1\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pi=W1oqmg\u0026pload=1251\u0026rlp=%5B0%2C121%2C151%2C95%2C22298%2C3969%2C409%2C3969%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: bartererfaxtingling.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nCookie: PTS=; UID=2601051528bca5c399be4f4c588e0319f830; CHCK=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6513,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6513), with no line terminators","md5":"fbd9b5154c2990626f32b44e9592ac94","sha1":"cf79bd030f58d307f01dac6ad9e1397e0b38e470","sha256":"b815af53ca12649f2967fedf01d198f15d9aa6c2abdf76a630ef1df6b4ec0d11","sha512":"35fd5492e2b0b46361b071b188754ec2d62274d881e94a53353429a1688c724d5d6ba27c254146b4ade2d7d5b8d91642c9f90f1f2aac53e513adb80e82bab96c","ssdeep":"192:GwsiDqQ8j2jY22E6Irn1silb3ZD1rij277ovjs0IcK:MorrBJD1povjszcK","tlshash":"33d16d462975d5d7680c9c1732783e9b68d60aec8bc7fc6802b5c128858e73a68224df","first_seen":"2026-01-05T20:28:58.403096Z","last_seen":"2026-01-05T20:28:58.403096Z","times_seen":1,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/plyr@3.7.8/dist/plyr.polyfilled.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/plyr@3.7.8/dist/plyr.polyfilled.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 35846\r\ncf-ray: 9b95b8c948018be6-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 3.7.8\r\nx-jsd-version-type: version\r\netag: W/\"1d4a1-78IBQL0e/gSzpWuzY1h08HSc2Mo\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230171-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 3159883\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=CapJ3UkCP8SsKkTxUBfyM4dNDJZN1pKRNf5wZzSaC65WULTOvrCjhg9MaNzoRUAf0hPyMvavAWY%2FVjKGBtMmjKUR50j6fT5AyGk9PXvFLULu5sf8xxvezSxJwK%2BahG1eMB4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119969,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"71dc06ef63bafd519190803503d6fdd0","sha1":"efc20140bd1efe04b3a56bb3635874f0749cd8ca","sha256":"b0fc604958d3c5d9b393c4a4e48f77e232ab9928ee1a585a0e87e97984b5b024","sha512":"09719b177749c237fa5682d3022b73803bcc1f81dc93eb37a8925eabb2a56e0d0d9c559fc83e6bc682b867424632ff81225c4a27011237ff1135aaabd7f73141","ssdeep":"1536:hhaP8CysBHnjvlzs265In0KSVjq1FrJRD4r/lhmn7GGq78NUQJkAwwlepmDZBS34:hG88j91D1/itRajAUccxnC8t","tlshash":"dec319c3325af63181a659dea036021572398b9a7005c26cfd3cedde6838d4276bbf75","first_seen":"2023-10-23T10:46:16Z","last_seen":"2026-04-04T06:08:13.743509Z","times_seen":1128,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":1,"dns":1,"connect":2,"send":0,"wait":10,"receive":2,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LEPP2CC3N9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-LEPP2CC3N9 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\nexpires: Mon, 05 Jan 2026 20:28:24 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143192\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432997,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"84b7d0be08db1f0bd67522e6573f2d19","sha1":"7d26057da952cc362ced89c923eba15aef71ebec","sha256":"a907f8a4339d189621e7d70eddd2dae6b9200d8ee8e57f1cfb19e9ea33867356","sha512":"626a09995f0c05290994230ac8b3ca32143f9137cbb24aab3a877faef6034ef1b60bfc95f81df35a36b4fb93957af3edf4e0805263f00cd4c42acb398ce94259","ssdeep":"6144:1n7nTmlObujKYz1U95efDHHYOyQFzvnsdRiCjFW5ajaJddpC1xY:hTpbuNz1cEVnsdrpWjNpb","tlshash":"11941ace73c674269396e078503f118ba57b29e2b45cc896f189cce01e74a9a4277f7c","first_seen":"2026-01-05T20:28:58.405707Z","last_seen":"2026-01-05T20:28:58.405707Z","times_seen":1,"resource_available":true,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":5,"connect":26,"send":0,"wait":51,"receive":61,"ssl":205},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.plyr.io/3.7.8/plyr.svg","fqdn":"cdn.plyr.io","domain":"plyr.io","tld":"io"},"ip":{"addr":"104.26.13.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.plyr.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 10 Nov 2025 23:19:17 GMT","end":"Mon, 09 Feb 2026 00:19:05 GMT"},"fingerprint":{"sha1":"4B:0C:0D:86:7C:B6:86:C7:41:F3:BF:9F:56:55:E7:92:48:A3:8B:9E","sha256":"31:CD:B7:C1:7D:BA:A4:6D:DF:A9:16:DA:AF:07:60:09:B6:D2:A3:1E:9B:C8:75:F3:CA:18:F4:6C:7C:8F:A7:8F"}}},"request":{"raw":"GET /3.7.8/plyr.svg HTTP/1.1\r\nHost: cdn.plyr.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wQ7JAudhORvWvABvsKMmZF%2BKu1FWfUarNyRKNRkOBhh99kbAzu7OITjKjdZ5O0igNy4vFS9qMLipJBBufmC7pfD9KC5FBQke\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nage: 3347522\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 20 Apr 2023 10:33:44 GMT\r\nvary: Origin, Accept-Encoding\r\netag: W/\"3a727a9b7eef825081d78cc6e48aaadf\"\r\ncontent-encoding: br\r\ncf-ray: 9b95b8cdbe1c56a9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5785,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3a727a9b7eef825081d78cc6e48aaadf","sha1":"bc98e4a347921594352fbae53aaad185c0c7f6b5","sha256":"4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7","sha512":"a685f2c1a709994fbbf25582ccb4996562973e33b859d58225a3388de22410b5a2e2a52a87bda13d5473c3348f1ab7fb8c01010e6778d52276eb649ba03ba308","ssdeep":"96:ym9IR6RryIR6R2syGo0R1J5a6A3jalbI0NSJVUqSnxKfi5aR:yFR6RrRR6RHf1raYlM00JqAyaR","tlshash":"c7c197ffc72483b95c87993ddf33a090318fa1fab4e541b8a1558bb48b975c5e906e10","first_seen":"2023-05-09T20:31:23Z","last_seen":"2026-04-04T06:29:54.464783Z","times_seen":2933,"resource_available":true,"data":null}},"time_used":460,"timings":{"blocked":223,"dns":207,"connect":1,"send":0,"wait":13,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nv.loristracked.com/rdXqPgOBW4Uds/131675","fqdn":"nv.loristracked.com","domain":"loristracked.com","tld":"com"},"ip":{"addr":"23.109.253.37","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nv.loristracked.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Dec 2025 00:01:40 GMT","end":"Fri, 13 Mar 2026 00:01:39 GMT"},"fingerprint":{"sha1":"21:47:F0:D4:5E:25:F4:71:D3:9F:75:51:75:F2:68:26:BC:96:B7:10","sha256":"D8:5F:26:DA:A6:A1:11:98:CB:AE:5F:35:0E:2B:96:5C:2F:7F:59:A4:56:2D:CB:53:66:71:74:5D:C1:11:9E:AA"}}},"request":{"raw":"GET /rdXqPgOBW4Uds/131675 HTTP/1.1\r\nHost: nv.loristracked.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://vidoes.live\r\naccess-control-allow-headers: content-type, gyfr29qt4j80vdr0zhsj, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Tue, 06-Jan-2026 20:28:24 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJxjYGBgEuEXZMosEOSxNNSzNNAzMdIzNDURZEwXZPLzF2RKzhNk88svKk%2BsFGQsEmQyMBZkKsoT5PYvzslXcM4vzSsBiicLsoD4goyZgnxOOZkVCsH5OaUlmfl5xYJMQMzpnJiUk6rvEuwjyFjAxijIVJIPIotTRBgEGcvYJASZchJ5HHw%2Fv9qcvuAnkJPP46BavzE63G61IFNBsSCLgaGpIQCHOyne; expires=Tue, 06-Jan-2026 20:28:24 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T06:33:33.093087Z","times_seen":14785,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":123,"dns":88,"connect":20,"send":0,"wait":22,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nv.loristracked.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a6a1c6ffd0.35c82e35f3.com/121a908eacafa91f943687aeb96a72d7.js","fqdn":"a6a1c6ffd0.35c82e35f3.com","domain":"35c82e35f3.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a6a1c6ffd0.35c82e35f3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 02:15:04 GMT","end":"Thu, 02 Apr 2026 02:15:03 GMT"},"fingerprint":{"sha1":"36:8B:74:AB:18:55:3F:83:EC:A8:3F:A3:D1:73:FC:EB:E9:E9:3D:E6","sha256":"F2:CB:5A:57:48:F3:F6:D7:77:B7:62:C7:3B:60:CD:9D:B9:27:C1:4D:BC:ED:14:3C:89:F1:AA:73:13:C8:B5:D0"}}},"request":{"raw":"GET /121a908eacafa91f943687aeb96a72d7.js HTTP/1.1\r\nHost: a6a1c6ffd0.35c82e35f3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Wed, 24 Dec 2025 08:35:27 GMT\r\netag: W/\"694ba5cf-24115\"\r\ncontent-encoding: gzip\r\nexpires: Mon, 05 Jan 2026 20:33:24 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147733,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bf20c44981795047ce2c610a2100a35a","sha1":"24c225c700d3f4208417651f6779de9758cd90a1","sha256":"0ec0d01651f974e70dc3c7d4cc50599dbd3a818863b7011ef052c3a0641dc161","sha512":"97612ed9de3cfb245c7e6a70420ca817b99f7b6db0dae1395fbc16c1eef8e4cb4ff993954fbddc4917563840baeef269a9edea324b06e0131fc2e2e833266e7a","ssdeep":"1536:O18MdnC5OPz8QP9r2RcZSgtK8sBggHhO12FoX50FtQySd8uj6DzKEVKf7lbe0etc:mFSGSgtqZXqd8uODG0K5y0etsz","tlshash":"c8e34adcb2d2b07407e75099d83f1206b73a1a16b80c9058f6a6e9c17878ddb5237f7a","first_seen":"2025-12-24T08:41:20.196676Z","last_seen":"2026-01-15T08:09:34.935655Z","times_seen":438,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":137,"dns":88,"connect":21,"send":0,"wait":21,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tan-mouse.com/Yi2.xjpkZlW-5n0oZpGqF_0sYtTu9vy-cxmylzkAP_WCED3ENFm-QHwIZJjKg_4MMNzOhPk-YRzSMTzUY_WWEX5YNZj-ZbhcOdGeZ_igNhmiMjy-YlWmInzoN_TqVrms","fqdn":"tan-mouse.com","domain":"tan-mouse.com","tld":"com"},"ip":{"addr":"88.85.69.212","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tan-mouse.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 29 Nov 2025 23:04:46 GMT","end":"Fri, 27 Feb 2026 23:04:45 GMT"},"fingerprint":{"sha1":"B4:BF:BF:80:87:FC:A6:84:6B:E3:CB:FA:ED:A9:97:B5:AB:89:3F:E2","sha256":"65:67:24:21:A5:48:FA:4D:CE:7F:D9:73:C8:6D:FC:85:CC:DB:8A:6E:18:6C:87:C3:41:C8:BA:D3:63:C3:80:42"}}},"request":{"raw":"POST /Yi2.xjpkZlW-5n0oZpGqF_0sYtTu9vy-cxmylzkAP_WCED3ENFm-QHwIZJjKg_4MMNzOhPk-YRzSMTzUY_WWEX5YNZj-ZbhcOdGeZ_igNhmiMjy-YlWmInzoN_TqVrms HTTP/1.1\r\nHost: tan-mouse.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 104\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":104,"data":"ref=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026prevRef=https%3A%2F%2Ftwinply.shop%2F"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"tan-mouse.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2089259?id=2089259\u0026jp=_clwjjcxhpqneadjmxvegvf\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=UVU3j67aHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=A7MhTe6aHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1241744283310080\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=906\u0026rlp=%5B0%2C1%2C85%2C54%2C4657%2C1384%2C99%2C1384%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /get/2089259?id=2089259\u0026jp=_clwjjcxhpqneadjmxvegvf\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=UVU3j67aHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=A7MhTe6aHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1241744283310080\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=906\u0026rlp=%5B0%2C1%2C85%2C54%2C4657%2C1384%2C99%2C1384%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Mon, 08 Feb 2027 20:28:24 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Mon, 08 Feb 2027 20:28:24 GMT; Secure; SameSite=None\nUID=26010515280f2f3349e228459fb21c07ef41; Path=/; Expires=Mon, 08 Feb 2027 20:28:24 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3524,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (3524), with no line terminators","md5":"2158cc3897c593300c1d5b935b742518","sha1":"08bbda9029eb182eb012932c5778d080528417ab","sha256":"e4efdb9c1526fc52206cc18cf578e878e7af502912b2b95150ec99687f40e945","sha512":"dbe9034a3b3d8c047928ec3bbd574be8e187160c14db2c082d72e8b69e666785ef74413416a95c8c07c4308e2dbbf8da5b3b3999c764034c7911d4af8e7264a6","ssdeep":"","tlshash":"3771a299265beac560a8686df3f62d4034cd1bc1a8ce75a4f3052b00c199c20ff8beb4","first_seen":"2026-01-05T20:28:58.411753Z","last_seen":"2026-01-05T20:28:58.411753Z","times_seen":1,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 14:57:20 GMT","end":"Fri, 13 Feb 2026 15:57:18 GMT"},"fingerprint":{"sha1":"80:2D:1E:ED:7E:27:75:C8:26:5C:5A:67:67:AE:0B:64:50:E0:CB:35","sha256":"12:CD:2F:65:36:49:D1:F0:8F:A7:6A:68:FF:9C:96:CC:70:D2:75:FE:A5:51:07:CC:D0:AA:5A:75:18:DC:8D:61"}}},"request":{"raw":"GET /ip-push.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 42048\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 06:18:27 GMT\r\nvary: Accept-Encoding\r\netag: \"694a3433-a440\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 1174075\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\ncf-ray: 9b95b8c9a91f569b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137417,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"ff1a7ef27d66a8dfd40c3a86d7e1c127","sha1":"cf211238cbba54b060cf4a9798ef946fb1c1b6ab","sha256":"8b1fa343a47f3d13f66208871a8213c58442b3d69b48eec8dc8dcf84fdb349a7","sha512":"2f66a46c5fb04477a3b996ca1f214b04b8e506b57559d48f2f77e06d67742d9ea1eac700e4b872f1c3cba046876bbb1752252d25fbd3d4d8e1720692d8668167","ssdeep":"1536:gxnmq0VdSHcg4Qs55a2Rn55lYU7t6UK71hnln2Cazf7XoJ27ilcgG:wnX0VdSkQs55HRjvt6D1hGe2Ge","tlshash":"b8d3838dbac1b16106e37064027f540af2b73a54b44fc8c0f66ad5e06ebe94f6167e2d","first_seen":"2025-12-23T14:51:43.590335Z","last_seen":"2026-01-30T11:02:48.824717Z","times_seen":260,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":62,"dns":51,"connect":3,"send":0,"wait":6,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/hls.js@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/hls.js@latest HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 162728\r\ncf-ray: 9b95b8c94ffb8be6-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.6.15\r\nx-jsd-version-type: version\r\netag: W/\"844ae-XHEIsdDuVq9cn8TPGBJJmMABdjI\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230186-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 29509\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=iWGpCqNrO5MTbsvesGRKH%2FzEeviHI1xKp65xTptqJA%2F%2BHi2yTrhwH3AOppbaOkLnlmOGWrrhFCu4fVR4bZppwP9sEBQC%2BjvWbIQh1kyz3cQxBDsAkLUG4yedTk3hiCgDzGw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":541870,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"69991b6ecc5d57cf73bad5b3a1296058","sha1":"5c7108b1d0ee56af5c9fc4cf18124998c0017632","sha256":"413a83e2bb0c77ed0bf0be105d539d17ef45dfd984a0b13ecd3b14a901383938","sha512":"09256a7386bbb67fad8b30cdb7e783a159f67d7600c0c0e908baf01a55ab3a4b4d7d943d829e1d28a49c12531e465ac889f865897b346b4e812da52098c94253","ssdeep":"6144:ax52zYCo5VplapfQn4RzVt2tFPR5Szfmm6faVqKxh7U4StP1BHTO1OMAt2TMQxIu:a959aB7RzT2tF4lVqKxKld24Q9","tlshash":"35b429ed36a5a01643c2b169903f5507633a7d0a284cc12cfa2be9d72d7994db13bf74","first_seen":"2025-11-19T18:04:40.578466Z","last_seen":"2026-04-04T06:42:56.90098Z","times_seen":1362,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":2,"send":0,"wait":14,"receive":5,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hotloss.com/cBDy9.6dby2/5mlNSKW/Q/9vNpjfY/5SO/D/IZ2-NXi/0U2yNcjDkA4VMDjkYX3B","fqdn":"hotloss.com","domain":"hotloss.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hotloss.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Dec 2025 10:04:06 GMT","end":"Tue, 17 Mar 2026 10:04:05 GMT"},"fingerprint":{"sha1":"AA:90:6F:BC:19:95:A2:C8:9A:3B:8D:82:65:34:BD:52:5A:C4:30:AA","sha256":"EE:C7:A1:58:27:B6:08:50:FA:E8:20:78:EA:B8:B4:DD:E8:27:DD:3F:A2:0C:0B:37:68:72:FB:21:D6:7A:A8:69"}}},"request":{"raw":"GET /cBDy9.6dby2/5mlNSKW/Q/9vNpjfY/5SO/D/IZ2-NXi/0U2yNcjDkA4VMDjkYX3B HTTP/1.1\r\nHost: hotloss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\nlast-modified: Mon, 05 Jan 2026 20:28:24 GMT\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-origin: *\r\nset-cookie: uniqCookie=5d1ed1a1011ad71ea05c9d3218e6d225; max-age=1770236904; path=/\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38007,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22811)","md5":"ab706ebe7c5b36e2e9680c5ee9553129","sha1":"65b3cf049bda9433b4ea79164c9d05fe8aaddaf9","sha256":"298507e4c7409bd0fe294557f40511cde4dbb5389eb7657aa691eade5b7aa55c","sha512":"e5b83c18fc2b12e255f73e0215fb61f4cade97ab1d7e4829d55e3d29bd56a43eaaa776f751a54f51b59437146cf16fdd3cd14beb3a2356719c27755b36fb0b83","ssdeep":"768:bZhdZg7J05MLfTF9dFaQNp8JY29c6SboEBkleZ2YoOcLhIOPTgLgooDMiG82IGz7:bZ1g7JFLqQNp8Jr9c6SboEBkleZ2qcLE","tlshash":"1c03a6c8b1c3642642ea507d713b7208b23a54655429b028bc79c8e4fcb9e9f8577bbd","first_seen":"2026-01-05T20:28:58.415864Z","last_seen":"2026-01-05T20:28:58.415864Z","times_seen":1,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":78,"dns":21,"connect":17,"send":0,"wait":45,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"hotloss.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dcba.popcash.net/znWaa3gu","fqdn":"dcba.popcash.net","domain":"popcash.net","tld":"net"},"ip":{"addr":"18.206.206.130","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.popcash.net","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 12 Aug 2025 15:57:43 GMT","end":"Sun, 13 Sep 2026 15:57:42 GMT"},"fingerprint":{"sha1":"C9:07:0C:6E:36:6F:84:FD:4F:37:3C:76:7D:7E:03:59:B6:A2:77:4D","sha256":"49:D3:DD:33:1D:D2:B9:54:08:60:36:B4:CD:B0:6F:E6:C6:B6:D6:6E:AE:7E:81:CD:85:61:00:02:04:FE:8E:65"}}},"request":{"raw":"GET /znWaa3gu HTTP/1.1\r\nHost: dcba.popcash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: 0\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":832,"timings":{"blocked":366,"dns":72,"connect":95,"send":0,"wait":96,"receive":0,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thumbs.alflix.cv/thumbs/2026/01/1000010433.jpg","fqdn":"thumbs.alflix.cv","domain":"alflix.cv","tld":"cv"},"ip":{"addr":"104.21.14.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"d1b94b46.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 21:28:44 GMT","end":"Mon, 30 Mar 2026 22:28:33 GMT"},"fingerprint":{"sha1":"FF:62:C5:E6:7A:0E:CE:62:00:A3:D1:3D:8C:C4:B4:94:A8:73:E6:2C","sha256":"C2:04:39:C4:71:65:DF:E3:92:DC:CB:11:40:AA:21:37:AA:F9:F0:AF:F2:21:8C:EC:BE:54:5C:11:FF:4A:7A:06"}}},"request":{"raw":"GET /thumbs/2026/01/1000010433.jpg HTTP/1.1\r\nHost: thumbs.alflix.cv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73292\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7xXNI7%2FzqHljPua8CX5FPryoA4a1D%2FVAX2aLvMnJjc8RkYcFvjZGkvgybAG0fVqhCopgW19SJFy1EIly7H8NJOhwdUDSLsxDctQtvmFj\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\ncache-control: public, max-age=604800\r\netag: \"430cd360e124424684ce3a9b4381224f\"\r\nlast-modified: Sat, 03 Jan 2026 13:40:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-ray: 9b95b8d0be12b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73292,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 7271x7253, segment length 16, comment: \"Lavc60.31.102\", baseline, precision 8, 1072x1920, components 3","md5":"430cd360e124424684ce3a9b4381224f","sha1":"b8ba671b7b201c65d1fa3b14bd0290af16725786","sha256":"4f3927d22580c8c32cd9338e9dbd94f5995d3b19b38bdc5dbee67bdf237d3955","sha512":"632af29b92bc27eb1a77354854116a32a2009a9a5b367699388bb52c75894b53012ab20124cd2f4024fb0e3eb8fc3ebebbe410d37a1a3a068c61c52e27163e10","ssdeep":"1536:9i4sK3SFLpd/yt7rCjUUICGWM1sxneMQjnUKf5d7/sO5:mK3SNH07WfNGh1sxeP5L7/sO5","tlshash":"5a63f2901e1c598dd0be73308a8e0e5cbb27c68ada2107086fc7aab55fb5ed83d15f45","first_seen":"2026-01-05T20:28:58.417687Z","last_seen":"2026-01-05T20:28:58.417687Z","times_seen":1,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":53,"dns":39,"connect":1,"send":0,"wait":199,"receive":3,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"thumbs.alflix.cv","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=386461","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"POST /fp?tag_id=386461 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1972\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1972,"data":"{\"timezoneOlson\":\"UTC\",\"incognito\":true,\"fonts\":{\"value\":[\"Bitstream Vera Sans Mono\",\"Century\"],\"duration\":118},\"fontPreferences\":{\"value\":{\"default\":173.11666870117188,\"apple\":173.11666870117188,\"serif\":173.11666870117188,\"sans\":162.01666259765625,\"mono\":122.68333435058594,\"min\":10.800003051757812,\"system\":162.01666259765625},\"duration\":231},\"languages\":{\"value\":[[\"en-US\"],[\"en-US\",\"en\"]],\"duration\":0},\"colorDepth\":{\"value\":24,\"duration\":0},\"deviceMemory\":{\"duration\":0},\"screenResolution\":{\"value\":[1280,1024],\"duration\":0},\"hardwareConcurrency\":{\"value\":48,\"duration\":1},\"timezone\":{\"value\":\"UTC\",\"duration\":0},\"sessionStorage\":{\"value\":true,\"duration\":0},\"localStorage\":{\"value\":true,\"duration\":0},\"indexedDB\":{\"value\":true,\"duration\":0},\"platform\":{\"value\":\"Win32\",\"duration\":0},\"plugins\":{\"value\":[{\"name\":\"PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"Chrome PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"Chromium PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"Microsoft Edge PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"WebKit built-in PDF\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]}],\"duration\":0},\"vendor\":{\"value\":\"\",\"duration\":1},\"cookiesEnabled\":{\"value\":false,\"duration\":0},\"colorGamut\":{\"value\":\"srgb\",\"duration\":0},\"rendererUnmasked\":{\"value\":\"\",\"duration\":36},\"brand\":\"\",\"device\":\"\",\"os_type\":\"desktop\",\"os_family\":\"Windows\",\"front_browser_family\":\"Firefox\",\"front_browser_name\":\"Firefox 134\",\"pixel_ratio\":1}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Mon, 05 Jan 2026 20:28:25 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 60\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://vidoes.live\r\nSet-Cookie: id=11162834578966125050; Expires=Tue, 05 Jan 2027 20:28:25 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"aed48a0973cb6e9b8e24f1c0e9255a7d","sha1":"73c0149e72a9d8d7c3242fce97b6fea35b479d94","sha256":"5190eb4819735e9de5702d94c90fdddbaa76ae92e623cfaa4125d9420318bbe2","sha512":"6c3e2cb3cb196c097da73e6939b354cf129bc996290fec9433798d95c2df3069e4f15a7d0c8523b55ce573991eadab9d2e2d47bc2ba3c1193ecd65c55298b2df","ssdeep":"","tlshash":"75a002114b640a3e84f28490433608f40dc853c0ae0333c7dc4168c008d3009602fa41","first_seen":"2025-07-26T20:08:43.239696Z","last_seen":"2026-04-04T06:30:59.678436Z","times_seen":1049,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":13,"connect":24,"send":0,"wait":25,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.pncloudfl.com/pn/15e/dd7/d1f/15edd7d1f8bed792037ca3ba9d2e0f737824602d.png","fqdn":"cdn.pncloudfl.com","domain":"pncloudfl.com","tld":"com"},"ip":{"addr":"104.20.30.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.pncloudfl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 15:15:13 GMT","end":"Tue, 10 Mar 2026 16:15:09 GMT"},"fingerprint":{"sha1":"69:FC:7A:1D:92:39:0C:46:9A:C6:8A:01:99:0A:3F:46:9B:07:6E:1C","sha256":"7A:9B:C4:27:F6:F6:B3:AA:70:FE:EF:72:89:DC:CC:4F:73:D7:05:64:8C:E7:64:2F:FE:BE:08:DB:0E:62:B6:14"}}},"request":{"raw":"GET /pn/15e/dd7/d1f/15edd7d1f8bed792037ca3ba9d2e0f737824602d.png HTTP/1.1\r\nHost: cdn.pncloudfl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: image/webp\r\ncontent-length: 35092\r\nx-amz-id-2: tPP3anzSQuTe+dcD/tpbqrp4sWecz3YxZ1OiNh5JuEjzGnK0QAXtbeK9vB+7vGKevfJUE3t87OM=\r\nx-amz-request-id: 2C54YF6467V57RXY\r\nlast-modified: Wed, 14 May 2025 14:27:57 GMT\r\netag: \"11d58eb64e3d6da01cc37c336e810d09\"\r\nx-amz-server-side-encryption: AES256\r\ncontent-disposition: \r\naccept-ranges: bytes\r\nserver: cloudflare\r\npriority: u=4;i=?0,cf-chb=(74;u=5;i=?0)\r\ncf-bgj: h2pri,imgq:100\r\ncf-polished: ok\r\naccess-control-allow-origin: *\r\nvary: accept, accept-encoding\r\nage: 5971\r\ncache-control: max-age=432000\r\ncf-cache-status: HIT\r\ncf-ray: 9b95b8d4accf723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":35092,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"641ec554dc1d95fd0d69c278ec033f86","sha1":"31e30f670e26ee5ee9e210952f3298440d045355","sha256":"1bfe050d92772d0bff7a286ebcf59f2d99928ebe05c68f966914e1fd65f3a6ff","sha512":"b6c6427be2555e680da3d0924e940b672b167db743f73a0415b0f4489b400fce2e589ade7d4c05c40f9160ebd39f7f779918181b328c1d200291efac58febe9e","ssdeep":"768:2KGJk1O/HwjDXoP9iAu9TT7c/RPQg9ndEE74kEe61KTI7H:mJk1O/HwjzcopT6FQg9ndEE74HejTU","tlshash":"a6f2f195150a5d368a38f56bf4c023877174da120e30d3cba0fb4abb5ad1d4e4b2e96e","first_seen":"2025-03-11T05:32:53.648818Z","last_seen":"2026-03-15T16:52:28.501183Z","times_seen":52,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":61,"dns":51,"connect":1,"send":0,"wait":5,"receive":2,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:32 GMT","end":"Wed, 25 Feb 2026 15:57:31 GMT"},"fingerprint":{"sha1":"F5:06:14:04:6B:D5:32:C9:BA:A9:B4:13:02:C3:F0:62:2A:24:BC:90","sha256":"D8:34:74:17:27:E1:E2:E3:A9:BB:5D:58:F5:DB:40:51:4E:6C:34:33:BF:88:83:62:03:97:DC:4B:FB:67:B5:45"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:zTP-or85OzgX4mL0yIxvN_BGP4PFtQ:dOAdukRpZ_RRPjty; Expires=Wed, 05-Jan-2028 20:28:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S-617606915:1767644905980557\u0026ifkv=Ac2yZaWcW9kkHgRsWslOTlFGUAZ4qMEuFKDi1uriQL6R3QwQUZJ9lKHWs4dAPNL_J6KssRMH9y5A-g\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-EmtW_Q2xc9QcFKljTlTjUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-resource-policy: cross-origin\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy: unsafe-none\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":97,"dns":0,"connect":28,"send":0,"wait":37,"receive":1,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tuqojtancv.com/jifppa/oqbablan/awp?uZso3=mZY3m\u0026agdpy=iu\u0026tyvc=yx\u0026mow=uiy\u0026pkbls=elmvy\u0026om=7045685\u0026plekos=vvin\u0026zl=5\u0026emp=8\u0026mpwmkbi=417685\u0026kn=_enkmfqqlxjmmgkzbzrqwhg","fqdn":"tuqojtancv.com","domain":"tuqojtancv.com","tld":"com"},"ip":{"addr":"94.242.247.32","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tuqojtancv.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Dec 2025 18:15:11 GMT","end":"Tue, 17 Mar 2026 18:15:10 GMT"},"fingerprint":{"sha1":"61:E4:D0:91:16:72:93:9C:2A:BF:75:81:A5:8C:CE:00:5A:DF:FF:9C","sha256":"75:04:6C:F2:2F:01:3F:39:3E:A5:48:10:7B:AE:F0:5D:A2:C4:39:10:1D:6A:1A:86:68:CA:52:41:4F:BE:A2:91"}}},"request":{"raw":"GET /jifppa/oqbablan/awp?uZso3=mZY3m\u0026agdpy=iu\u0026tyvc=yx\u0026mow=uiy\u0026pkbls=elmvy\u0026om=7045685\u0026plekos=vvin\u0026zl=5\u0026emp=8\u0026mpwmkbi=417685\u0026kn=_enkmfqqlxjmmgkzbzrqwhg HTTP/1.1\r\nHost: tuqojtancv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\nUID=2601051528c1e2781f6af8485192d06c1d9a; Path=/; Expires=Mon, 08 Feb 2027 20:28:25 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":535,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (535), with no line terminators","md5":"9d149b15fdd4d8f072e922a4406c4e55","sha1":"64415c449c2d03fb5e4d79910a461ca7f762a54d","sha256":"21a0d4c0201a9072ea5951d8302863f278fc20834d6e5c9c563626a96b97997f","sha512":"276b976c80f033767b7b0f2a7c7e08704d60618c2261fb7363bde3c607a1cb299f27d76e4b8263fb8d0f5fd24becab0db914b850245ed1d1f845a18f6c449226","ssdeep":"","tlshash":"bef0c0eda434e8ddc407080a67fdcf9c4d64022ace6b0640b2c4c2ea500c9f15623b43","first_seen":"2026-01-05T20:28:58.426483Z","last_seen":"2026-01-05T20:28:58.426483Z","times_seen":1,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":40,"dns":1,"connect":17,"send":0,"wait":18,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.pncloudfl.com/pn/78c/9e0/35e/78c9e035e3e50303d691f91479546b8df0d50b81.gif","fqdn":"cdn.pncloudfl.com","domain":"pncloudfl.com","tld":"com"},"ip":{"addr":"104.20.30.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.pncloudfl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 15:15:13 GMT","end":"Tue, 10 Mar 2026 16:15:09 GMT"},"fingerprint":{"sha1":"69:FC:7A:1D:92:39:0C:46:9A:C6:8A:01:99:0A:3F:46:9B:07:6E:1C","sha256":"7A:9B:C4:27:F6:F6:B3:AA:70:FE:EF:72:89:DC:CC:4F:73:D7:05:64:8C:E7:64:2F:FE:BE:08:DB:0E:62:B6:14"}}},"request":{"raw":"GET /pn/78c/9e0/35e/78c9e035e3e50303d691f91479546b8df0d50b81.gif HTTP/1.1\r\nHost: cdn.pncloudfl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: image/gif\r\ncontent-length: 146248\r\nx-amz-id-2: EOBKeL+ELqywhlPa13BgNpg/H5RSmMV8+04iontVI3XHR1bWb64SK8VafWrDVddU9Av3d8p1KFJh1irFyBHQ4Y07zJiR1NJ2OkJbdr7BWlM=\r\nx-amz-request-id: BNSYN452GDZ5S5S8\r\nlast-modified: Thu, 23 Oct 2025 15:07:41 GMT\r\netag: \"d2d576d06f509501dff8c12b6eec0245\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nage: 22\r\ncache-control: max-age=432000\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nvary: accept-encoding\r\ncf-ray: 9b95b8d4bcd8723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":146248,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 192 x 192","md5":"d2d576d06f509501dff8c12b6eec0245","sha1":"78c9e035e3e50303d691f91479546b8df0d50b81","sha256":"9cfbe70a2453ac2c31a87ca247fea2e5fac5ee52de8c74744f00c940ff69adad","sha512":"24b78604a02050924c21d7fe912ff33763585f454c1bb23169ca938338a7d4f21730bebae676232e5947c08033d5b0b821f96d365d4d3622f6f186871ced6589","ssdeep":"3072:0eF8+uOgLGSRdpIvaMDjZuhIguUbSeqBHhERJSafQzHbJ/P+He:nF8+SLTdpIzjEIgjGeIeNOHbJ/Ge","tlshash":"7ee312d1074c2bd2f1ae6af16aae342c7e356eac2f4736f287614822fc633445555dc8","first_seen":"2026-01-02T01:52:58.82666Z","last_seen":"2026-01-14T02:11:58.713461Z","times_seen":21,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":61,"dns":50,"connect":1,"send":0,"wait":6,"receive":5,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S-617606915:1767644905980557\u0026ifkv=Ac2yZaWcW9kkHgRsWslOTlFGUAZ4qMEuFKDi1uriQL6R3QwQUZJ9lKHWs4dAPNL_J6KssRMH9y5A-g","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:26.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:32 GMT","end":"Wed, 25 Feb 2026 15:57:31 GMT"},"fingerprint":{"sha1":"F5:06:14:04:6B:D5:32:C9:BA:A9:B4:13:02:C3:F0:62:2A:24:BC:90","sha256":"D8:34:74:17:27:E1:E2:E3:A9:BB:5D:58:F5:DB:40:51:4E:6C:34:33:BF:88:83:62:03:97:DC:4B:FB:67:B5:45"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S-617606915:1767644905980557\u0026ifkv=Ac2yZaWcW9kkHgRsWslOTlFGUAZ4qMEuFKDi1uriQL6R3QwQUZJ9lKHWs4dAPNL_J6KssRMH9y5A-g HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:RAcLdfkbyWZtkk7FpTcOoW1C8JIkEw:exglom_o3dSeT5ZE;Path=/;Expires=Wed, 05-Jan-2028 20:28:26 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 05 Jan 2026 20:28:26 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S-617606915%3A1767644905980557\u0026hl=en\u0026ifkv=Ac2yZaWWoxsYdIGzC11pBMx4UKIewfBYLoK-BtPq8DjJZBvtfFC1vkHZAWzwMrXmPKPnrQEDpLPG\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: script-src 'nonce-a4zMD3TNvsjTob4FBuOqQQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 417\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/505952?host=vidoes.live\u0026ev=228\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b\u0026i=1\u0026referrer=twinply.shop\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 Jan 2026 23:28:40 GMT","end":"Fri, 03 Apr 2026 23:28:39 GMT"},"fingerprint":{"sha1":"85:74:F2:79:0B:02:78:8E:1F:E8:80:75:73:6B:99:06:70:82:4A:1C","sha256":"29:2D:AF:FF:BB:42:24:C4:F8:F2:B4:C4:71:6B:6A:74:80:7D:0F:7C:8C:1D:6F:83:C8:8E:21:72:19:F1:5E:48"}}},"request":{"raw":"GET /api/users/505952?host=vidoes.live\u0026ev=228\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b\u0026i=1\u0026referrer=twinply.shop\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nCookie: nauid=4oVLlHDFMXHdCzEGV5EA\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":668,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (352)","md5":"6a816daff003d28d992f1ebb549626eb","sha1":"bbf10f69c002b1375a869d16f30393d5721587c6","sha256":"c72c731ca46c9158109698e103b2682e810ce1fdf00f39ae0529ab183a2a4152","sha512":"d57e3e1a0e28e247ad946b64a3d9fbca5624a23bd1017ca9e3b5ea5215dd0eb63776d6869cf9d074a0add0228114064ac803cc6d592e3fd12ce925ea99f9f87c","ssdeep":"","tlshash":"2601ddc0478c65fe8b0855a7e83e4eb6dd5d853c6754901afb28530f55ce18203a129b","first_seen":"2026-01-05T20:28:58.429735Z","last_seen":"2026-01-05T20:28:58.429735Z","times_seen":1,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=3f86f27a-7e36-4827-be2f-3fe509fde13f\u0026subid=1619763552\u0026spot_id=1469352\u0026created_at=2026-01-05\u0026timezone=0\u0026ver=1.170.4","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 02:02:57 GMT","end":"Wed, 25 Mar 2026 02:02:56 GMT"},"fingerprint":{"sha1":"C4:80:D6:E8:F3:2B:FD:8A:89:D9:CF:8B:78:3F:74:35:34:B3:68:8A","sha256":"DF:07:A2:74:C6:6C:63:AA:37:DD:AA:4F:E0:F5:C5:D7:9C:B8:28:C4:9C:45:3F:F7:BC:1B:0A:AE:7F:38:FF:B1"}}},"request":{"raw":"GET /in/dip?event_id=3f86f27a-7e36-4827-be2f-3fe509fde13f\u0026subid=1619763552\u0026spot_id=1469352\u0026created_at=2026-01-05\u0026timezone=0\u0026ver=1.170.4 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stream.alflix.cv/videos/2026/01/1000010433.mp4","fqdn":"stream.alflix.cv","domain":"alflix.cv","tld":"cv"},"ip":{"addr":"104.21.14.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:26.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4500e9fa.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 15:42:43 GMT","end":"Thu, 19 Feb 2026 16:42:33 GMT"},"fingerprint":{"sha1":"13:F4:5F:F4:9B:25:76:0B:1D:1C:0F:CC:BE:51:D5:9E:49:17:37:8E","sha256":"D1:CE:98:F2:D9:A4:53:C4:70:A9:83:12:1D:E0:95:42:E4:40:1D:75:8D:C2:E8:4E:6B:3D:F6:B7:B4:05:05:17"}}},"request":{"raw":"GET /videos/2026/01/1000010433.mp4 HTTP/1.1\r\nHost: stream.alflix.cv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=262144-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Mon, 05 Jan 2026 20:28:26 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 46054115\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1sgiBXHMBIBzkhbmGeVlYLzJgWog0G5J0V0R510XBkBSOyv%2BjlZaqufzUXFaT09fdYeekln4MFyRMaBjSmNvdn0KVjhBw8T5xOkFi8GFbCs%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nage: 4295\r\netag: \"796ea52ada3899e0825cfbddc728aa08-5\"\r\nlast-modified: Sat, 03 Jan 2026 13:40:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncontent-range: bytes 262144-46316258/46316259\r\ncache-control: max-age=14400\r\ncf-ray: 9b95b8da1fce1a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122880,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"32005e774c07125f51e97f3ab496d0a8","sha1":"7022ea97cefa5419bb7300d83b045c23530a1eee","sha256":"0e4e02cbd9c68edec07e5de9f36271b4e35549d4d2407f79c175e2fed5055bf1","sha512":"c84f82a45282b9d15e2e4e1e5fd4f8ee42ef0d909c154e79f32b366c9a40587d7103e6b7155c841e64b070e36cdae32f4d6673b8ab14b872c98a3b2c89112f76","ssdeep":"3072:m1muXz1In15q20ZmA8eyTY2EUpFdkFNWnF:WJIn1025FP/pFnF","tlshash":"69c3127a53dc9c64bf49d69cf8e1468c1fc094d9d907d60bb468b618683464e90cbf3b","first_seen":"2026-01-05T20:28:58.433166Z","last_seen":"2026-01-05T20:28:58.433166Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"stream.alflix.cv","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/508348?host=vidoes.live\u0026ev=228\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b\u0026i=1\u0026referrer=twinply.shop\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 Jan 2026 23:28:40 GMT","end":"Fri, 03 Apr 2026 23:28:39 GMT"},"fingerprint":{"sha1":"85:74:F2:79:0B:02:78:8E:1F:E8:80:75:73:6B:99:06:70:82:4A:1C","sha256":"29:2D:AF:FF:BB:42:24:C4:F8:F2:B4:C4:71:6B:6A:74:80:7D:0F:7C:8C:1D:6F:83:C8:8E:21:72:19:F1:5E:48"}}},"request":{"raw":"GET /api/users/508348?host=vidoes.live\u0026ev=228\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b\u0026i=1\u0026referrer=twinply.shop\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nCookie: nauid=4oVLlHDFMXHdCzEGV5EA\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-length: 0\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=386461","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"OPTIONS /fp?tag_id=386461 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://vidoes.live/\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Mon, 05 Jan 2026 20:28:25 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://vidoes.live\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":78,"dns":4,"connect":26,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 02:02:57 GMT","end":"Wed, 25 Mar 2026 02:02:56 GMT"},"fingerprint":{"sha1":"C4:80:D6:E8:F3:2B:FD:8A:89:D9:CF:8B:78:3F:74:35:34:B3:68:8A","sha256":"DF:07:A2:74:C6:6C:63:AA:37:DD:AA:4F:E0:F5:C5:D7:9C:B8:28:C4:9C:45:3F:F7:BC:1B:0A:AE:7F:38:FF:B1"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 97\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":97,"data":"{\"ad_tags\":\"Tonton%2CVideo%2CHD\",\"page\":\"https%3A//vidoes.live/e/Rrwyh8cz3%3Flv1%3Dtwinply.shop\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: application/json\r\ncontent-length: 29\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9de4d76f7cd1de8d58465c193faa8169","sha1":"3a47507e816709bae303031af9e1bf5c99dde205","sha256":"3614cada4d9671da10626d47af311abad5737810da4f76833d039d50e263c279","sha512":"10aea5c94220e7c5dd58c69cdfba8dc01ecfac42d471318a8084f37f782d4c7ab1441ffa397093780d73c134453a70eb04ac56c17455c6be2e5957fc7493632f","ssdeep":"","tlshash":"c4800028b08a0c030ec2f00032808a882082f0c288008c8c20f00c008323a00020cc0c","first_seen":"2025-11-28T11:23:34.201333Z","last_seen":"2026-01-05T20:28:58.436168Z","times_seen":6,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:23.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 14:57:20 GMT","end":"Fri, 13 Feb 2026 15:57:18 GMT"},"fingerprint":{"sha1":"80:2D:1E:ED:7E:27:75:C8:26:5C:5A:67:67:AE:0B:64:50:E0:CB:35","sha256":"12:CD:2F:65:36:49:D1:F0:8F:A7:6A:68:FF:9C:96:CC:70:D2:75:FE:A5:51:07:CC:D0:AA:5A:75:18:DC:8D:61"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 77814\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 06:18:27 GMT\r\nvary: Accept-Encoding\r\netag: \"694a3433-12ff6\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 1174134\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\ncf-ray: 9b95b8c9a91a569b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":248445,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"e4402ff91a4c2c14641427454c831602","sha1":"720e8365191135a4745a533a843f4acd32292df9","sha256":"0019105a70cd9bed5725359fb59b243d481224ce5fc68a317a4637ca853e3829","sha512":"c5f5215cec44e91fc07547550c764cdce55e38cc3107a037840777c013266fe86b37c22f34c9687ff3198c3fce27976ae4fd7bb609e9a99ba4afd7a62ef25134","ssdeep":"3072:kg9Ou1GUClpCuDFiYLPSYOP5iXac/znNTxx7p+Qw:Ku1GrlUu5SZ4XZDx7pY","tlshash":"7634b78cb6c1b4e586a361b4023f181af3773a15744ec481b52dd6d16e7ea0fa927e3c","first_seen":"2025-12-23T13:01:17.084993Z","last_seen":"2026-02-08T15:49:19.807881Z","times_seen":441,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":58,"dns":51,"connect":1,"send":0,"wait":5,"receive":2,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 14:57:20 GMT","end":"Fri, 13 Feb 2026 15:57:18 GMT"},"fingerprint":{"sha1":"80:2D:1E:ED:7E:27:75:C8:26:5C:5A:67:67:AE:0B:64:50:E0:CB:35","sha256":"12:CD:2F:65:36:49:D1:F0:8F:A7:6A:68:FF:9C:96:CC:70:D2:75:FE:A5:51:07:CC:D0:AA:5A:75:18:DC:8D:61"}}},"request":{"raw":"GET /adgpt.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 865\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 06:18:27 GMT\r\nvary: Accept-Encoding\r\netag: \"694a3433-361\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 1174139\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\ncf-ray: 9b95b8caea6b569b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1849,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1849), with no line terminators","md5":"8fc3ac4b260ddcb1b6c684743a2b154f","sha1":"ca0d7b66644944e5270be95b6ca7e8dd6b875bc7","sha256":"647c68c23c5d03cb19a403f4db195ea033d9db787f2fc9720749d21dd0e676f2","sha512":"9d75da9ecdd924b86911e978b8af234ef2a399787688b2221ccca52c2b7ee0ae289d4f16fd318a2935cfbdf11471129a229e9020ccf4558f697a79801a00c2e0","ssdeep":"","tlshash":"703101ee31a1edb1078b6048203f040af5acb4a0a3ade9d6dba5c9647d781444062ffe","first_seen":"2025-12-23T09:40:45.346184Z","last_seen":"2026-01-30T11:59:22.192754Z","times_seen":491,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/solid.gif?z=2089259\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=UVU3j67aHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=A7MhTe6aHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1241744283310080\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=906\u0026rlp=%5B0%2C1%2C85%2C54%2C4657%2C1384%2C99%2C1384%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"POST /solid.gif?z=2089259\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=oGXQts\u0026pcs=1\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026psr=UVU3j67aHR0cHM6Ly90d2lucGx5LnNob3Av\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=A7MhTe6aHR0cHM6Ly92aWRvZXMubGl2ZS9lL1Jyd3loOGN6Mz9sdjE9dHdpbnBseS5zaG9w\u0026afid=1241744283310080\u0026eclog=0\u0026seu=VeRCjSFaHR0cHM6Ly90d2lucGx5LnNob3Av\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=906\u0026rlp=%5B0%2C1%2C85%2C54%2C4657%2C1384%2C99%2C1384%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-route-id: stats.tag.loaded\r\nset-cookie: CHCK=1; Path=/; Expires=Mon, 08 Feb 2027 20:28:24 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Mon, 08 Feb 2027 20:28:24 GMT; Secure; SameSite=None\nUID=2601051528888ea069e29440968e7f2618a1; Path=/; Expires=Mon, 08 Feb 2027 20:28:24 GMT; Secure; SameSite=None\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"28e463819a210071de3b45ebe7633613","sha1":"6dccd571828ec0912629119cf7eabfea9f33ddbc","sha256":"44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84","sha512":"8a82ac5a7883cd9b74bdb561cf825ce86474e259ad8c445e538d697b0003e3f2b1d6edcd3dc6512f4ad16e9074da204a79938257c457ecf68f4329eac0182e67","ssdeep":"","tlshash":"04900003e280e082c3a0c0300e0ccb802b88a2308a28030fb0fc2baefc3a3a20c23000","first_seen":"2023-04-05T09:26:54Z","last_seen":"2026-04-04T07:45:46.54418Z","times_seen":20432,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"twinply.shop/vid/Rrwyh8cz3","fqdn":"twinply.shop","domain":"twinply.shop","tld":"shop"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T20:28:23.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"twinply.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:46 GMT","end":"Sun, 29 Mar 2026 13:30:13 GMT"},"fingerprint":{"sha1":"6D:D9:F7:60:B5:DD:1B:FC:77:93:BA:05:C7:5A:F3:C3:64:B1:55:8E","sha256":"F3:35:AA:4F:72:01:0A:02:B6:32:42:7E:7F:12:6D:45:9B:66:87:A8:1C:DE:35:BA:66:2A:96:B9:CD:44:F8:2C"}}},"request":{"raw":"GET /vid/Rrwyh8cz3 HTTP/1.1\r\nHost: twinply.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, User-Agent\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\ncontent-security-policy: default-src 'self';img-src 'self' data: blob: *;media-src 'self' *;script-src 'self' 'unsafe-inline' 'unsafe-eval' *;style-src 'self' 'unsafe-inline' *;frame-src 'self' https://vidoes.live https://www.vidoes.live;frame-ancestors *;base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests\r\naccess-control-allow-credentials: true\r\ncache-control: private, no-store\r\nx-robots-tag: index, follow\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eoBmuVZeApEJD%2By8TFU87jcKXZGx6Ceopm2BHjPZLbNFfrVdfQt99ix5JtHTWnQ3%2BLw8TcDCKlPSjiZnnp50cB21BoDgPHfByd8%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b95b8c5689956a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4246,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"b60b24c8b5b22a3bc3b951eb40b8e5e7","sha1":"c97c43b99e523ad9ce8dc5b617fcd9cc8864911c","sha256":"1fdc1fd1e61d1390a7ff2f5d031f2fa3cb301e23666285a28fd786f60806ba61","sha512":"aa64f5c59134b1846246ae75c0ab686c3845fed8bc10f694d198fc4f2e6469b335e079486a196ac13a9736288f233fd397978ff206f95197c260734a643719e0","ssdeep":"96:YZawpQJg/u1gs7c4QujZqV8gcZpFan2VNmkz7eqO6tel:YZkms7cCj8V8gcZpgn2VNmKnXel","tlshash":"7b91957742411485d202c2b23ee6f908d676d60bd38deca8768e27598f81ba4c5b33e5","first_seen":"2026-01-05T20:28:58.440489Z","last_seen":"2026-01-05T20:28:58.440489Z","times_seen":1,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":49,"dns":25,"connect":1,"send":0,"wait":114,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"twinply.shop/favicon.ico","fqdn":"twinply.shop","domain":"twinply.shop","tld":"shop"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://twinply.shop/vid/Rrwyh8cz3","date":"2026-01-05T20:28:23.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"twinply.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 12:32:46 GMT","end":"Sun, 29 Mar 2026 13:30:13 GMT"},"fingerprint":{"sha1":"6D:D9:F7:60:B5:DD:1B:FC:77:93:BA:05:C7:5A:F3:C3:64:B1:55:8E","sha256":"F3:35:AA:4F:72:01:0A:02:B6:32:42:7E:7F:12:6D:45:9B:66:87:A8:1C:DE:35:BA:66:2A:96:B9:CD:44:F8:2C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: twinply.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://twinply.shop/vid/Rrwyh8cz3\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:28:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\netag: W/\"d-W2UDc1HK6w5aSNlj1/+ojQJx1UY\"\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m5AEa%2FOHmt5bM%2BQ0kOmCMR58iRgLQCrhW0C8aYbnF5uYihz1bbNtex7c0UzG6BmXaMNQFFkxbmAF2c0U7lOGOFUqeo0kINRRo%2Bw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b95b8c7ef2256a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"1e6cd917ed71a1241e4bedc29264bd98","sha1":"5b65037351caeb0e5a48d963d7ffa88d0271d546","sha256":"7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402","sha512":"90e7e9f406dbb9a55b45643d6b4afce103cd565b33e40397b8422e3347ad3778220f8d1ae7befe66db61ce796d3e22d24cbef5fd3ecbbcb5f89a852d19f47e99","ssdeep":"","tlshash":"eb60000c0003c3cc0000003033c00003c000030c303300330000c000000c03c00c00cc","first_seen":"2023-03-08T15:13:39Z","last_seen":"2026-04-04T05:57:37.92689Z","times_seen":12888,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/505951?i=1\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026referrer=twinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 03 Jan 2026 23:28:40 GMT","end":"Fri, 03 Apr 2026 23:28:39 GMT"},"fingerprint":{"sha1":"85:74:F2:79:0B:02:78:8E:1F:E8:80:75:73:6B:99:06:70:82:4A:1C","sha256":"29:2D:AF:FF:BB:42:24:C4:F8:F2:B4:C4:71:6B:6A:74:80:7D:0F:7C:8C:1D:6F:83:C8:8E:21:72:19:F1:5E:48"}}},"request":{"raw":"GET /api/spots/505951?i=1\u0026url=https%3A%2F%2Fvidoes.live%2Fe%2FRrwyh8cz3%3Flv1%3Dtwinply.shop\u0026referrer=twinply.shop\u0026sid=fad1353a-359f-4fd9-94bb-5cc3915f496b HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: nauid=4oVLlHDFMXHdCzEGV5EA; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2582,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2070)","md5":"b2fddd77817bd31918a17d12a5982968","sha1":"340b1b527b737c7d847fe5e78c08c84cd1a0391a","sha256":"42d60e6d85d0649457d94b9e8d8604dfc8e8c58f200c0078274eb09f1181dcb4","sha512":"e71d73e84c7b223449f552b480c842dd6b1fbc7b5901bc69eaf25cf136cfd339a22bedfcb141f897ad4e6c6c0b14bb8b043a92d9e6935fb7b6e0f0cfa6c638fb","ssdeep":"","tlshash":"62515684d5ac2216b51b10a0dd79cfdf655da140a2158065efb726aac3cd64c06722ca","first_seen":"2026-01-05T20:28:58.448075Z","last_seen":"2026-01-05T20:28:58.448075Z","times_seen":1,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":68,"dns":30,"connect":16,"send":0,"wait":23,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tan-mouse.com/cDD/9S6kb.2t5ElBSdWJQO9wNsjSY/5/OiDxIT2QNgi/0Z2_N/jgk/4AMrjHY/3j","fqdn":"tan-mouse.com","domain":"tan-mouse.com","tld":"com"},"ip":{"addr":"88.85.69.212","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:24.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tan-mouse.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 29 Nov 2025 23:04:46 GMT","end":"Fri, 27 Feb 2026 23:04:45 GMT"},"fingerprint":{"sha1":"B4:BF:BF:80:87:FC:A6:84:6B:E3:CB:FA:ED:A9:97:B5:AB:89:3F:E2","sha256":"65:67:24:21:A5:48:FA:4D:CE:7F:D9:73:C8:6D:FC:85:CC:DB:8A:6E:18:6C:87:C3:41:C8:BA:D3:63:C3:80:42"}}},"request":{"raw":"GET /cDD/9S6kb.2t5ElBSdWJQO9wNsjSY/5/OiDxIT2QNgi/0Z2_N/jgk/4AMrjHY/3j HTTP/1.1\r\nHost: tan-mouse.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 20:28:24 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-credentials: true\r\nlast-modified: Mon, 05 Jan 2026 20:28:24 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nset-cookie: uniqCookie=02a52c73df9a29845f5ad7a83a138388; max-age=1770236904; path=/\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38019,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22811)","md5":"1de0f86da4873ffed25c2a78be79851b","sha1":"c1879ec390708f2f7b6e0069d2d26b51d008962f","sha256":"3ee319d33b52fc10af31ffc56ce280ceb67c447407caabac6e7a11acdd3c5758","sha512":"6a6077bff46a1054edc0cdf02e39d99e04abd1c8a687c68b43da3bdc5c3fecaca9dc45117a016403fb2f404e5c65287979f944e93712a7b59fabd11cc8604625","ssdeep":"768:bZhdZg7J05MLfTF9dFaQNp8JY29c6SboEBkleZ2YoOcLhr7PTgLgooDMiG82IGjD:bZ1g7JFLqQNp8Jr9c6SboEBkleZ2qcLM","tlshash":"a003a6c871c3642642ea507d713f7208b23a54655429b028bc7dc8e4bcb9e9f8577bbd","first_seen":"2026-01-05T20:28:58.450729Z","last_seen":"2026-01-05T20:28:58.450729Z","times_seen":1,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":77,"dns":20,"connect":17,"send":0,"wait":62,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"tan-mouse.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stream.alflix.cv/videos/2026/01/1000010433.mp4","fqdn":"stream.alflix.cv","domain":"alflix.cv","tld":"cv"},"ip":{"addr":"104.21.14.211","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4500e9fa.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Nov 2025 15:42:43 GMT","end":"Thu, 19 Feb 2026 16:42:33 GMT"},"fingerprint":{"sha1":"13:F4:5F:F4:9B:25:76:0B:1D:1C:0F:CC:BE:51:D5:9E:49:17:37:8E","sha256":"D1:CE:98:F2:D9:A4:53:C4:70:A9:83:12:1D:E0:95:42:E4:40:1D:75:8D:C2:E8:4E:6B:3D:F6:B7:B4:05:05:17"}}},"request":{"raw":"GET /videos/2026/01/1000010433.mp4 HTTP/1.1\r\nHost: stream.alflix.cv\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 46316259\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FicZHu8v4ss%2F1zopJd8jihfAyy0j9BNYBg7NUCDYXUj%2Bekt7yOe%2FYS6KZPwbPqr7sk5ohIG38J0TXjMOQfBu0C3S0j%2F0c7t6velEITS%2B7VE%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\netag: \"796ea52ada3899e0825cfbddc728aa08-5\"\r\nlast-modified: Sat, 03 Jan 2026 13:40:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-range: bytes 0-46316258/46316259\r\ncache-control: max-age=14400\r\ncf-ray: 9b95b8d1eb4d1a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1572864,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"8c80ec1f4ced530696c4cebc2f3f1c38","sha1":"bbcc09a8ec12da4d7c719ef8b8f935f898f6cc7b","sha256":"3181b3fb89dc2e3cb5892db1226f52fbcc886d71e012ab01b5602d5bb077b692","sha512":"7fbc817612315ac537d548646bacc94c579d10bd51d39a0c416ca80f6f008f73d2facbd316017086ce113fc87643ce9d1f86c499e2c8a18de2c3bbff8e2a83c0","ssdeep":"24576:83rDdQeuvl3O9VPmn+2eUpKseVsR+KJCEIxGfscOQy:83WeuvlCZmA6w6PJCDGfLOj","tlshash":"5825237e41c8ac42b7c8dfacdce6898c5bc069f9d556e72f5c102318227787d81a7a4b","first_seen":"2026-01-05T20:28:58.453348Z","last_seen":"2026-01-05T20:28:58.453348Z","times_seen":1,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":39,"dns":20,"connect":1,"send":0,"wait":276,"receive":92,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"stream.alflix.cv","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5824b3f38.76e3d5200b.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MzA4MDEwMTQxNzkxMzkwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuNDAuMiIsInRhZ19pZCI6Mzg2NDYxLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==","fqdn":"e5824b3f38.76e3d5200b.com","domain":"76e3d5200b.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://vidoes.live/e/Rrwyh8cz3?lv1=twinply.shop","date":"2026-01-05T20:28:25.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5824b3f38.76e3d5200b.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 02:47:51 GMT","end":"Thu, 02 Apr 2026 02:47:50 GMT"},"fingerprint":{"sha1":"EA:99:93:B5:90:DA:09:9C:C8:72:4C:17:F7:D5:45:07:F0:46:15:0C","sha256":"47:0F:EE:42:2D:E1:5C:23:8D:A5:9D:B8:33:94:F3:9E:28:9A:62:EE:27:D2:92:3E:CE:09:84:CA:92:C5:ED:1A"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MzA4MDEwMTQxNzkxMzkwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuNDAuMiIsInRhZ19pZCI6Mzg2NDYxLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1\r\nHost: e5824b3f38.76e3d5200b.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://vidoes.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vidoes.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:28:25 GMT\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nx-cdn-host-id: AH1747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T07:46:07.547347Z","times_seen":13322606,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":121,"dns":78,"connect":21,"send":0,"wait":50,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}